Overview Of Cryptography And Encryption

Published Date: 02 Nov 2017

Digital Signature can be described as a term in two ways: a) general term of digital signature and b) term of advanced digital signature.

The term digital signature refers to electronic dataset which is related to and linked with other datasets and databases that certify its identity.

Advanced digital signature is the result of the PKI procedures (Public Key Infrastructure). This signature has the same valuation with the handwritten signature.

Overview of Cryptography and Encryption

Encryption is a very basic section of Internet security since the transmission of confidential data over the Internet has become commonplace today and should be found of protecting the inviolability of private and professional users' privacy on the Internet. The term Cryptography means converting an original text in a format that is not understood by someone else. This conversion is done by the sender using mathematical functions. Encryption is a science that relies on mathematics to encode and decode data moving through the Internet. With the proper use of encryption methods, sensitive personal user data is only accessible by those who have the proper authorization.

The main problems related to the confidentiality of information handled within the Internet are the following:

Ensuring that the sender is the one he claims to be, which is known by the term authentication.

Ensuring that the message or text is the right and that has not been modified by a third party on its way from the sender to the receiver, which is known by the term integrity.

Ensuring that a message addressed only to us can be read only by us, which is known by the term confidentiality.

Ensuring that the parties involved in an electronic communication will not be able to refuse subsequent participation in it is known by the term non-repudiation.

Methods of encryption

There are two basic methods of encryption, symmetric and asymmetric encryption. In symmetric encryption, the same key is used for both encryption and decryption of a message. This common key must be known only to the two communicating parties and therefore the transmission from one place to another should be made with absolute safety, something which is not always feasible, and thus makes the method of symmetric encryption non completely effective.

Among the most known methods symmetric encryption algorithm is DES (Data Encryption Standard), which is used by the U.S. government and the system of the famous University of Kerberos MIT. In asymmetric encryption or public key encryption there are used different keys to encrypt and decrypt a message. These are the public key and the private key, which have the following very important characteristics:

A message that has been encrypted with the public key can only be decrypted with the corresponding private key and vice versa.

If we know the one key cannot create another key.

The initial idea to encrypt using public and private keys delivered in 1976, and cryptosystem RSA implemented in 1977, which was the first implementation of a cryptography system that was based on public key. The public key is not secret and cannot acquire anyone cares, and the private key is used only by the owner and must not be known to anyone else.

Each user has a pair of keys, public and private, and when sending a message encrypted with the private key, this message can be decoded by anyone who knows the public key, we have that certification of the sender and integrity of the message. To access the private key it is necessary to use a passphrase (pass-phrase), which is something similar, familiar code or password, but much safer.

Furthermore, when a user sends a message encrypted with the public key of the recipient, this message can be decoded only with the corresponding private key of the recipient, so only the recipient will be able to read and no one else in this case we have confidentiality the message. The asymmetric encryption can provide much greater security in communications comparing with the symmetrical encryption, but has the disadvantage that the algorithm is much slower and requires too many calculations.

Symmetric Cryptography

A solution to the problems referred above, is the encryption (encoding) of the message you want to send. On the other hand, the receiver of the message has to know the algorithm or key or the encryption key in order to be able to decode and read the message. In usual cryptography, the sender and the receiver of the message use the same (public) key. The sender encrypts the message based on this key and the receiver decrypts it using the same key.

If the two communicating parties are located in different places, then there must somehow be exchanged the public key it should be used. This poses the risk of stolen the key from a third party that monitors the communication lines or leak from one of the two parties. In this type of cryptography, called symmetric encryption, you need all the keys used to remain hidden, something that is extremely difficult to open networks with multiple users, such as the Internet.

Public key encryption

In this section, it will be described what is asymmetric encryption. A digital signature comprises a combination of two keys. More specifically, a public key, which can be acquired by anyone, and a private key, which is strictly personal and should not be shared with anyone else.

These keys always work in pairs and one key can decrypt what has been encrypted with another key and vice versa, and also it is practically impossible to create one key when we know the other key pair. One key is used to create the signature and the other for its verification.

