Cryptography
Cryptography is a branch of mathematics that is based on the transformation of data and can be used to provide several security services [1]:
- Confidentiality is the property whereby sensitive information is not disclosed to unauthorized entities. Confidentiality can be provided by a cryptographic process called encryption.
- Data integrity is a property whereby data has not been altered in an unauthorized manner since it was created, transmitted or stored. The process of determining the integrity of the data is called data integrity authentication.
- Authentication provides assurance of an entity's identity.
- Non-repudiation is a mechanism to prove that the sender really sent this message, i.e. cannot claim he/she did not actually send the information.
Types of Cryptographic Algorithms
Secret Key Cryptography (SKC): Uses a single key for both encryption and decryption; also called symmetric encryption. Primarily used for privacy and confidentiality.
Public Key Cryptography (PKC): Uses one key for encryption and another for decryption; also called asymmetric encryption. Primarily used for authentication, non-repudiation, and key exchange.
Hash Functions: Uses a mathematical transformation to irreversibly "encrypt" information, providing a digital fingerprint. Primarily used for message integrity. [2]
Secret Key Cryptography (SKC): Uses a single key for both encryption and decryption; also called symmetric encryption. Primarily used for privacy and confidentiality.
Public Key Cryptography (PKC): Uses one key for encryption and another for decryption; also called asymmetric encryption. Primarily used for authentication, non-repudiation, and key exchange.
Hash Functions: Uses a mathematical transformation to irreversibly "encrypt" information, providing a digital fingerprint. Primarily used for message integrity. [2]
Digital Signature is a technique based on public key cryptography used to validate the authenticity and integrity of a message, software or digital document. A digital signature can be verified by anyone with access to the public key. The signature can be used to provide assurance of data integrity and source authentication, and to support non-repudiation.
[1] Barker, E. (2016, August). Guideline for using cryptographic standards in the federal government: Cryptographic mechanisms. Retrieved from https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-175B.pdf
[2] Kessler, G.C. (2018, June 19). An overview of cryptography. Retrieved from https://www.garykessler.net/library/crypto.html#intro
[2] Kessler, G.C. (2018, June 19). An overview of cryptography. Retrieved from https://www.garykessler.net/library/crypto.html#intro