summaryrefslogtreecommitdiff
path: root/writing/cryptography.php
diff options
context:
space:
mode:
Diffstat (limited to 'writing/cryptography.php')
-rw-r--r--writing/cryptography.php45
1 files changed, 0 insertions, 45 deletions
diff --git a/writing/cryptography.php b/writing/cryptography.php
deleted file mode 100644
index 6c36572..0000000
--- a/writing/cryptography.php
+++ /dev/null
@@ -1,45 +0,0 @@
-<?php
-$title = "Principles of Crytography for Data Security";
-require($_SERVER["DOCUMENT_ROOT"] . "/head.php");
-require($_SERVER["DOCUMENT_ROOT"] . "/header.php");
-?>
-<p>As the amount of life spent online continues to increase, a great deal of private information is naturally
- being transmitted: banking details, medical records, business correspondences. Where once these exchanges of
- data would have occured between a small set of individuals in a shared space, they now happen between
- continents, through hundreds of servers and over complex network infrastructures. It is a system that cannot
- be fully accounted for by any individual, and so the means of transmission are insecure--much like having a
- letter transmitted by a series of couriers, the data is liable to be intercepted or modified. And so both
- parties in the exchange take on a risk that may prohibit especially critical data from being sent.
- Cryptography is the study of data obfuscation--a means of making a message readable only by some. It is the
- answer to the question "when the means of transmission cannot be trusted, how can information be conveyed
- securely?</p>
-<p>There are two classes of encryption: symmetric and asymmetric. Symmetric encryption allows a message to be
- encoded and decoded with the same piece of information, or key. The ancient Caesar cipher is an example of
- this; an arbitrary number acting as the key was agreed upon by both parties, and every letter in the message
- was shifted through the alphabet by that amount. It could easily be decoded by anyone who knew the key by
- simply shifting the letters backward through the alphabet. Simple algorithms such as the Caesar cipher are
- vulnerable to various attacks due to the patterns that they create in the ciphertext. A given letter may
- always be encoded in the same way, meaning that the key could be compromised if the attacker gained access
- to the plaintext and ciphertext forms of the same message. And a message could be decrypted without the key
- by recognizing repeated patterns in the ciphertext representing common words. More advanced symmetric
- encryption methods--like the Advanced Encryption Standard (AES) algorithm, developed for the US National
- Institute of Standards and Technologies--disrupt patterns in the message to prevent these types of attacks.
-</p>
-<p>Symmetric encryption is an imperfect solution in the internet age. Because it requires both parties to know
- the same secret key, those parties must have a secure form of communication already established. In the days
- of Caesar, this key exchange could be performed confidentially by two individuals in close proximity. When
- encryption is used on the internet, it cannot be assumed that the communicating parties will have had any
- physical interactions--and it would be impractical to expect every new customer of an online banking service
- to perform a physical key exchange. Asymmetric encryption solves this problem by removing the key exchange.
- Instead of encrypting and decrypting a message with the same key, an asymmetric encryption algorithm has a
- keypair, comprising a public key, used for encrypting a message, and a private key, used for decrypting a
- message. The keys are so named because the private key is never shared, while the public key can be
- broadcast widely. </p>
-<p>Typically, it demands more processing power to encrypt and decrypt messages with an asymmetric encryption
- implementation than a comparable symmetric one. For this reason, it is desirable to use symmetric encryption
- for most communications. An asymmetric implementation such as the Rivest--Shamir--Adleman (RSA) system is
- used to perform the key exchange. One of the devices will broadcast its public RSA key to the other, which
- will respond by generating an AES key, encrypting it with that RSA key, and returning it. This method of key
- exchange is secure, even if every network packet is intercepted. Once the devices share an AES key, they can
- communicate with the more efficient symmetric encryption method.</p>
-<?php require($_SERVER["DOCUMENT_ROOT"] . "/footer.php"); ?> \ No newline at end of file
generated by cgit v1.2.3-70-g09d2 (git 2.48.1) at 2025-07-03 03:04:33 +0000