we-coffee logo
 
Skip Navigation LinksHome | Knowledge | Cryptography


Cryptography for information security

 
 

1. Introduction to Cryptography

Talking about information security, cryptography is surely a technology that could be the first candidate for handling issues that have not yet been completely resolved by the ICT world. Those regards: the increasing need for protection of personal data, the need for identification of subjects exchanging information (people but also systems), the need to manage information and documents that otherwise could not abandon paper management (e.g. for signature needs).

From the above, it is clear that, while the traditional security technologies deal mainly with the security of the systems, preventing intrusions and malicious code execution, encryption is the ideal tool for data protection, both when data are exchanged between two entities, whether data are stored on storage or memory devices. The principle is: if you were able to gets my data, you are not able to utilize them.

Notice that, by entity, we intend any kind of system that manages data. An entity can be a network stream that exchange data between two end points, or a portion of bytes saved on hard drives in a static way. We differentiate the data exchanged from the seconds by saying that the seconds (bytes on a hard drive) are "static" data, meaning that they are not "in motion" through some kind of stream.

Currently, encryption is applied in many situations such as:

Payment systems for e-commerce: They use TLS / SSL (RFC2246) protocol for the identification of the subjects participating in a commercial transaction and for the security of data exchanged within the transaction.

Remote Authentication: They use protocols such as Kerberos (RFC4120) for the authentication of users in a network environment.

Secure entities linking: permits to use cryptography for the creation of some kind of "tunnel" between two remote entities (IPSec and VPN).

Secure e-mail systems: permits the exchange of e-mail in which sender is legally recognized. They use protocols such as S/MIME (RFC2633) or PGP (RFC3850).

Documents signing: uses digital certificates (x509) to ensure the identity of a document's editor, the authenticity of the document, and the integrity of the same.

Software signing: allows the identification of the publisher that develops some software. The most used software signing procedure is Microsoft® Authenticode®.

Data encryption: permits the information to be kept secure by utilizing cryptographic keys and cryptographic algorithms. Only the keys owner can access the encrypted information.

 
 
 

See Also

NIST Publications : NIST Publications. Official National(USA) Institute of Standards And Technology that contains the specifications (FIPS – Federal Information Processing Standards) of most of the today wide utilized cryptographic algorithms.

 
up up