Cryptography and Data Protection - Research Paper Example

Cryptography and Data Protection Introduction Cryptography is an art and science which practices hiding the meaning of messages employing logic to structure, strong encryption techniques (Rouse, 2015). Accomplishing solid encryption, the hiding of data denotation, needs instinctive bounds that permit creative use of recognized or new approaches. Encryption simply is the process of taking information, or data, and translating it into a code (Chida et.al., 2015). Cryptography is an ancient art of writing in a hidden code. The initial recorded use of cryptography in writing was in back to about 1900 B.C., when an Egyptian engrave used non-standard symbols in an engraving. Some experts argue that cryptography emerged suddenly sometime after writing was discovered (Smith, 2015). With uses stretching from discreet communications to the war-duration combat plans, it is no surprise that new methods of cryptography appeared shortly after the extensive growth of computer communications. Telecommunications and data cryptography is essential when interacting over any unsecure channel, which comprises of almost all networks, especially the Internet (Zimmerman, 1994). This paper discusses the cryptography of information and the protection of data. Cryptography Computers have changed the Way People Keep Information Private Within the framework of every application-to-application communication, there are certain definite security necessities, comprising: Authentication which is the process of confirming a user’s identification (Burgess, 2008). However, presently the internet primary forms of host-to-host authentication are address-based or name-based, which are very weak authentication. Confidentiality/Privacy is safeguarding that no unintended persons can receive the message apart from the projected recipient. Integrity is the state of guaranteeing the recipient that the intercepted message has not been changed in any manner from the original. Non-repudiation is the mechanism to verify that the correspondent really conducted the transaction of sending that particular message (Chandra, 2009). Cryptography, not only safeguards data from hacking or modification, but can also be used for user identification. There are three forms of cryptographic structures in general normally employed to achieve these objectives. Namely: secret key also known as the symmetric cryptography, hash functions and public-key also known as asymmetric cryptography (Oecd, 2015). In all instances, the first unhidden data is identified as plain text. It is encoded into cipher text, which eventually is decoded into operational plain text (Pezaro, 2015). New Threats that Computer Systems and Networks Pose to Personal Privacy There are two keys accessible for encoding and decoding messages. One key is identified as the private key and is set aside in secret by the receiver. The other second key is identified as the public key and can be recognized by anybody who requires transferring an encrypted message to the recipient. RSA cryptography operates through manipulating a specific attribute of very big numbers that is they are extremely challenging to feature (Ortiz, 2005). Previously the sending of any message to the receiver, the recipient selects two very large prime numbers and retains them hidden. These two numbers elements the private key. The recipient then multiplies these two numbers together to get an even larger number, which characterizes the public key. Everyone wanting to send the receiver an encoded message, then employs the public key to encode the message (OWASP, 2015). Without going into the particular of how the procedure really functions, it would be sufficient to mention that asymmetric encoding is a one-mode process such that when the correspondent uses the public key to encode the message, the dispatcher cannot then decode the message as she or he would be capable to do under a symmetric cryptic structure (Mason, 2015). Certainly, the encoded message is currently close to impossible to be decoded by anybody. This is as a result of once the message is encoded with the RSA techniques, one is obligated to obtain the right of usage to the private key to decode it and apparently no one would if the dispatcher has been industrious about protecting the private key. Another person of course, might attempt to crack the encryption by predicting the two prime digits that form the private key (SafeNet, 