Prologue: Cryptography is an excellent art/science of protecting data from unwanted intruders by transforming the data to an unreadable format which can be brought back to the original form only by those who are authenticated to do so. This system depends vastly on a principle of key usage and is the basic underlying principle of network security. A detailed technical discussion of cryptography ,particularly from a network’s stand point provides a compelling and an up to date examination of the political and the social issues that are now inextricably intertwined with cryptography. A complete discussion of cryptography itself requires a complete book and so we touch on only the essential aspects of cryptography. It is now high time to introduce Alice and Bob who are essentially the widely accepted persons for a discussion on networks as communicators. Also ,the third party Trudy ,the intruder also has a wide role to play in hacking the discussion of the two. So the whole thread would hang about these three and the ways there adhere to secure and hack the data that is transmitted.

A First look on Terminologies Now its high time to know the basic terminologies of Cryptography. Firstly the text that we type in the human understandable format is called as the Plain Text. The plain text is then converted to a generally incomprehensive form called as the Cipher text using a technique called Encryption which usually does this, and the cipher is transmitted. Precisely a particular encoding way is chosen by a series of letters or numbers for the encryption and the decryption called as the Key. The cipher when reaches the receiver is converted back to the plain text form by the usage of a key and the technique called as Decryption or Deciphering. Ciphering and deciphering follow specified formats making them a privilege to be used by the definitions of specified algorithms for the purpose. Basically key system in cryptology is of two types: Symmetric, where ciphering and the deciphering keys are the same and Asymmetric where there is a dual key usage namely the public and the private key .Apart from this there are two ways to encrypt and decrypt itself: Stream (de)ciphering and the block (de)ciphering. In stream method the data is encrypted on a bit by bit basis whereas in the other method it is done on a Byte by Byte basis. Also one more important term here is Cryptanalysis which is the the reverse of cryptography. i.e. breaking the code and the people involved in this are cryptanalysts and the the most basic technique used by them for breaking the symmetric key code is Brute Force Attack .
Foundations of network security
Network security has a number of bases for a well defined secure communication. Though cryptography has a role to play essentially in the first three only, Let’s glance through this one by one. ➢ Confidentiality: The sender and the receiver alone must comprehend the text. This is achieved by the principles of encryption and decryption. ➢ Authentication: Both the sender and the receiver must be able to confirm that the other party with which they are communicating is indeed who or what they claim to be. This is achieved by the principle of digital signatures. ➢ Message Integrity: Even if authentication is established, if the data integrity is lost security is poor. So to ensure that the data is not altered either maliciously or accidentally cryptography along with the hash function usage guarantees message integrity. ➢ Access control: When confidentiality, authentication and message integrity are all confirmed, security perfection lacks without a proper access control and this is provided by the package filters and the application gateway using firewalls.

Time to Race Off…. Now that our engine is started ,its time we race off with the techniques in practice in cryptography. Basically the two techniques used are the symmetric and the asymmetric key techniques. Of late the Hybrid key technique has come into the picture using both the techniques above. Also digital signatures and message digests useful in authentication and nonrepudiation. Now let’s dissect all the techniques one by one. Access control could be done by firewalls and not cryptography and hence we leave with a superficial outline of the access control feature.

Confidentiality:
Symmetric key cryptography: All cryptographic techniques involve substitution of one thing for another, for example taking a piece of plain text and then computing and substituting the appropriate cipher text to create the encrypted message . Three different categories of this particular technique are ; ▪ Caesar cipher ▪ Mono alphabetic cipher ▪ Poly alphabetic cipher
To under stand the basic functioning of this technique carefully browse through this figure below [pic]

The principle behind this particular technique is that the encryption and the decryption key used are essentially the same and works assuming that the sender and the receiver (only) know this symmetric/secret key. It is usually pretty simple to cipher and decipher using this technique and hence there is lack of enough security. The figure explains data transmission: Alice encrypts the message using the agreed secret key(that is usually provided by a Key Distribution Center(KDC)or agreed upon with Bob). And Bob decodes it using the secret key again to get back the plain text.

