IMPORTANCE OF CRYPTOGRAPHY AND ITS APPLICATIONS – Rishabhreddy
Cryptography is associated with the process of converting ordinary plain text into unintelligible text and vice-versa. It is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. Cryptography not only protects data from theft or alteration, but can also be used for user authentication.
- If a message is encrypted with the recipient’s public key, the message can be decrypted only with the recipient’s corresponding private key. This ensures confidentiality.
- Every transaction has a digital signature attached with it. This signature has two parts. First part of the signature is generated after applying asymmetric cryptography algorithm on the private key of the sender. This signature also uses a random factor which is unique for every transaction. The second part of the signature is the public key of the sender. Now, the miner who wants to verify the authenticity of the signature, will run a predefined mathematical equation on the two parts of the digital signature. This equation involves the verification of random factor as well. This prevents users from forging a transaction.
The definition of electronic money (also called electronic cash or digital cash) is a term that is still evolving. It includes transactions carried out electronically with a net transfer of funds from one party to another, which may be either debit or credit and can be either anonymous or identified. There are both hardware and software implementations.
Anonymous applications do not reveal the identity of the customer and are based on blind signature schemes. (Digicash’s Ecash) Identified spending schemes reveal the identity of the customer and are based on more general forms of signature schemes. Anonymous schemes are the electronic analog of cash, while identified schemes are the electronic analog of a debit or credit card. There are also some hybrid approaches where payments can be anonymous with respect to the merchant but not the bank (CyberCash credit card transactions) ; or anonymous to everyone, but traceable (a sequence of purchases can be related, but not linked directly to the spender’s identity).
Encryption is used in electronic money schemes to protect conventional transaction data like account numbers and transaction amounts, digital signatures can replace handwritten signatures or a credit-card authorizations, and public-key encryption can provide confidentiality. There are several systems that cover this range of applications, from transactions mimicking conventional paper transactions with values of several dollars and up, to various micro payment schemes that batch extremely low cost transactions into amounts that will bear the overhead of encryption and clearing the bank.
AUTHENTICATION /DIGITAL SIGNATURES :
Authentication and digital signatures are a very important application of public-key cryptography. For example, if you receive a message from me that I have encrypted with my private key and you are able to decrypt it using my public key, you should feel reasonably certain that the message did in fact come from me. If I think it necessary to keep the message secret, I may encrypt the message with my private key and then with your public key, that way only you can read the message, and you will know that the message came from me. The only requirement is that public keys are associated with their users by a trusted manner, for example a trusted directory. To address this weakness, the standards community has invented an object called a certificate. A certificate contains, the certificate issuer’s name, the name of the subject for whom the certificate is being issued, the public key of the subject, and some time stamps. You know the public key is good, because the certificate issuer has a certificate too.
Pretty Good Privacy (PGP) is a software package originally developed by Phil Zimmerman that provides encryption and authentication for e-mail and file storage applications. Zimmerman developed his freeware program using existing encryption techniques, and made it available on multiple platforms. It provides message encryption, digital signatures, data compression, and e-mail compatibility. PGP uses RSA for key transport and IDEA for bulk encryption of messages. Zimmerman ran into legal problems with RSA over his use of the RSA algorithm in his program. PGP is now available in a couple of legal forms: MIT PGP versions 2.6 and later are legal freeware for non-commercial use, and Viacrypt PGP versions 2.7 and later are legal commercial versions of the same software.
MESSAGING APPS LIKE SNAPCHAT :
Snapchat might be the trickiest messaging app, based on the functionality that makes it so popular — the immediacy and temporary status of messages sent and received. At the most basic and common method and level-of-use, users send and receive messages that are on set timers for one-time viewing before the messages are ‘deleted’ and inaccessible. SnapChat allows messages to be encrypted in-transit; however, there’s a catch. According to the tech-based site, Recode, ‘Snapchat messages are encrypted while at-rest on Snapchat’s servers (though the company has the encryption key if needed). Snaps are deleted from the servers as soon as they’re opened by the intended recipients, and Snapchat claims these delivered messages “typically cannot be retrieved from Snapchat’s servers by anyone, for any reason.” But unopened Snaps are kept on the servers for 30 days before being deleted. That means Snapchat might have to hand over unopened, private messages if required by law.’