Cryptography In Network Security

12 min readMay 8, 2023

Cryptography is the science of encrypting or decrypting information to prevent unauthorized access. In cryptography, you transform data and personal information to make sure only the correct recipient can decrypt the message. As an essential aspect of modern data security, using cryptography allows the secure storage and transmission of data between willing parties.

How does Cryptography work?

Cryptography takes a plaintext (also known as a cleartext) and turns it into something that can only be understood by the intended receivers. Anyone else who somehow gets their hands on this piece of information shouldn’t be able to understand it.

The practice of turning a plaintext into a ciphertext, encryption practices are followed. To turn a ciphertext into a plaintext, decryption practices are followed.

There are two primary aspects of cryptography, they are:

Encryption is the process of scrambling the information, to avoid third parties from comprehending the message even if it is intercepted. This scrambling is done using specific mathematical calculations and steps, often collectively known as ciphers. Along with the cipher, it uses an encryption key to encrypt the message.

Decryption is the process of reversing the work done by encryption. It converts the scrambled information into its original form so that the data is readable again. Usually, the encryption key which is used to scramble the data can decrypt the data, but that varies depending on the type of cryptography used.

Fig 2: Data Encryption and Decryption process

Types of Cryptography:

1. Symmetric Cryptography (secret-key) : Symmetric cryptography is a form of encryption that uses the same key for both encryption and decryption. It is a fundamental element of modern data security and privacy, as it enables secure communication between two or more parties. It is used in various forms, such as symmetric-key algorithms, digital signatures, message authentication codes (MACs), and hash functions. Symmetric cryptography can be used to protect data stored on devices, transmitted over networks, or stored in the cloud. Its strength lies in its simplicity and speed, it can encrypt large amounts of data quickly and securely.

2. Asymmetric cryptography (public-key) : Asymmetric cryptography, commonly referred to as public-key cryptography, is a sort of encryption method that encrypts and decrypts data using two separate keys. It ensures that the encrypted data can only be accessed by the intended recipient and prevents unauthorized access. The public key and the private key are the two keys that are used in this procedure. Data is encrypted using the public key and decrypted using the private key. This makes it possible for users to securely exchange information without having to share their private keys with each other. Asymmetric cryptography is used in many applications such as secure online transactions, digital signatures, and email encryption.

Cryptographic Techniques :

Information is secured using the practice of cryptography, which encrypts data in a way that is only accessible to and understandable by authorized individuals. It serves as a safeguard against unauthorized access, manipulation, or modification of data. To protect data, there are many different cryptographic techniques that each have their own advantages and disadvantages. These techniques include symmetric-key cryptography, public-key cryptography, hash functions, digital signatures, and more. With the right combination of techniques, organizations can create secure systems that protect their confidential data.

A. Steganography

Steganography is the practice of hiding information or messages within other seemingly innocuous data or media, such as images, audio files, or text, in a way that conceals the existence of the hidden information. The goal of steganography is to make the hidden information difficult to detect or decipher without the knowledge of the intended recipient. This can be achieved by various techniques, such as manipulating the least significant bits of data, modifying the color or audio intensity of pixels or samples, or embedding data in whitespace or unused areas of a file.

Steganography has been used for centuries as a means of covert communication, with historical examples including invisible ink, hidden messages in paintings, and secret codes embedded in written text. In the digital age, steganography has gained prominence as a technique for hiding information in digital media, often for purposes such as digital watermarking, copyright protection, or communication in sensitive or classified settings.

For example, consider an image of a sunset. A hidden message or data can be embedded within an image using steganography by gently changing the values of the pixels that make up the image. These changes may be slight and unnoticeable to the naked sight, giving the image the appearance of being unchanged, but the concealed information is contained within the image data.

It’s worth noting that steganography is different from cryptography, which involves encoding information to protect its confidentiality and integrity, but does not necessarily attempt to hide the existence of the information. Steganography, on the other hand, focuses on concealing the very existence of the hidden information within other data or media.

B. Hashing

Hashing is the process of transforming any amount or length of data into a fixed-length string of characters, generally a hexadecimal integer or alphanumeric string. Data of any size or length can be transformed into a fixed-length hexadecimal number or alphanumeric string through the process of hashing. Because the output, also known as a hash value or hash code, is specific to the input data, even little changes to the input data will result in noticeably different hash values. In computer science, cryptography, and data security, hashing is frequently used for a variety of tasks, including data storage, data retrieval, password storage, and digital signatures

Here are some examples of how hashing can be used:

1. Password storage: When a user creates an account or changes their password, the password is hashed using a hashing algorithm and the hash value is stored in a database. When the user attempts to log in, the password they enter is hashed and compared to the stored hash value to verify if it matches, without storing the actual password in the database. This ensures that even if the database is compromised, the attacker cannot access the plaintext passwords.

