D
DevynCJohnson
Guest
Cryptography is an important topic in computing and network security. Cryptography is the study of secure communication. Cryptography covers many topics such as data integrity, authentication, privacy, encryption, decryption, steganography, etc. Many people may think that cryptography is a difficult subject. However, this is an important topic many computer users should learn. Also, this is actually an easy topic to understand.
Cryptoanalysis
Cryptoanalysis is the process of finding flaws (or weaknesses) in cryptographical algorithms and processes. This topic also includes investigating how cryptographic algorithms work.
A Side-channel Attack is a specific method of analyzing how an algorithm operates. Side-channel attacks study the power consumption and other physical properties to determine/discover how a cryptographic algorithm works. By examining the power consumption, CPU usage, memory size, etc. researchers can gain knowledge on a cryptographic scheme's inner workings and operations.
Encryption/Decryption
Encryption is the process of encoding or securing data while decryption is the opposite process that makes encrypted data readable. Encrypted data is referred to as "ciphertext" while regular data is called "plaintext".
Cryptographic Key
A cryptographic key is a set of data that is used to encrypt or decrypt data. There are many kinds of keys, but the two main ones are Symmetric-keys and Public-keys (asymmetric cryptography).
Symmetric-keys cryptography uses the same key to encrypt and decrypt data. The sender and receiver each have the same key. Once someone has the key, they can decrypt the data.
Public-key cryptography (asymmetric cryptography) requires two different keys that are each inverses of each other. The private key is used by the person encrypting the data (such as GPG or PGP) and the public key is used to decrypt the data. This method is commonly used for signing and authentication.
GnuPG (GPG) - https://www.gnupg.org/
Network Security
HTTPS is a commonly used secure network protocol. Specifically, this is HTTP placed on top of SSL or TLS. HTTPS offers privacy, authentication, and integrity of the transferred data. This is useful for online shopping and any type of important business (like banking). The Darknet uses HTTPS quite often while the Surface Internet primarily uses HTTP.
Both Secure Sockets Layer (SSL) and Transport Layer Security (TLS) have many features in common. For instance, they both use X.509 certificates, asymmetric cryptography, negotiable symmetric keys, begin on the OSI layer 5 (session layer), and operate on OSI layer 6 (the presentation layer).
Wired Equivalent Privacy (WEP) is a wireless network security standard incorrectly called "Wireless Encryption Protocol". This is a security feature for IEEE 802.11 wireless networks (WiFi). WEP uses 10-26 hexadecimal digits as a key. WEP has been superseded by Wi-Fi Protected Access (WPA), although many people still use WEP. WEP-40 (commonly called 64-bit WEP) uses a 40-bit key while WEP-104 (128-bit WEP) uses a 104-bit key. WEP-40 keys are strings of ten hexadecimal digits. WEP-104 uses 26 hexadecimal digits. WEP has many security flaws. Therefore, people should use WPA.
NOTE: Many Internet providers offering WiFi use their client's phone number as the WEP-40 key (such as 8001234567).
Wi-Fi Protected Access (WPA or IEEE 802.11i) and Wi-Fi Protected Access II (WPA2 or IEEE 802.11i-2004) are the predecessors to WEP. WPA and WPA2 offer better security than WEP. WPA2 is more secure than WPA. Many home and office WiFi networks use Pre-shared Key mode (PSK or WPA-Personal) which uses a 256-bit key. This key may be 64 hexadecimal digits or 8-63 printable ASCII characters. Weak ASCII passphrases are vulnerable to password cracking and brute force attacks. Two alternatives to WPA-Personal include WPA-Enterprise and WiFi Protected Setup.
Checksums and Hashes
Hash functions are cryptographic algorithms that take data and generate a digest. A digest is the hash value or the data generated from a hash function. For instance, the Whirlpool algorithm gets large blocks of data and then generates a 512-bit digest. Hash functions are commonly used for data authentication.
Checksums are similar to hash functions, but the generated digests are smaller. Also, checksums are usually used to verify data integrity.
Cryptography and American Law
Keep in mind that in the United States, citizens may be required to decrypt their files for law-enforcement officials and despotic government officials. For instance, on January 23, 2012, in Colorado, Ramona Fricosu was forced by law-enforcement and Colorado U.S. District Judge Robert Blackburn to decrypt her laptop's hard-drive despite the Fifth Amendment (http://www.wired.com/2012/01/judge-orders-laptop-decryption/). Hopefully, the ruling of the United States Court of Appeals for the Eleventh Circuit declared on February 24, 2012 concerning "United States v. Doe" will continually be up-held to ensure the Fifth Amendment is followed. However, if law-enforcement violates an individual's free-rights, the individual may simply forget his/her encryption key or password due to the stress of losing one's freedom and rights. Then, the law-enforcement will have lost their chance to violate one's freedom and rights.
In 1995, a student at the University of California named Daniel J. Bernstein wrote a paper on his own cryptographic algorithm. He wanted to publish the paper and his own source code. However, the United States government tried to restrict his freedom of speech. Thankfully, Daniel Bernstein was granted his right to exercise the First Amendment (Bernstein v. United States).
If you would like to see more content from me and be notified of released articles, follow me on Google+ ( https://plus.google.com/ DevynJohnson/ ) or Twitter ( https://twitter.com/DevynCJohnson ). Also, follow Linux.org's Google+ account ( https://plus.google.com/u/0/111301317258533720785 ).
