Modern cryptography

- March 01, 2021

Nowadays we are living in an era where we can’t trust the confidentiality, integrity, authentication, and non-repudiation of data when considering the history, where there is not much need of having security measurement for the data. And the risk of data security is higher than in the World War period. In the 1990s when the internet came for commercial purposes and the start of commercial transactions over the internet there was a need of having encryption and decryption methods for the sake of the safety of these transactions. So there were a lot of algorithms are developed by different people for encryption and decryption. But nowadays people heavily use the internet, therefore the need for encryption and decryption has a very high priority. So, we have to find more securable data communication methods. This is the modern cryptographic challenge we have to achieve.

Modern cryptography and its challenges

If there are no more random numbers gets as the key of a one-time pad, the security is diminished and therefore no more unbreakable. Various endeavors have been made to make apparently random numbers from an assigned key. These number generators are called Pseudo-Random Number Generators (PRNGs) as they can't give a totally random number stream. Even though the security of a PRNG is not 100% unbreakable, it can give adequate security when executed effectively. PRNGs that have been assigned secure for cryptographic use are called Cryptographically Secure Pseudo-Random Number Generators (CSPRNGs). CSPRNGs have characteristics that differ PRNGs. CSPRNGs must pass the "next-bit- test" in that given the first k bits, there is no polynomial-time the algorithm that can anticipate the (k+1)^th bit with the likelihood of accomplishment higher than half (Knuth 1981). CSPRNGs should likewise withstand "state compromises". In the occasion that part or the entirety of its state is uncovered, it should be difficult to recreate the surge of arbitrary numbers before the disclosure.

So far in the conversation, each technique for encryption requires a special secret key to be already and safely settled. This is the idea of symmetric key encryption. The asymmetric key, some of the time called private-key, encryption cipher is an algorithm where the key for encryption is inconsequentially identified with the key utilized for decryption. The similarity to this is a type of mechanical lock. The same key that draws in the lock can separate it. Because of having a shorter key length, symmetric key encryption and decryption complete very quickly. To ensure anything significant behind the lock, the key must be given to every member safely. If someone unintentionally gets a chance to access the key, the person will have full access to what is being made sure about by the lock. So, there should be a strong key and we should protect and share it safely by not allowing any other person to get it. Because anyone who has a private key can read encrypted messages. The problem with this method is we not only should protect the message but also we should protect the private key. And before the commencement of communication both the sender and receiver should select a key, this is a problem when it comes to when the sender and receiver don't get an opportunity to select a key. There are several algorithm methods related to symmetric key cipher, one is “Block cipher” and the other one is “Steam cipher”. A stream cipher is a random number combines with the original plain text. We can consider “one-time pad”, “Linear Feedback Shift Register” (LFSR), “Linear Congruential” “A5”, “DES” and “RC4” as stream cipher methods. RC4 is most commonly used in Secure Socket Layer (SSL) and Wired Equivalent Privacy (WEP). And Block cipher is another symmetric key technique that combines plaintext with a fixed-length group of bits. This technique gets the same amount of bits when encrypting plaintext and it outputs the same amount of bits as a ciphertext. We can consider “Blowfish”, “Twofish”, “DES”, “RSA” and AES as popular block cipher methods. "AES" is the latest method and "DES" is a little bit older, which is heavily used a few years before. U.S government and is National Security Agency (NSA) uses AES as an encryption method for their secret information. Most of the encryption methods which are used nowadays, exploit both stream cipher and block cipher.

The need for asymmetric key encryption came out because symmetric always suits for communication where there are predefined keys for encryption and decryption. But in real life, this method doesn't suit communication when the sender and receiver have to do their communication without a predefined key. So people try to find out a method with two different keys for encryption and decryption. When we compare it with a lock, it is a lock with two keys one for engaging and another one for disengaging. But when we consider asymmetric key’s speed and symmetric key's speed, the symmetric key is faster than asymmetric key. Because of having more security implementation than the symmetric key, asymmetric key works very slowly. There are two keys used for asymmetric encryption, one is the private key and the other one is the public key. This private key is only known by the sender, but the public key is known by both sender and receiver. There are two ways of handling keys, if we use the private key for encryption, we can use its matching public key for decryption, and if we use the public key for encryption, its matching private key can use for decryption. Examples of asymmetric algorithms are “RSA”, “EIGamal”, “elliptic curves” and DH.