2. Data storage and retrieval: In databases, hash functions can be used to generate unique hash codes for records or keys, which can be used as indices for quick data retrieval. For example, in a hash table, data is stored in an array indexed by a hash code generated from a key value, allowing quick access to the data using the key.

3. Digital signatures: Digital signatures employ hashing to check the accuracy of the data. A digital signature is produced by applying a hash function to the data to get a hash value, which is then encrypted using the signer’s private key. The recipient can then create the hash value from the received data and compare it with the encrypted hash value to see if the data has been altered by using the signer’s public key to decrypt the digital signature.

4. File integrity checking: During transmission or storage, hashing can be used to check the consistency of files or other data. After computing a hash value for the original file, the file is sent or saved. To make sure the file hasn’t been altered or corrupted, the hash value is recalculated once the file is received or retrieved and compared with the original hash value.

Overall, hashing is a useful technique that provides efficiency, security, and integrity to various data processing tasks. It is widely used in computer science, data security, and cryptography, and it can be applied to many different types of data and scenarios.

Cryptography Algorithms:

1. RSA Algorithm :

RSA stands for “Rivest, Shamir, and Adleman”. They are the developers of this algorithm hence, it is named after them. RSA algorithm is an asymmetric cryptography algorithm. Unlike symmetric systems RSA has two keys, a public key, which is given to everyone and can be shared publicly, and a private key, which must be kept private and secret.

The RSA algorithm uses a block cipher concept that transforms plaintext into ciphertext at the receiving end and vice versa. If User A’s public key is used for encryption, we must use the same user’s private key for decryption.

Now, let’s see the mechanism behind the RSA algorithm.

Step 1: Select two distinct large prime numbers p & q.

Suppose p = 3 and q = 11

Step 2: Compute key length, n = p * q .

n = p * q
n = 3 * 11
n = 33

Step 3: Compute φ(n) = (p − 1)(q − 1)

φ(n) = (p-1)*(q-1)
φ(n) = (3–1)*(11–1)
φ(n) = 2*10
φ(n) = 20

Step 4: Choose value of e such that : 1 < e < φ (n) and gcd(e, φ (n)) = 1

Let’s say that e = 7 which satisfies the above condition.

Step 5: Find d, using d*e ≡ 1 (mod φ(n))

d * 7 = 1 (mod φ(n))

(d * 7) mod 20 = 1

Hence we can get d = 3

Step 6: Public key is generated using (e,n) and Private key using (d,n).

Public key = (e,n) = (7, 33)

Private key = (d,n) = (3,33)

Step 7: Encryption c = (m) ^ e mod n ; (where m is plain text and c is ciphertext)

Let us assume the message m to encrypt is “b”

In Numeric form of b is 2

Encrypted Data c= (m)^e mod n
c=(2)⁷ mod 33
c=29

Step 8: Decryption m= © ^ d mod n

m=(29)³ mod 33
m=2

Converting into alphabetic form we get m=”b”

2. DES Algorithm:

The Data Encryption Standard (DES) is the most popular security algorithm. It’s a symmetric key algorithm. DES is a block cipher encryption algorithm that operates on 64-bit blocks of plaintext at a time. To encrypt or decrypt data, the DES algorithm uses the Feistel structure.

The encryption process of DES involves the below steps:

1) Key Generation: Reduces our key size from 64 bits to 56 bits through a permutation box, which makes the key more secure and harder to guess.

2) Initial Permutation (IP): The initial permutation re-arranges the order for 64-bit plaintext.

3) Splitting: The IP produces two halves of the permuted block; says Left Plain Text and Right Plain Text, each with 32 bits.

4) Rounds: DES consists of 16 steps called Rounds. Each round performs the steps of substitution and transposition to both halves of the block.

5) Final Permutation: In the end after the 16 rounds, both halves are joined and Final Permutation (FP) is performed on the combined block

6) The result of this process produces 64 bit cipher text.

The decryption process of DES is simply the reverse of the encryption process. In order to decrypt the cipher text into the plaintext, decryption uses the same algorithm as encryption, only the steps are performed in reverse order. The same key is used for both encryption and decryption.

Types of Attacks in Cryptography

There are two types of cryptography attacks 1. passive and 2. active attacks.

