Friday, January 20, 2017

Cyber Security and Cryptography


In this article we shared info about cyber security and cryptography. You can gain more knowledge about information security of cryptography.

Cryptography is the science and art of writing messages in encrypted or coded form. It is part of a field of studies that deals with secret communications, used, among other purposes, to:

  • Authenticate the identity of users;
  • Authenticate and protect the confidentiality of personal communications and commercial and banking transactions;
  • Protect the integrity of electronic funds transfers.
A message encoded by a cryptography method must be private. That is only the one that sent and the one that receives must have access to the content of the message. Current cryptographic methods are safe and efficient and base their use on one or more keys. The key is a sequence of characters, which can contain letters, digits and symbols (such as a password), and which is converted into a number, used by encryption methods to encode and decode messages.

Currently, cryptographic methods can be subdivided into two broad categories, according to the type of key used: single-key cryptography and public-private key cryptography.

What is single key cryptography?

Single-key cryptography uses the same key both to encode and decode messages. Although this method is quite efficient in relation to processing time. The time spent to encode and decode messages has as main disadvantage they need to use a secure medium so that the key can be shared between people or entities wishing to exchange encrypted information.

What is public and private key cryptography?

Public and private key cryptography uses two different keys, one for encoding and one for decoding messages. With this method each person or entity maintains two keys: one public, which can be freely disclosed, and another private, which must be kept secret by its owner. Messages coded with the public key can only be decoded with the corresponding private key.

As an example, Alex and Maria want to communicate in a secret way. Then, they will have to perform the following procedures:

Alex encodes a message using Mary's public key, which is available for use by anyone;
After encrypted, Alex sends the message to Maria, through the Internet;
Mary receives and decodes the message, using her private key, which is only of her knowledge;
If Maria would like to respond to the message, she must carry out the same procedure, but using the public key of Alex. Although this method has a much lower processing time compared to the single key cryptography method, the main advantage is the free distribution of public keys, not requiring a secure means for keys to be combined with notice. We can compared it to present e-mail, social network etc communication. But terms may vary with the cryptography terms.

Which key size should be used?

The cryptography methods that are currently used, and which present good levels of security, are publicly known and are safe because of the robustness of their algorithms and the size of the keys they use.

For someone to discover a key you need to use some brute-force method, that contains combinations of keys until the correct one is discovered. Therefore, the greater the key, the greater the number of combinations to be tested, thus making it impossible to discover a key in a normal time. In addition to that, keys can be changed regularly, making encryption methods even more secure.

Currently, in order to obtain a good level of security in the use of a single key cryptography method, it is advisable to use keys with a minimum of 128 bits. And for the method of cryptography of public and private keys it is advisable to use keys of 2048 bits, being the acceptable minimum of 1024 bits. Depending on the purposes for which cryptographic methods will be used, the use of larger keys: 256 or 512 bits for a single key and 4096 or 8192 bits for public and private keys should be considered.