The Diffie-Hellman Key Exchange is a protocol that permits two parties to have a secret key with no earlier information on one another, which commonly is utilized in the asymmetric key figures. The Diffie-Hellman Key Exchange was first distributed by Whitfield Diffie and Martin Hellman in 1976. The GCHQ, the British signal intelligence, declared that this plan had been designed by Malcolm Williamson years before Diffie and Hellman's distribution, but was kept as a secret. The Diffie-Hellman Key Exchange depends on exponential capacities figuring a lot quicker than discrete algorithms. At the point when utilized appropriately, the Diffie-Hellman Key Exchange convention gives the equivalent key to the two parties without really transmitting it. The quality of this calculation relies upon the time it takes to figure a discrete logarithm of the public keys transmitted (Diffie, Hellman 1976).

Because of the failures that happened in Diffie-Hellman key exchange Ron Rivest, Adi Shamir, Leonard Adleman developed a key exchange method that is similar to The Diffie-Hellman method but had more security features with embedded message transition. It was named by using the surnames of the inventors. From two large prime numbers, this protocol is built, these numbers are exploited to build a public key and a private key. After the generation of the keys, they can use them more than one time. Normally one key is reserved for the public key and the other one is reserved for the private key. Anyone can encrypt a message by using the public key and send it to the other one. But only the creator of the keys, in other words, the private key owner can decrypt this message. RSA encryption method is the most commonly used asymmetric key encryption in transactions over the internet.

Hashing is a very popular cryptographic method used for encryption that quickly encrypts messages using algorithms. And it is a method that can check whether any modification happens in between the communication, so it secures the integrity of the message. It assigns a hash value for the message when the commencement of the message, and we can check this hash value is equal or not when we receive it. If it is equal, the message didn’t face any modification, otherwise, it is modified by someone before we receive it. Hashing is not exactly the same as encrypting, it is a one-way operation that is used to convert the message into a compressed digest. Nowadays this method is used to store user passwords.

Steganography is a type of cryptography that inserts information into different mediums in an unnoticeable manner, rather than utilizing encryption. Mediums utilized for steganography are commonly human distinguishable Articles, for example, picture, sound, and video records. Other stenographic mediums can incorporate website pages, communication protocols, data streams, and some more. An exceptionally straightforward usage of Steganography could be undetectable ink composed between obvious lines of content in a document. Huge scope steganography, performed with PCs, is normally founded on human undeterminable numbers. For instance, the average sound WAV document speaks to one sound example with a 16-piece number running from 0 to 65535. A person could separate the secret message into its bits and install them one at a period into every soundtrack, accordingly just changing the adequacy of the example by 1. This implies if a genuine sound example was spoken to by 12345 it could just change by one. The human ear is very a long way from hearing this change. The secret message is placed into the sound record without perceptible change and without modifying the record's size. Anyone would not have the option to tell that an inserted message even exists. This is the place the expression "security through obscurity" originates from. An encrypted message is effectively observed as encrypted and a cryptographer can start chipping away at decrypting it. In the examination, a message installed into an image, sound, or video document can pass directly by without being taken note of.

Many people guarantee that the fearful assault of September 11 2001 which is known as the 11/11 attack, among many, was arranged utilizing stenographic cryptography and the web. Before the assault, USA Today stated: "Recently, al-Qaeda agents have been sending several scrambled messages that have been covered up in documents on advanced photos on the sale site eBay.com" (USA Today Feb. 5, 2001). If it is true, it appears it would be a compelling method to hide secret messages without further developed nations finding their work. Al-Qaeda would realize that the U.S. could easily break any encryption they utilized, so the elective technique for steganography was a smart decision.

credits of all these photos go to their original owners.