Further Reading
Cryptoanalysis
Cryptoanalysis is the process of finding flaws (or weaknesses) in cryptographical algorithms and processes. This topic also includes investigating how cryptographic algorithms work.
A Side-channel Attack is a specific method of analyzing how an algorithm operates. Side-channel attacks study the power consumption and other physical properties to determine/discover how a cryptographic algorithm works. By examining the power consumption, CPU usage, memory size, etc. researchers can gain knowledge on a cryptographic scheme's inner workings and operations.
Encryption/Decryption
Encryption is the process of encoding or securing data while decryption is the opposite process that makes encrypted data readable. Encrypted data is referred to as "ciphertext" while regular data is called "plaintext".
Cryptographic Key
A cryptographic key is a set of data that is used to encrypt or decrypt data. There are many kinds of keys, but the two main ones are Symmetric-keys and Public-keys (asymmetric cryptography).
Symmetric-keys cryptography uses the same key to encrypt and decrypt data. The sender and receiver each have the same key. Once someone has the key, they can decrypt the data.
Public-key cryptography (asymmetric cryptography) requires two different keys that are each inverses of each other. The private key is used by the person encrypting the data (such as GPG or PGP) and the public key is used to decrypt the data. This method is commonly used for signing and authentication.
GnuPG (GPG) - https://www.gnupg.org/
Network Security
HTTPS is a commonly used secure network protocol. Specifically, this is HTTP placed on top of SSL or TLS. HTTPS offers privacy, authentication, and integrity of the transferred data. This is useful for online shopping and any type of important business (like banking). The Darknet uses HTTPS quite often while the Surface Internet primarily uses HTTP.
Both Secure Sockets Layer (SSL) and Transport Layer Security (TLS) have many features in common. For instance, they both use X.509 certificates, asymmetric cryptography, negotiable symmetric keys, begin on the OSI layer 5 (session layer), and operate on OSI layer 6 (the presentation layer).
Wired Equivalent Privacy (WEP) is a wireless network security standard incorrectly called "Wireless Encryption Protocol". This is a security feature for IEEE 802.11 wireless networks (WiFi). WEP uses 10-26 hexadecimal digits as a key. WEP has been superseded by Wi-Fi Protected Access (WPA), although many people still use WEP. WEP-40 (commonly called 64-bit WEP) uses a 40-bit key while WEP-104 (128-bit WEP) uses a 104-bit key. WEP-40 keys are strings of ten hexadecimal digits. WEP-104 uses 26 hexadecimal digits. WEP has many security flaws. Therefore, people should use WPA.
NOTE: Many Internet providers offering WiFi use their client's phone number as the WEP-40 key (such as 8001234567).
Wi-Fi Protected Access (WPA or IEEE 802.11i) and Wi-Fi Protected Access II (WPA2 or IEEE 802.11i-2004) are the predecessors to WEP. WPA and WPA2 offer better security than WEP. WPA2 is more secure than WPA. Many home and office WiFi networks use Pre-shared Key mode (PSK or WPA-Personal) which uses a 256-bit key. This key may be 64 hexadecimal digits or 8-63 printable ASCII characters. Weak ASCII passphrases are vulnerable to password cracking and brute force attacks. Two alternatives to WPA-Personal include WPA-Enterprise and WiFi Protected Setup.
Checksums and Hashes
Hash functions are cryptographic algorithms that take data and generate a digest. A digest is the hash value or the data generated from a hash function. For instance, the Whirlpool algorithm gets large blocks of data and then generates a 512-bit digest. Hash functions are commonly used for data authentication.
Checksums are similar to hash functions, but the generated digests are smaller. Also, checksums are usually used to verify data integrity.
Cryptography and American Law
Keep in mind that in the United States, citizens may be required to decrypt their files for law-enforcement officials and despotic government officials. For instance, on January 23, 2012, in Colorado, Ramona Fricosu was forced by law-enforcement and Colorado U.S. District Judge Robert Blackburn to decrypt her laptop's hard-drive despite the Fifth Amendment (http://www.wired.com/2012/01/judge-orders-laptop-decryption/). Hopefully, the ruling of the United States Court of Appeals for the Eleventh Circuit declared on February 24, 2012 concerning "United States v. Doe" will continually be up-held to ensure the Fifth Amendment is followed. However, if law-enforcement violates an individual's free-rights, the individual may simply forget his/her encryption key or password due to the stress of losing one's freedom and rights. Then, the law-enforcement will have lost their chance to violate one's freedom and rights.
In 1995, a student at the University of California named Daniel J. Bernstein wrote a paper on his own cryptographic algorithm. He wanted to publish the paper and his own source code. However, the United States government tried to restrict his freedom of speech. Thankfully, Daniel Bernstein was granted his right to exercise the First Amendment (Bernstein v. United States).
If you would like to see more content from me and be notified of released articles, follow me on Google+ ( https://plus.google.com/ DevynJohnson/ ) or Twitter ( https://twitter.com/DevynCJohnson ). Also, follow Linux.org's Google+ account ( https://plus.google.com/u/0/111301317258533720785 ).
Further Reading
- Linux Reading Guide (Cryptography) - http://www.linux.org/threads/cryptography-reading-guide.6231/
- Linux Reading Guide (Security) - http://www.linux.org/threads/security-reading-guide.6356/
- Hacktivismo - http://www.hacktivismo.com/projects/index.php
- IEEE Standard 802.11i-2004 - http://standards.ieee.org/getieee802/download/802.11i-2004.pdf
Attachments
Last edited:
