# 117 - 15.1 About Cryptography

 Team-Fly

 Oracle Security By William Heney, Marlene Theriault Table of Contents Chapter 15.  Using the Oracle Security Server

Years ago, there was a television show that offered a special decoder ring you could send away for. Each week, there would be another secret message you could decode using your ring. You had to know where the starting point for decoding was but, once you knew where to start, you could decode any message that was sent. You could even send coded messages to your friends and receive messages from them. That decoder ring used a simple form of cryptography. Today's highly secure systems obviously use more complex forms of cryptography to protect their messages and file, but the basic principles are the same.

#### 15.1.1 A Simple Code

The code used by the decoder ring was a very simple letter substitution cipher. Even if you did not have the ring, you could decipher the code by listing the alphabet and building your own decoder ring key. For example, if the television host said to "start with M" for the first letter of the message, you would list out your alphabet starting with the letter "M" like this:

` M N O P Q R S T U V W X Y Z A B C D E F G H I J K L `

Below the letters listed, you would write another alphabet starting with "A" like this:

` M N O P Q R S T U V W X Y Z A B C D E F G H I J K L  A B C D E F G H I J K L M N O P Q R S T U V W X Y Z `

The message which was presented could now be deciphered. Presented with the message:

` NDUZS TQXB. UY MF FTQ AW OADDM. `

and looking at the key, you could determine that the hero was at the OK Corral and needed help. Obviously, a code as simple as this is easily broken, but it illustrates the basics of how encryption and decryption work.

#### 15.1.2 Algorithms, Plaintext, and Ciphertext

More complicated forms of cryptography use an algorithm a method or procedure for completing a specific task and one or more keys for the encryption and decryption of data stored on and transmitted via secure systems in the computer world. When you want to transcribe data into a coded form (encode), a computer program (which can be an implementation of an algorithm) is called and one or more parameters are passed to the program as keys . The algorithm, along with the key or keys, is applied to a readable text message, sometimes referred to as plaintext . This procedure, which is referred to as encryption , produces a coded or ciphertext output. Likewise, if a ciphertext message is presented to the algorithm, along with the appropriate key or keys, the message can be translated into plaintext. This procedure is referred to as decryption .

Thus, each encryption and decryption requires:

• An algorithm used to convert messages to and from ciphertext

• A ciphertext or plaintext message

• One or more keys to be passed as parameters to the algorithm

If one or more of these elements is missing, a message cannot easily be encrypted or decrypted. For example, if a person has the ciphertext file and the algorithm but no keys, the ciphertext cannot easily be decrypted into a plaintext message.

Figure 15.1 shows an example of simple encryption and decryption.

##### Figure 15.1. Simple encryption and decryption

 Team-Fly
 Top

Oracle Security Handbook : Implement a Sound Security Plan in Your Oracle Environment
ISBN: 0072133252
EAN: 2147483647
Year: 1998
Pages: 154