1. Passive

In a passive attack, the intruder can only see the private data but can hardly make any changes to it or alter it. Passive attacks are more dangerous because the intruder only sees the message without altering it. Then no one will ever know that an attack is taking place, and their hidden messages will no longer be hidden.

● Snooping : Also known as message content leakage, snooping is a nonaggressive attack where the intruder can only read a message. This jeopardizes the security goal of confidentiality.

2. Active

In this type of attack, the intruder can alter the private data.

Masquerade : The intruder will try to gain as much access to the computer system as possible. Masquerade is an active attack that threatens the security goal of credibility.
Brute force attack : A brute force attack occurs when hackers use computers to feedback loop over each letter in a character set systematically. A character set can consist of letters, numbers, symbols, or anything else that the hackers may desire. In the most general terms, a brute force attack is a method of trial and error that attempts all possible password combinations. This method works well for short passwords, but it takes a long time to try all possible passwords.
Dictionary attack : It is a quick and easy password attack. Hackers generate thousands of candidate digests and their pre-matched plaintext passwords using a dictionary. These candidate digits are compared to those in a stolen digest file by hackers. If a match is found, they are given the password. Although this method appears to be feasible if done manually, computers are capable of processing millions of words in a matter of hours.

Advantages of Cryptography:

It offers the four most fundamental information security services:

Confidentiality — An encryption method can protect data and communications against unauthorized access and disclosure.
Authentication — Information can be safeguarded against spoofing and forgeries using cryptographic techniques like MAC and digital signatures, which are used for authentication.
Data Integrity — Cryptographic hash functions are essential in giving users confidence in the accuracy of their data.
Non-repudiation — A digital signature offers the non-repudiation service to protect against disputes that can develop if the sender refuses to acknowledge receipt of the communication.

Disadvantages of Cryptography:

● A strongly encrypted, authentic, and digitally signed information can be difficult to access even for a legitimate user at a crucial time of decision-making. The network or the computer system can be attacked and rendered non-functional by an intruder.

● High availability, one of the fundamental aspects of information security, cannot be ensured through the use of cryptography. Other methods are needed to guard against the threats such as denial of service or complete breakdown of the information system.

● Another fundamental need of information security of selective access control also cannot be realized through the use of cryptography. Administrative controls and procedures are required to be exercised for the same.

● Cryptography does not guard against the vulnerabilities and threats that emerge from the poor design of systems, protocols, and procedures. These need to be fixed through proper design and setting up of a defensive infrastructure.

● The security of cryptographic technique is based on the computational difficulty of mathematical problems. Any breakthrough in solving such mathematical problems or increasing the computing power can render a cryptographic technique vulnerable.

Cryptography in Cyber security

Cryptography plays a critical role in cybersecurity, and it is widely used to protect confidential information from unauthorized access. It involves the use of mathematical algorithms and codes to convert sensitive information into an unintelligible format that can only be deciphered by authorized individuals. Cryptography helps to ensure data integrity, confidentiality, and authenticity in electronic communications. Lets see some of the use cases:

1. Secure communication: Cryptography is used to secure communication between two parties over a network. This includes encryption of emails, instant messages, and voice or video calls. Cryptography ensures that only the intended recipient can read the message, and the message cannot be intercepted and read by attackers.

2. Data protection: Cryptography is used to protect sensitive data from unauthorized access, theft, or modification. This includes encrypting data at rest, such as stored files or databases, as well as data in transit, such as data being transmitted over a network.

3. Identity and access management: Cryptography is used for authentication and authorization of users accessing systems or applications. Digital certificates and PKI are used to authenticate users, while encryption is used to protect passwords and other sensitive data.

4. Digital signatures: Cryptography is used to provide digital signatures, which help to ensure the authenticity and integrity of digital documents. Digital signatures are used to sign contracts, legal documents, and other sensitive documents, and they provide non-repudiation, which means that the signer cannot deny having signed the document.

5. Secure transactions: Cryptography is used to secure online transactions, such as e-commerce purchases, banking transactions, and online payments. This includes the use of secure protocols like SSL/TLS to encrypt the communication between the user and the server, as well as the use of digital signatures and other security measures to ensure the integrity and authenticity of the transaction.

Conclusion

In conclusion, cryptography plays a vital role in cybersecurity, and it is a necessary tool for securing electronic communications. The use of cryptography has enabled cybersecurity experts to develop innovative techniques and methods that enforce data privacy and security. It is imperative to understand the importance of cryptography in cybersecurity and to implement it to protect sensitive information from unauthorized access.

References:

Blog Written by : Ketaki Kamble, Sailee Kadam, Maithili Kharabe, Rohan Kulkarni, Vaishnavi Pingat