For example, a message or a file that is encrypted with the public key of the owner, it can only be decrypted with the corresponding private key of the same person, which means that only the owner of a public key can read the messages that have been encrypted with this key and only he knows the corresponding private key. This procedure ensures that the message or file cannot be monitored or be compromised by a third party who does not possess the corresponding private key of the public key which was encrypted message or file. In this case we say that the message is encrypted.

Conversely, a message or a file that is encrypted with a private key can be decrypted only with the corresponding public key of the same owner, which means that anyone could decrypt and read it. This procedure ensures that the message or file actually comes from the correct sender. The asymmetric encryption can be used for the simultaneous authentication of the sender and to encrypt the message.

Another advantage of asymmetric encryption is that messages sent cannot be altered during transmission, and any alteration renders them incapable to decipher, which will be immediately noticed by the recipient.

The pair of two keys (public and private) is called advanced electronic signature or digital signature and if established under some specific conditions, serving as handwritten signature in both the substantive and procedural law.

Smart Card

In fact, smart card is a card made of plastic with a built-in microprocessor. Although it seems to be the similar with a credit card it’s not (credit card has magnetic strip instead). The biggest advantage of smart cards is that they don’t contain user’s personal data, so at this phase there’s no danger of counterfeiting, losing or stealing data.

The microprocessor contacts with the computer system in order to allow access to the data that is stored in the memory of the card. The smart card is supplied electrically by the smart card reader that communicates with the database in order to give access to the user after the certification of his identity.

A smart card’s memory usually consists of:

Up to 8 kilobytes of RAM

Up to 346 kilobytes of ROM

Up to 256 kilobytes of PROM (Programmable ROM)

Usability of Smart Cards

The safety and portability of smart cards provide a reliable and effective way of electronic transactions and also a development platform for a wide range of applications. So, smart cards are currently used for:

authentication and access control on the web,

storing medical history,

transferring money, "electronic wallet"

control access to places

improve the security of wireless telephony

student activities such as library, bar, declaration courses

activities of employees of a business

JAVA Card

Java Card is language for programming smart cards. Applications that are written in Java Card are suitable for implementation on smart cards and other devices with limited memory and power. The Java Card consists of three main components, the Virtual Machine Java Card (Java Card Virtual Machine-JCVM), the Execution Environment Java Card (Java Card Run-time Environment-JCRE) and Java Card Applications Programming Interface (Java Card API). Applications written in the Java Card language called Java Card Applets and can run on any smart card that supports Java Card.

The Java Card technology is compatible with existing smart card technology. It is designed according to the standard ISO 7816 to support the memory architecture, communication protocol and model execution applications of smart cards. A smart card that supports Java Card communicates with the terminal through messages APDU (Application Protocol Data Unit) to be compatible with the existing technology of the terminal.

Digital Certificates

The basic principle enables PKI technology to scale is the fact that public keys can be freely available among a set of entities that wants to use them to make use of security services such as encryption and decryption of data and the digital signature.

It is easily understood that in order to work properly such technology should satisfies two basic requirements:

• Ensuring the integrity of the public key

• Reliable connection of the public key to the legitimate owner.

In an environment PKI Both conditions are satisfied by the use of digital certificates. Digital certificates are issued by a third trusted entity (Trusted Third Party) called a certification authority (Certification authority-CA).

A digital certificate (digital certificate), or else a certificate public key (public key certificate), is a digitally signed document that binds the value of a public key to the identity of an entity (person, organization or service) which holds the additional private key. By signing certificate, the Certification Authority (CA) stating that the private key corresponding to the public key certificate is held by the entity indicated on the license. [20]

There are various types of digital certificates among which are:

• X.509 public key certificates [21]

• SPKI (Simple Public Key Infrastructure) certificates [22]

• PGP (Pretty Good Privacy) certificates [23], [24]

Each of the types of certificates listed above have a different structure. From the above types of X.509 certificates are the one with the greater acceptance and will then be examined in detail the structure.