2015). However, this would need processing the public key. For extreme big numbers, the manufacturing process could literally take decades of years to do so. Therefore, though RSA cryptography is not in code indestructible, for all applicable functions, it is (Institute, 2012). This is exactly what makes governments’ administrations, such as the U.S. administration, concerned. Since RSA cryptography is publicly and freely accessible, illegitimate behavior on the internet can possibly go undetected and unnoticed (Mogull, 2005). Though solid encryption may give self-assurance to the public that their confidentiality is being safeguarded on the internet, heavy duty encryption also reduces outdated techniques of unlawful investigation and watching of illegal conduct basically insignificant (Vormetric, 2010). Conversely, what threats are enabled or enhanced by computer systems and networks? In the course of handling computers, there are diverse conceivable risks that are involved. Contemplate on the matter of omission and errors risk. When handling computer system, programmers utilize a lot of software package that are not safeguarded or occasionally control under any degree. In such a scenario, information entered might be misplaced or generate errors (Clarified, 2015). The user might input the appropriate data into a given application, but since the application is not ordered in the right method then it is not protected. Some behavior of faults might occur and interfere with the whole software. The great number of computer users is not curios with such a matter, and they end up alleging that illegal access of data has been done (Rosenberg, 2010). Application of Cryptography on Personal Privacy and Public Safety The art of writing messages in hidden ways has for centuries been the best procedure of computer confidentiality and welfare in numerous establishments. It assists in confidentiality as well as universal safety merely because when one input a password, characters displays in the asterisks mode, hence nobody can identify what have been written (Microsoft, 2005). This manner, cryptography assists in confidentiality safety for the user is the only individual who knows what he or she inputs and the similar perspective relates to the other section (Kessler, 2015). Storing private information is the core objective of any method of confidentiality security routine. Because cryptography does not permit intruders to watch through what have been entered as the secret code, it is a fact that the technique does assist in the universal as well as the confidentiality security of many users (NIST, 2010). Different data is stored safe by employing cryptography from external attackers hence whenever one needs securing the data, this method can be employed to ensure that the whole information is secure, (RSA, 2009). Conversely, the technique does not offer confidentiality processes towards private information. Reflect the scenario of terrorists and also for the prisons. Prisons employ this technique to store data and significant data for the convicts. In this scenario, the technique does not assist, however, it acts as the barrier because it is employed to keep personal data and issue it when obligated (Ye, 2011). Policies required in a Networked Universe Concerning the use of Cryptography There are numerous guidelines which are needed in an interactive universe in use of cryptography. Safeguarding of confidentiality and private data is one of the key policies for the technique. Under this regulation, it is anticipated that private information should stay personal during any online use irrespective of anything (NIST, 2001). The technique employs electronic mode of dealing thus safeguarding private information is very simple. Alternative rule under this process is the regular practice of the cryptographic technique. There are some criteria which has been intentionally been established to observe the practice of the scheme. With the assistance of the schemes, various individuals appreciate private information security, (Segell, 2010). Policy access is another significant rule to the practice of the method. National policies concerning to the scheme permits the rule to supervise and monitor the practice of the method. At any time duration securing the information of a person, accountability policy plays a vital function in this sort of method. In an instance where any information misplaced or accessed illegally, the technique lies to