CRYPTOGRAPHY

CRYPTOGRAPHY is the science of providing security for information. It has been used historically as a means of providing secure communication between individuals, government agencies, and military forces. Today, cryptography is a cornerstone of the modern security technologies used to protect information and resources on both open and closed networks.

Traditionally, cryptography has been used to pass coded messages between parties to ensure communication secrecy. Cryptography systems have used processes, techniques, and mechanisms to provide for secure communications between authorized parties while preventing unauthorized parties from monitoring communications or counterfeiting messages.

In its simplest form, cryptography substitutes or transposes letters to create a coded message, traditionally called a cipher, which is used to transform a readable message called plaintext(also called cleartext) into an unreadable, scrambled, or hidden message called ciphertext. Only someone with a decoding key can convert the ciphertext back into its original plaintext. The originator of a coded message must share the decoding key in a secure manner with intended recipients who are authorized to know the contents of the coded message. If unauthorized parties can somehow intercept or figure out the decoding key, security is compromised because they can convert the ciphertext into plaintext and read the contents of the message.

Anyone who can intercept both the ciphertext of a coded message and the decoding key can read secret communications. Furthermore, anyone who knows the cipher and has the decoding key might be able to impersonate the originator and send false messages. Therefore, systems of cryptography must provide reliable methods for securely sharing decoding keys, while keeping them unavailable to unauthorized parties. Others might know the cipher used to code a message and might have access to the coded message, but only authorized recipients are able to decode the contents of the message with the shared decoding key. Systems of cryptography also include techniques and mechanisms for verifying that originators of coded messages are authentic as well as ways to ensure that messages have not been altered en route.

Cryptography offers the following basic functions:

1. Confidentiality:    Assurance that only authorized users can read or use confidential information. Without confidentiality, anyone with network access can use readily available tools to eavesdrop on network traffic and intercept valuable proprietary information. Intruders who gain illicit network rights and permissions can steal proprietary information that is transmitted or stored as plaintext. Therefore, cryptosystems use techniques and mechanisms to ensure information confidentiality. For example, unauthorized users might be able to intercept information, but the information is transmitted and stored as ciphertext and is useless without a decoding key that is known only to authorize users.

2. Authentication:    Verification of the identity of the entities that communicate over the network. Without authentication, anyone with network access can use readily available tools to forge originating Internet Protocol (IP) addresses and impersonate others. Therefore, cryptosystems use various techniques and mechanisms to authenticate both the originators and recipients of information. For example, online entities can choose to trust communications with other online entities based on the other entities ownership of valid digital authentication credentials.

3. Nonrepudiation:   Assurance that a party in a communication cannot falsely deny that a part of the actual communication occurred. Without nonrepudiation, someone can communicate and then later either falsely deny the communications entirely or claim that it occurred at a different time. For example, without nonrepudiation, an originator of information might falsely deny being the originator of that information. Likewise, without nonrepudiation, the recipient of a communication might falsely deny having received the communication.

4. Integrity:    Verification that the original contents of information have not been altered or corrupted. Without integrity, someone might alter information or information might become corrupted, and the alteration could be undetected. Therefore, many cryptosystems use techniques and mechanisms to verify the integrity of information. For example, an intruder might covertly alter a file, but change the unique digital thumbprint for the file, causing other users to detect the tampering by comparing the changed digital thumbprint to the digital thumbprint for the original contents.

In recent times, cryptography has turned into a battleground of some of the world's best mathematicians and computer scientists. The ability to securely store and transfer sensitive information has proved a critical factor in success in war and business. 

Because governments do not wish certain entities in and out of their countries to have access to ways to receive and send hidden information that may be a threat to national interests, cryptography has been subject to various restrictions in many countries, ranging from limitations of the usage and export of software to the public dissemination of mathematical concepts that could be used to develop cryptosystems. However, the Internet has allowed the spread of powerful programs and, more importantly, the underlying techniques of cryptography, so that today many of the most advanced cryptosystems and ideas are now in the public domain.