One of the most important parts of keeping information confidential is cryptography.
In the encryption process, we convert the original "open" readable message into ciphertext.
Depending on the algorithm used, the resulting text should be meaningless or directly unreadable to
a subject who does not know the auxiliary information to decrypt it. This process is carried out according to predefined
rules or by means of a chosen algorithm. An example of the resulting encryption product may be a random
mixture of numbers, letters, words or nonsense sentences.
This subcategory of cryptology deals with the overall view of data encryption, also under this category we include reverse decryption. It also examines the security of the encryption algorithms used or the overall security of encryption systems. An essential part of this is the design of encryption and decryption keys used in encryption algorithms and their possible internal calculations.
This subcategory of cryptology deals with the overall view of data encryption, also under this category we include reverse decryption. It also examines the security of the encryption algorithms used or the overall security of encryption systems. An essential part of this is the design of encryption and decryption keys used in encryption algorithms and their possible internal calculations.
When using a symmetric algorithm, a key is used that is identical for encryption and
decryption. This variant is simple, but if the key is leaked in one transmitted
ciphertext, the rest of the ciphertext where the key is used will be in danger of data leak.
Typical use of this type of key can be found in block ciphers, as well as in substitution ciphers and transposition ciphers. This block cipher uses an implementation of the Feistel function. Uses can be found for example in the DES (Data Encryption Standard) algorithm.
The advantage of DES is the possibility of using "avalanche" effect, where a large change occurs in the ciphertext when editing the open text. Using DES is not very secure, it is better to use its replacement called AES. Symmetric algorithms are more suitable for archiving confidential information without sending it to second entity.
Typical use of this type of key can be found in block ciphers, as well as in substitution ciphers and transposition ciphers. This block cipher uses an implementation of the Feistel function. Uses can be found for example in the DES (Data Encryption Standard) algorithm.
The advantage of DES is the possibility of using "avalanche" effect, where a large change occurs in the ciphertext when editing the open text. Using DES is not very secure, it is better to use its replacement called AES. Symmetric algorithms are more suitable for archiving confidential information without sending it to second entity.
The term asymmetric algorithm hides the use of two different keys. Both keys have their
specific task and cannot be used for anything else. We use the encryption key (public) and also
a different key for decryption (private).
To communicate with the recipient, it is then necessary to hand over the private key in a closed line to prevent leakage of the information. This matter is now taken care of by modern algorithms. A prime example is the RSA algorithm and digital signature security.
To achieve asymmetric encryption, three basic conditions must be met. The first condition is the aforementioned use of two different keys. The second condition is to ensure that the ciphertext cannot be extracted from the original text even with knowledge of the public key. The third and last necessary condition is the "uncomputability" of the private key. This property is achieved by using a one-sided function.
To communicate with the recipient, it is then necessary to hand over the private key in a closed line to prevent leakage of the information. This matter is now taken care of by modern algorithms. A prime example is the RSA algorithm and digital signature security.
To achieve asymmetric encryption, three basic conditions must be met. The first condition is the aforementioned use of two different keys. The second condition is to ensure that the ciphertext cannot be extracted from the original text even with knowledge of the public key. The third and last necessary condition is the "uncomputability" of the private key. This property is achieved by using a one-sided function.
Advanced encryption is currently used
wherever personal or secret information needs to be kept confidential. An example of this would be passwords
stored in databases.
Another example is network protocols such as TLS and SSL, which ensure that communication between the client and the server is secure. This part is mainly visible in web browsers thanks to the well-known HTTPS and the iconic padlock next to the text field with the address. The use of cryptography is also important in the field of mobile payments or the creation of digital signatures.
Another example is network protocols such as TLS and SSL, which ensure that communication between the client and the server is secure. This part is mainly visible in web browsers thanks to the well-known HTTPS and the iconic padlock next to the text field with the address. The use of cryptography is also important in the field of mobile payments or the creation of digital signatures.
To explain cryptographic protocols, we need
define the word "protocol" and understand its meaning. A protocol is a set of rules and instructions
specifying how a system should behave and react in a certain situation. Protocols are
used everywhere in information technology.
A cryptographic protocol is one that provides secure communication between devices on a network. Its tasks are, for example, to ensure agreement on private and public keys, to ensure secure connections, encrypting communications with a symmetric algorithm. It is composed of smaller units so-called "cryptographic primitives", which are always aimed at performing one specific thing.
