Cryptography In Daily Life


ATM
An Automatic Teller Machine (ATM) provides a simple, yet secure, service, whereby authorized cardholders can withdraw cash and perform other banking transactions without visiting a bank branch. Each ATM transaction is authorized by a bank via a secure communications network, which relies on encoding data so that it can only be read by the sender and the intended recipient, otherwise known as encryption.
Security Vulnerabilities
One common ATM security vulnerability involves so-called phantom withdrawals, in which cash is taken from a cardholder’s account, but neither the customer nor the bank admits liability. Phantom withdrawals are sometimes the result of fraud on the part of the customer, but ATMs can also be tricked into accepting bogus, skimmed or cloned cards. ATMs generate a coded message, known as an Authorization Request Cryptogram, which card issuers use to authenticate the card and card data.
DES
ATMs originally used a mathematical formula, or algorithm, known as the Data Encryption Standard, to encrypt personal identification numbers. DES encrypts data in 64-bit blocks using a 56-bit encryption key and was, at one time, an official Federal Information Processing Standard in the United States. However, increases in computing power for personal computers have rendered DES insecure for ATM applications; ATMs using DES have been breached within 24 hours.
Triple DES
Triple DES uses two encryption keys and applies the DES encryption algorithm three times, effectively increasing the length of the encryption key to 168-bits. Triple DES is significantly more secure than DES, because it isn’t realistic to search the individual bits of the encryption key to crack the code. According to the National Credit Union Administration, all new ATM installations since 2002 were required to employ triple DES encryption.
AES
In 2001, the National Institute of Standards and Technology announced the adoption of a new encryption standard, known as the Advanced Encryption Standard, intended to replace DES. AES uses a variable length encryption key, with a length of 128, 192 or 256 bits, and encrypts data in 128-bit blocks. The only way for an unauthorized person to decrypt data encrypted with AES is by a so-called brute force attack, which involves testing all possible permutations of the encryption key, so AES is significantly more secure than DES or triples DES. AES was approved by the U.S. government as the commercial standard for encrypting sensitive digital information, including the financial data used by ATMs, in 2003.


Email And File Storage Using Pretty Good Privacy (PGP) Freeware
PGP encryption or Pretty Good Privacy encryption, is a data encryption computer program that gives cryptographic privacy and authentication for online communication. It is often used to encrypt and decrypt texts, emails, and files to increase the security of emails. PGP encryption uses a mix of data compression, hashing, and public-key cryptography. It also uses symmetric and asymmetric keys to encrypt data that is transferred across networks. It combines features of private and public key cryptography. Each step uses a different algorithm, and each public key is associated with a username and an email address.
Uses of PGP Encryption
One use of PGP encryption is to confidentially send messages. To do this, PGP combines private-key and public-key encryption. The sender encrypts the message using a public encryption algorithm provided by the receiver. The receiver provides their personal public-key to whomever they would like to receive messages from. This is done to protect the message during transmission. Once the recipient receives the message, they use their own private-key to decode the message, while keeping their personal private-key a secret from outsiders.
Another aspect of PGP is message authentication and integrity checking. Integrity checking is used to detect if a message has been altered after it was written and to determine if it was actually sent by the claimed sender. Because the email is encrypted, changes in the message will make it unable to be decrypted with the key. PGP is used to create a digital signature for the message by computing a hash from the plaintext and producing a digital signature using the sender’s private key. A person can add their signature to another person’s public-key to show that it is truly that rightful owner.

GSM Mobile Phone
GSM is the most secured cellular telecommunications system available today. GSM has its security methods standardized. GSM maintains end-to-end security by retaining the confidentiality of calls and anonymity of the GSM subscriber.
Temporary identification numbers are assigned to the subscriber’s number to maintain the privacy of the user. The privacy of the communication is maintained by applying encryption algorithms and frequency hopping that can be enabled using digital systems and signalling.
Mobile Station Authentication
The GSM network authenticates the identity of the subscriber through the use of a challenge-response mechanism. A 128-bit Random Number (RAND) is sent to the MS. The MS computes the 32-bit Signed Response (SRES) based on the encryption of the RAND with the authentication algorithm (A3) using the individual subscriber authentication key (Ki). Upon receiving the SRES from the subscriber, the GSM network repeats the calculation to verify the identity of the subscriber.
The individual subscriber authentication key (Ki) is never transmitted over the radio channel, as it is present in the subscriber’s SIM, as well as the AUC, HLR, and VLR databases. If the received SRES agrees with the calculated value, the MS has been successfully authenticated and may continue. If the values do not match, the connection is terminated and an authentication failure is indicated to the MS.
The calculation of the signed response is processed within the SIM. It provides enhanced security, as confidential subscriber information such as the IMSI or the individual subscriber authentication key (Ki) is never released from the SIM during the authentication process.
Signalling and Data Confidentiality
The SIM contains the ciphering key generating algorithm (A8) that is used to produce the 64-bit ciphering key (Kc). This key is computed by applying the same random number (RAND) used in the authentication process to ciphering key generating algorithm (A8) with the individual subscriber authentication key (Ki).
GSM provides an additional level of security by having a way to change the ciphering key, making the system more resistant to eavesdropping. The ciphering key may be changed at regular intervals as required. As in case of the authentication process, the computation of the ciphering key (Kc) takes place internally within the SIM. Therefore, sensitive information such as the individual subscriber authentication key (Ki) is never revealed by the SIM.
Encrypted voice and data communications between the MS and the network is accomplished by using the ciphering algorithm A5. Encrypted communication is initiated by a ciphering mode request command from the GSM network. Upon receipt of this command, the mobile station begins encryption and decryption of data using the ciphering algorithm (A5) and the ciphering key (Kc).
Subscriber Identity Confidentiality
To ensure subscriber identity confidentiality, the Temporary Mobile Subscriber Identity (TMSI) is used. Once the authentication and encryption procedures are done, the TMSI is sent to the mobile station. After the receipt, the mobile station responds. The TMSI is valid in the location area in which it was issued. For communications outside the location area, the Location Area Identification (LAI) is necessary in addition to the TMSI.