be blamed whereby the management in the position should be held accountable (Olzak, 2006). References Akdeniz, Y., Oram, A., Kelman, A., & Clarke, O. (2015). Electronic Law Journals - JILT 1997 (2) - Akdeniz et al.. Www2.warwick.ac.uk. Retrieved 26 April 2015, from http://www2.warwick.ac.uk/fac/soc/law/elj/jilt/1997_2/akdeniz/ Burgess, M. (2008). Analytical network and system administration: managing human-computer networks: John Wiley and Sons Chandra, D. V. (2009). Principles of Computer Systems and Network Management: Springer Chida, K., Kobayashi, T., Fujioka, A., Fuji, H., Miyazawa, T., & Hoshino, F. (2015). Cryptographic Techniques that Combine Data Protection and Ease of Utilization in the Cloud Computing Era | NTT Technical Review. Ntt-review.jp. Retrieved 26 April 2015,from: https://www.nttreview.jp/archive/ntttechnical.php?contents=ntr201210fa3.html Clarified, S. (2015). Does private strong encryption pose a threat to society. Scienceclarified.com. Retrieved 26 April 2015, from http://www.scienceclarified.com/dispute/Vol-2/Does-private-strong-encryption-pose-a-threat-to-society.html Institute, I. (2012). Chapter 7: The Role of Cryptography in Information Security - InfoSec Institute. InfoSec Institute. Retrieved 26 April 2015, from http://resources.infosecinstitute.com/role-of-cryptography/ Kessler, G. (2015). An Overview of Cryptography. Garykessler.net. Retrieved 26 April 2015, from http://www.garykessler.net/library/crypto.html Mason, L. (2015). Pros & Cons of Symmetric Key Cryptography | eHow. eHow. Retrieved 26 April 2015, from http://www.ehow.com/info_8724244_pros-cons-symmetric-key-cryptography.html Microsoft. (2005). Data Confidentiality. Retrieved 26 April 2015, from MSDN: http://msdn.microsoft.com/en-us/library/ff650720.aspx Mogull, R. (2005). Management Update: Use the Three Laws of Encryption to Properly Protect Data. Retrieved 26 April 2015, from Gartner: http://www.gartner.com NIST. (2001). Advanced Encryption Standard. Retrieved 26 April 2015, from NIST Computer Security Resource Center: http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf NIST. (2010). Block Cipher Modes. (N. I. Technology, Producer) Retrieved 26 April 2015, from Computer Security Resource Center: http://csrc.nist.gov/groups/ST/toolkit/BCM/index.html Oecd.org,. (2015). OECD Guidelines for Cryptography Policy - OECD. Retrieved 26 April 2015, from http://www.oecd.org/internet/ieconomy/guidelinesforcryptographypolicy.htm Olzak, T. (2006). Data Storage Security. Retrieved 26 April 2015, from Adventures in Security: http://adventuresinsecurity.com/Papers/Data_Storage_Security.pdf Ortiz, C. E. (2005). The Security and Trust Services API (SATSA) for J2ME: The Security APIs. Retrieved 26 April 2015, May, from Oracle Sun Developer Network: http://developers.sun.com/mobility/apis/articles/satsa2/ OWASP, O. (2015). Cryptographic Storage Cheat Sheet - OWASP. Owasp.org. Retrieved 26 April 2015, from https://www.owasp.org/index.php/Cryptographic_Storage_Cheat_Sheet Pezaro, N. (2015). Cryptography. Out-law.com. Retrieved 26 April 2015, from http://www.out-law.com/page-484 Rosenberg, B. (2010). Handbook of Financial Cryptography and Security: CRC Press, Rouse, M. (2015). What is asymmetric cryptography (public-key cryptography)? - Definition from WhatIs.com. SearchSecurity. Retrieved 26 April 2015, from http://searchsecurity.techtarget.com/definition/asymmetric-cryptography RSA. (2009). Securing Sensitive Data with Tokenization: An Emerging Technology. Retrieved 26 April 2015, from RSA Security Inc.: http://rsa.com SafeNet, I. (2015). Data Encryption & Crypto Management Solutions. SafeNet, Inc.. Retrieved 26 April 2015, from http://www.safenet-inc.com/data-encryption/ Segell, G. (2010). Civil-military relations after the nation-state: Glen Segell Publishers Smith, R. (2015). Understanding encryption and cryptography basics. SearchSecurity. Retrieved 26 April 2015, from http://searchsecurity.techtarget.com/Understanding-encryption-and-cryptography-basics Vormetric. (2010). Vormetric Data Security Architecture. Retrieved 26 April 2015, from Vormetric, Inc.: http://enterprise-encryption.vormetric.com/wp-vormetric-data-security-architecture.html Ye, N. (2011). Secure computer and network systems: modeling, analysis and design: John Wiley and Sons Zimmerman, P. (1994). PGP User’s Guide, Volume 1: Essential Topics. Retrieved Retrieved 26 April 2015, from Michigan State University: http://www.pa.msu.edu/reference/pgpdoc1.html#section-4 Read More