Encryption and Cryptanalysis Basics
Encryption and Cryptanalysis Basics
Define Cryptography, Cryptanalysis, And Cryptology.
Cryptography is primarily the study of converting plain text, which is in a readable format, into ciphertext, which is in non-readable form (Geeks for Geeks, 2020). This process is known as encryption, and hence cryptography is the study of encryption. Cryptanalysis is the study of ciphertext, ciphers, and cryptosystems to understand how they work and find and improve the techniques that could defeat or weaken them (Rosencrance, 2021). Therefore, the cryptanalysts may look to decrypt ciphertexts without knowing the plaintext source, encryption key, or the algorithms used for encryption. Finally, cryptology entails studying the conversion of plaintext into ciphertext and vice versa (Geeks for Geeks, 2020). This field involves the study of both encryption and decryption.
Role And Importance of Cryptography for the Company’s Cybersecurity.
Cryptography will act as the integrated layer of defense to the information systems. Through cryptography, the company will be in a position to secure transactions and communications, safeguard personally identifiable information (PII) among other confidential information, authentication identity, preventing tampering on documents, and establishing trust between servers (Gruhn & Probst, 2021). Therefore the company will use cryptography to secure its systems and protect all kinds of the necessary information.
Threats to The Company From Cryptanalysis.
The ciphertext only attacks one of the threats where the attacker only has access to one or more encrypted messages but with no knowledge of the plain text data, the algorithm used, or data on the cryptographic key used (Rosencrance, 2021). This threat happens when the intelligence agency intercepts encrypted communications from the opponent. The second threat is the known-plaintext attack, which occurs when the analysts have some or all plaintext of the ciphertext and intend to discover the encryption key needed to decrypt the message (Rosencrance, 2021).. Linear cryptanalysis is one type of known-plaintext attack that uses the linear approximation to describe how the block cipher known-plaintext attacks rely on the attacker discovering or predicting some or the entire encrypted message.
Another threat is the chosen plaintext attack which happens when the analyst is either aware of the encryption algorithm or can access the devices used in encryption (Rosencrance, 2021).. The analyst could encrypt the identified plaintext with the targeted algorithm for deriving information on the encryption key. The differential cryptanalysis attack is also a chosen-plaintext attack that happened on block ciphers that analyze the pairs instead of single plaintexts (Rosencrance, 2021).. The analyst could determine how the targeted algorithm works when it interacts with different data types; the integral cryptanalysis is similar to the differential cryptanalysis attacks. However, it uses groups of plaintexts in which part of the plaintext has been kept constant while the rest is modified. The attack is very feasible when applied to the block ciphers based on the substitution-permutation networks.
Specific Tools or Techniques Used In Cryptography.
The security tokens make up one of the tools used in cryptography which are primarily physical devices used for holding the information that authenticates an individual’s identity (University of North Dakota, 2020). The system owner plugs the security token into the system through a computer or USB port for gaining access to the network service.
Key-based cryptography incorporates asymmetric algorithms to confirm a client’s identity and could be an effective alternative for client verification (University of North Dakota, 2020). The primary factors considered in the method are the public and private keys used for confirming identity. In public-key authentication, each user gets a pair of asymmetric keys stored in each system for access purposes. In private key authentication, private keys are safely maintained within the device, which the user will connect to the secured systems (University of North Dakota, 2020). During connection, the server will authenticate the user with the public key, asking the user to decrypt through the corresponding private key.
The docker software platform is used in building applications based on the containers, which are small self-contained environments that share an operating system kernel (University of North Dakota, 2020). The docker containers are naturally secure, but more security could be added by allowing several applications that fortify the system. The Java cryptographic architecture is another tool integrated with the primary Java application programming interface. It has APIs for handling security functions, including encryption, managing kets, generating random numbers securely, and validating certificates. These APIs allow the developers to build security into the application code.
The Microsoft SignTool is another security tool embedded within the operating system, which digitally signs and time-stamps files and verifies the signatures in the files (University of North Dakota, 2020). It is automatically installed with the Microsoft Visual Studio, the software development environment. It allows the software developers to certify the developed codes as their own and ensure that they have not been tampered with since their publishing.
Geeks for Geeks. (2020, May 22). Difference between cryptography and cryptology. GeeksforGeeks. https://www.geeksforgeeks.org/difference-between-cryptography-and-cryptology/
Gruhn, D., & Probst, J. (2021, July 6). Why is cryptography so important? Here’s what you need to know. Entrust Blog. https://www.entrust.com/blog/2021/06/why-is-cryptography-so-important-heres-what-you-need-to-know/
Rosencrance, L. (2021, October 4). What is cryptanalysis? Definition from SearchSecurity. SearchSecurity. https://www.techtarget.com/searchsecurity/definition/cryptanalysis
University of North Dakota. (2020, August 7). 5 powerful cryptography tools. University of North Dakota Online. https://onlinedegrees.und.edu/blog/5-cryptography-tools/