Basics of Cryptography

| What is Cryptography? |  

Algorithms

An algorithm is a procedure for solving a problem, much like a recipe. An algorithm or cipher is the mathematical recipe that is used to make information unreadable (convert it to ciphertext) whereby it can be converted back into plaintext by the agent holding the proper key. Except in the case of hashing or one-way cryptography in which there is by definition no way to get the cleartext back.

It is an interesting fact that the strongest ciphers are ciphers that are public. These strong ciphers can be examined by cryptographers and cryptanalysts world wide for weaknesses. A weakness would be that it would be easy for the key to be discovered or it would be easy to find a pattern in the ciphertext leading to a disclosure of the underlying information.

There are three basic types of cryptographic algorithms or ciphers.

They are:

• Hashing algorithms
• Symmetric key-based algorithms(Secret-key Cryptography)
• Asymmetric key-based algorithms(Public-key Cryptography)

| RSA Labs Secret-key Cryptography Intro. |  

| RSA Labs Public-key Cryptography Intro. |  

Concepts in Deploying Cryptography

| What is Cryptography? | Techniques |  

Asymmetric Algorithms

Often called Public Key encryption or PKI

PKI

Clipper Chip

The Clipper chip uses the Skipjack algorithm, which was developed by the NSA . The NSA has classified the SkipJack algorithm on National Security Grounds.

Clipper Chip data recovered under the Freedom of Information Act.

Digital Certificates

To verify the identity of people and organizations on the Web and to ensure content integrity, Web browsers use industry-standard X.509 v3 digital certificates. Certificates are electronic credentials that bind the identity of the certificate owner to a pair (public and private) of electronic keys that can be used to encrypt and sign information digitally. These electronic credentials assure that the keys actually belong to the person or organization specified. Messages can be encrypted with either the public or the private key and then decrypted with the other key. Each Digital Certificate contains:

• Owners Public Key
• Expiration Date of the Certificate
• Owner's name or alias
• Serial number of the certificate
• The name of the organization that issued the certificate
• Digital signature of the organization that issued the certificate (the Certificate Authority

| Digital Certificates in Depth| Digital Certificates in IE |