Essay 15 Cryptography Marshall D . Abrams and Harold

This essay discusses cryptographic protection of information confidentiality and integrity as that information passes from one point in space-time to another. More recent uses of cryptography , such as authentication and nonrepudiation are also discussed. The essay begins with an introduction of these ideas, including some basic examples, then proceeds to the definition of a cryptographic system, making the distinction between conventional key or symmetric key schemes and public key or asymmetric key schemes. We present some classical examples beginning with Julius Caesar. Both substitution and permutation ciphers are included, as well as a word about their weaknesses. The Data Encryption Standard (DES) serves as an example of a product cipher whose strength derives simply from repeated applications of both permutations and substitutions. The essay then turns to public key schemes or systems. A public key system can be used by anyone to encrypt a message for a given recipient but only that recipient can decrypt it. Although there are many proposed in the open literature and three have been widely implemented, we focus on the most popular system, RSA. RSA (Rivest, Shamir, and Adleman) is a widely used public key system whose strength lies in the difficulty of factoring certain large numbers. A discussion of public key management is followed by an introduction to public key and conventional key management issues. We also discuss authentication and integrity issues that are associated with conventional key systems. In addition, link and end-to-end encryption are described and contrasted. The essay's final topic is the integration of computer and communications security. Encryption is a fundamental tool for the protection of sensitive information. Its historical purpose is privacy (preventing disclosure or confidentiality in communications. Encryption is a way of talking to someone while other people are listening, but such that the other people cannot understand what you are saying. It can also be used to protect data in storage as well as to detect active attacks, such as message or file modification. We refer to encryption as a tool because it is a means for achieving an end; it is not an end in itself. Cryptography, hidden writing, is a method for transforming the representation (appearance) of information without changing its information content. Plaintext (cleartext) is one representation of the information expressed in natural language, intelligible to all. Ciphertext is a different representation, designed to conceal the information from unauthorized persons. Encryption (or encipherment) …