The Role of Cryptography in Information Security

Previous page
Table of content
Next page

Cryptography can be used to achieve several goals of information security, including confidentiality, integrity, and authentication.

  • Confidentiality: First, cryptography protects the confidentiality (or secrecy) of information. Even when the transmission or storage medium has been compromised, the encrypted information is practically useless to unauthorized persons without the proper keys for decryption.

  • Integrity: Cryptography can also be used to ensure the integrity (or accuracy) of information through the use of hashing algorithms and message digests.

  • Authentication: Finally, cryptography can be used for authentication

(and non-repudiation) services through digital signatures, digital certificates, or a Public Key Infrastructure (PKI).

image from book
A brief history of cryptography

Cryptography dates back over 4,000 years to the ancient Egyptians when hieroglyphs were used not to protect messages but to add mystique.

Around 400 B.C., the Spartans began using a military cryptography system known as the scytale. This consisted of a strip of parchment wrapped around a wooden rod of a specified secret length and diameter. The message to be encoded was written on the strip of parchment vertically down the rod and then unwrapped and sent by messenger to the intended recipient. The recipient had an identical rod to wrap the strip of parchment around and decode the message.

Around 50 B.C., Julius Caesar used a substitution cipher to transmit secret messages. This system involved substituting letters of the message with other letters from the same alphabet. For example, a simple encryption scheme may have required the sender to shift each letter three spaces to the right: that is, A=D, B=E, C=F, and so on. The recipient would then shift the letters three spaces to the left to obtain the message.

This system, which used only a single alphabet to encrypt and decrypt an entire message, is known as a monoalphabetic substitution. This system was particularly effective because most of the population was illiterate at the time.

In the 15th century, a cryptographic system utilizing concentric disks to provide substitution was used in Italy. In 1790, Thomas Jefferson invented an encryption device using a stack of 26 individually rotating disks. The Japanese Purple Machine and German Enigma Machine are two examples of cryptographic devices used successfully during World War II - at least, until the codes were cracked. More recently, Quaker Oats developed the Cap’n Crunch Magic Decoder Ring for encrypting and decrypting simple messages.

image from book

 Warning   Don’t confuse these three points this with the C-I-A triad, which we discuss in Chapter 6: The C-I-A triad deals with confidentiality, integrity, and availability; cryptography does nothing to ensure availability.



Previous page
Table of content
Next page
CISSP For Dummies
CISSP For Dummies
ISBN: 0470537914
EAN: 2147483647
Year: 2004
Pages: 242
Authors: Lawrence C. Miller, Peter H. Gregory CISA CISSP
BUY ON AMAZON
Project Management JumpStart
Introducing Microsoft Office InfoPath 2003 (Bpg-Other)
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
Systematic Software Testing (Artech House Computer Library)
Java How to Program (6th Edition) (How to Program (Deitel))
Postfix: The Definitive Guide
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy