USC
About this Article
Written by: Patrick Vanderwall
Written on: December 4th, 2016
Tags: computer science, computer engineering, cryptography, lifestyle, digital security
Thumbnail by: https://thebestvpn.com//https://thebestvpn.com/
About the Author
Patrick Vanderwall was a student at USC when this article was written.
Also in this Issue
To Float or Not to Float?Written by: Sabrina Winarko
The Battle of SoundWritten by: James Bunning
The Computation of Love: Finding Your Soul Mate OnlineWritten by: Melisa Osborne
The Future of SurfingWritten by: Christian Lee
Stay Connected

Volume XVIII Issue II > Cryptography and Communication Security in a Digital Age
Symmetric-key encryption provides a very fast and efficient way for encrypting messages, but does pose a number of security flaws. The key for unlocking the message must be shared with both parties in secure fashion before the message is sent. If an attacker were to gain access to the key, they would easily be able to decipher each party’s messages. Due to its speed, symmetric-key encryption is useful for encrypting large amounts of data. The problem that symmetric key encryption faces is how to share the key in a secure way. This flaw is what led to the creation of public-key cryptography 40 years later.

Public-Key Cryptography

Unlike with symmetric-key cryptography, like its name suggests, public-key cryptography uses a public key for encrypting data (Fig. 3). In a public-key encryption system, each communicating party has a pair of keys. The public key, used for encrypting messages, can be distributed to anyone, while the user’s private key must be kept a secret. In this system, if party A wanted to send a secure message to party B, party A would first encrypt their message using party B’s public key. The only way to decrypt a message which uses party B’s public key is by using B’s private key [2].
www.tutorialspoint.c​om/www.tutorialspoin​t.com
Figure 3: Step by step process of public-key encryption demonstrating the use of different keys during the encryption/decryptio​n phases [6].
An example of public-key cryptography is its use in Transport Layer Security (TLS). TLS provides privacy and data integrity between a client (e.g. your web browser) and a server (e.g. amazon.com). When connected to the internet using TLS, data is encrypted using symmetric-key cryptography before being sent. The client and server agree on which key to use before any data is transmitted. The identity of the two communicating parties is then authenticated using public-key cryptography [7]. You can see when TLS is being used by looking at the address bar in your web browser. If you see the web address starts with “https,” you know your information is most likely secure.
Encryption methods such as symmetric or public key cryptography are designed to be provably secure. That is to say, the cryptographic algorithm can be mathematically proven to resist certain types of attacks. The security of an algorithm is usually based off a number of assumptions about the attacker’s ability. It is assumed that the attacker does not possess unlimited computational power, and that certain underlying assumptions in mathematics remain to be true. One of the most widely used public-key cryptographic algorithms, RSA, is based off of the idea that computing the prime factors of large integers is infeasible. Therefore, when calculating the security of RSA, it is presumed that the attacker is incapable of doing such a task.

Future of Cryptography and Encryption

Cryptography is constantly trying to stay ahead of attackers in order to provide a secure way of transferring data. As computers become more powerful, cryptographic algorithms must be complex enough to make brute force decryption attempts unfeasible. Quantum cryptography has been suggested as a solution to the security risk of sharing the key in symmetric-key cryptography. Quantum mechanics can be used to generate a key to encrypt data, just like with normal computing. But unlike with typical encryption keys, measuring a quantum system disturbs the system. If an attacker tries to read the key while it is being generated the system will abort its communication attempts [8]. This theoretically provides unconditional security in communication, as symmetric keys can be shared without fear of being intercepted by a hacker. Quantum computers and quantum cryptography are still in research development; it will take many years before quantum technology sees widespread use. As quantum computers move closer to becoming a technological reality, the future of cryptography is headed towards creating systems that are resistant to attacks by quantum computers.

Conclusion

It is easy to overlook cryptography’s impact on keeping our information secure. Not too long ago, in the “dark ages,” consumers were unable to purchase goods online or check their bank statements from their home computer. With the introduction of more advanced cryptography and security protocols such as HTTP, the World Wide Web has become a much safer place for providing sensitive information. It may be some time before cryptography provides unconditional security; however, the field of cryptography has made great strides in creating secure communication methods over the last several decades. E-commerce websites, cell-phones, credit cards, and password security innovation have flourished with cryptography. Only time will tell what new inventions cryptography will give rise to.

References

    • [1] B. M. Metzger and M. D. Coogan, The Oxford companion to the bible. Oxford [etc.]: Oxford University Press, 2004.
    • [2] S. Vaudenay, A classical introduction to Cryptography: Applications for communications security. New York: Springer-Verlag New York, 2005
    • [3] P. Thorsteinson and G. A. G. Ganesh, .NET security and cryptography. United States: Prentice Hall PTR, 2003.
    • [4] H. Delfs and H. Knebl, Introduction to cryptography: Principles and applications, 3rd ed. 2015.
    • [5] K. Krishnan, "SFWR 4C03: Computer Networks and Computer Security," in North Carolina State University, 2004. [Online]. <http://www4.ncsu.ed​u/~kksivara/sfwr4c03​/lectures/lecture9.p​df>.
    • [6] "Public key Encryption," www.tutorialspoint.c​om, 2016. [Online]. Available: http://www.tutorials​point.com/cryptograp​hy/public_key_encryp​tion.htm. Accessed: Sep. 7, 2016.
    • [7] T. Dierks, "The transport layer security (TLS) protocol version 1.2," 2008. [Online]. Available: https://tools.ietf.o​rg/html/rfc5246. Accessed: Sep. 8, 2016.
    • [8] H.-K. Lo, M. Curty, and K. Tamaki, "Secure quantum key distribution," Nature Photonics, vol. 8, no. 8, pp. 595–604, Jul. 2014.