Cryptography is the science of writing in secret code and is an ancient
art; the first documented use of cryptography in writing dates back to
circa 1900 B.C. when an Egyptian scribe used non-standard hieroglyphs in
an inscription. Some experts argue that cryptography appeared
spontaneously sometime after writing was invented, with applications
ranging from diplomatic missives to war-time battle plans. It is no
surprise, then, that new forms of cryptography came soon after the
widespread development of computer communications. In data and
telecommunications, cryptography is necessary when communicating over
any untrusted medium, which includes just about
any network, particularly the Internet.
Within the context of any application-to-application communication, there are some specific security requirements, including:
- Authentication: The process of proving one's identity. (The
primary forms of host-to-host authentication on the Internet today are
name-based or address-based, both of which are notoriously weak.)
- Privacy/confidentiality: Ensuring that no one can read the message except the intended receiver.
- Integrity: Assuring the receiver that the received message has not been altered in any way from the original.
- Non-repudiation: A mechanism to prove that the sender really sent this message.
Cryptography, then, not only protects data from theft or alteration, but
can also be used for user authentication. There are, in general, three
types of cryptographic schemes typically used to accomplish these goals:
secret key (or symmetric) cryptography, public-key (or asymmetric)
cryptography, and hash functions, each of which is described below. In
all cases, the initial unencrypted data is referred to as
plaintext. It is encrypted into
ciphertext, which will in turn (usually) be decrypted into usable plaintext.
In many of the descriptions below, two communicating parties will be
referred to as Alice and Bob; this is the common nomenclature in the
crypto field and literature to make it easier to identify the
communicating parties. If there is a third or fourth party to the
communication, they will be referred to as Carol and Dave. Mallory is a
malicious party, Eve is an eavesdropper, and Trent is a trusted third
party.
No comments:
Post a Comment