Cryptographic primitives are cryptographic algorithms specifically designed to build cryptographic protocol and are highly reliable due to their single-task focus. If these elements are vulnerable, all protocols that use the vulnerable primitives are at risk.
The best known and most used cryptographic protocols are SSL, TLS, SSH.
A cryptographic protocol is one that provides secure communication between devices on a network. Its tasks are, for example, to ensure agreement on private and public keys, to ensure secure connections, encrypting communications with a symmetric algorithm. It is composed of smaller units so-called "cryptographic primitives", which are always aimed at performing one specific thing.
Cryptographic primitives are cryptographic algorithms specifically designed to build cryptographic protocol and are highly reliable due to their single-task focus. If these elements are vulnerable, all protocols that use the vulnerable primitives are at risk.
The best known and most used cryptographic protocols are SSL, TLS, SSH.
In the field of cryptology, the best known are
cryptographic protocols Secure Socket Layer (SSL) and Transport Layer Security (TLS). They were created
to ensure secure and encrypted communication on the network. These protocols focus on
authentication of both devices and subsequent encrypted transmissions at the application layer.
Currently, SSL is marked as "obsolete" and is being replaced by a newer version called TLS, which has the vulnerabilities from the original SSL fixed. If a client wants to encrypt their traffic with this protocol, it must be specified to the server. The easiest way to achieve this communication is by using the specified port. An example is https on port 443.
The communication takes place in several steps. The first step is the "handshake", which is the step in which the client asks the server for a secure connection and agrees on the parameters for the session, specifically the encryption keys and the use of the encryption algorithm. This process uses asymmetric encryption, but further communication is done using symmetric algorithms.
In the first step, the server also sends its SSL/TLS certificate to the client, which then authenticates it. After authentication and successful completion of the handshake phase, the secure connection is initiated.
Currently, SSL is marked as "obsolete" and is being replaced by a newer version called TLS, which has the vulnerabilities from the original SSL fixed. If a client wants to encrypt their traffic with this protocol, it must be specified to the server. The easiest way to achieve this communication is by using the specified port. An example is https on port 443.
The communication takes place in several steps. The first step is the "handshake", which is the step in which the client asks the server for a secure connection and agrees on the parameters for the session, specifically the encryption keys and the use of the encryption algorithm. This process uses asymmetric encryption, but further communication is done using symmetric algorithms.
In the first step, the server also sends its SSL/TLS certificate to the client, which then authenticates it. After authentication and successful completion of the handshake phase, the secure connection is initiated.
SSL/TLS certificates are an option to verify security
connection to the server. These certificates enable encryption of HTTP traffic, which manifests itself in the familiar
HTTPS prefix and a lock icon in web browsers. The generated certificate contains
domain name, organization name, certificate issuer name, date issued, expiration date,
digital signature and public key. It may also contain any subdomains.
At connecting to the server under an encrypted port, this certificate is sent to the client at the "handshake" phase. The client verifies the received certificate on the issuer side before further communication. This check ensures that the server is who it claims to be. If the certificate is valid and its verification on the issuer's side as well, then it proceeds to the next communication otherwise it terminates handshake and connection.
At connecting to the server under an encrypted port, this certificate is sent to the client at the "handshake" phase. The client verifies the received certificate on the issuer side before further communication. This check ensures that the server is who it claims to be. If the certificate is valid and its verification on the issuer's side as well, then it proceeds to the next communication otherwise it terminates handshake and connection.
Symmetric algorithms
In this section you can try converting text from its original plain form to encrypted form by using one key.
Asymmetric algorithms
In this section you can try converting text from its original plain form to encrypted form by using two keys.
Other algorithms
Other algorithms implement key encryption and secure
exchange with the counterparty - so that it cannot be misused in transit. Most of these systems
do not deal with message encryption per se.
Due to complex implementation (and old php version), no additional algorithms are added to
text conversion as with the symmetric algorithms.
Comparison of encryption algorithms
This section contains a table comparing the speed of each algorithm based on encryption
a small text file (0.5 MB) and
a large text file (5 MB)
Encryption in practice
In this section you can access two database tables. Both tables show how is important to work with encrypted data in the case of a database leak.
Table without password encryption
| ID | Nickname | Password | Message |
|---|
Table with password encryption - Blowfish
| ID | Nickname | Password | Message |
|---|