Coming to the Cipher key mechanism which has been the oldest form of crypts was in practice since the period of Julius Caesar .Here every letter of the plain text is substituted by the letter (that is k letters later where k is a number representing the position of the alphabet, for e.g. a=1 & z=26). The disadvantage of this technique is that the key space which is the number of combinations of the keys that can be used is limited to 25 because substitution of a letter that is 26 letters later would result in the plain text again making encryption a waste. This small key space limits the security when a brute force attack(systematic trial of all possible keys) is performed. An e.g. for this is if k=3;

|PLAIN |This is Bob. |
|CIPHER |Wklv lv Ere. |

In the Mono alphabetic cipher technique a random substitution of letters for every alphabet and hence making the brute force attack delayed as it increases the key space to 26! Keys. One sample monoalphabetic key is as follows
|PLAIN |a |
|Pass phrase |CAT |
|Copied Key |CATCA TCATC |
|Key Converted to Numbers |3 1 20 3 1 20 3 1 20 3 |
|[pic] |[pic] |
|Plaintext |H E L L O W O R L D |
|Cipher text |K F G O P N R S X G |

Public key cryptography: The main disadvantage of using a secret key is that the sender and the receiver must communicate at least once about their secret key in a secure environment. In remote networks this is not possible as they do not meet even once. This gave birth to a new technique called the Public key cryptography A public key infrastructure does not require shared confidential keys to be pre-placed in order for people to communicate. Instead, each user has two related keys: a public key and a private key. As the names imply, the public key is published or stored in publicly accessible directories and the value private key is a secret, known only by the user. There is no magic involved; only the use of complex mathematics to effectively hide or make indeterminable the part of the key that must be kept secret, the private key. To use this concept in real systems, each communicant is given or generates his own public key and private key pair. Consider the figure below for a better comprehension.
[pic]
In the above figure, Alice uses Bob's public key (shown as EBob) to encrypt the session key. When Bob receives Alice's message, he decrypts it using his private key (DBob). Only Bob can read the encrypted session key since only he has the private key. Usually the notations Kb+ and Ka+ are the public keys of Bob and Alice and Kb- and Ka- are the private key of Bob and Alice .The public and private key generations is effectively done using RSA algorithm which is as follows; The RSA algorithm has two interrelated phenomena; ➢ Generation of the key pair ➢ Encryption & decryption using the key
Here's the relatively easy to understand math behind RSA public key encryption. 1. Find P and Q, two large (e.g., 1024-bit) prime numbers. 2. Compute n=pq & z=(p-1)(q-1). 3. Choose e 64) { c[0] = (char) (65+((input.charAt(x) + shift)%65)%26); } else if (input.charAt(x) < 123 && input.charAt(x) > 96) { c[0] = (char) (97+((input.charAt(x) + shift)%97)%26); } else { c[0] = input.charAt(x); } output.append(new String(c));}} return message; }
Public Key code: RSA implementation public void keyGen() { try { BigInteger p = new BigInteger(pText.getText()); BigInteger q = new BigInteger(qText.getText()); BigInteger pq = p.multiply(q); pqText.setText(pq.toString()); BigInteger o = new BigInteger("1"); BigInteger phi = pq.subtract(p).subtract(q).add(o); BigInteger e = new BigInteger(eText.getText()); dText.setText(e.modInverse(phi).toString());} catch(NumberFormatException e) { messages.setText("p, q and e must be integers");} catch(/*Arithmetic*/ Exception e) { messages.setText("e must be coprime to (p-1)(q-1)");}} public void encrypt() { BigInteger n = new BigInteger("0"); BigInteger k = new BigInteger("0"); Try { n = new BigInteger(nText.getText()); k = new BigInteger(expText.getText());} catch(NumberFormatException e) { messages.setText("n and key must be integers."); System.exit(1);} String m = new String(); for (int x = 0; x < mText.getText().length(); x++) { m += String.valueOf( (int) mText.getText().charAt(x) + 100);} BigInteger mess = new BigInteger(m); if (mess.compareTo(n) == 1) { messages.setText("Message bigger than modulus (break into smaller messages or use larger modulus)"); System.exit(1); } BigInteger c = mess.modPow(k, n); cText.setText(c.toString());} public void decrypt() { BigInteger n = new BigInteger("0"); BigInteger k = new BigInteger("0"); try {n = new BigInteger(nText.getText()); k = new BigInteger(expText.getText());} catch(NumberFormatException e) { messages.setText("n and key must be integers."); System.exit(1);} BigInteger mess = new BigInteger(cText.getText()); BigInteger c = mess.modPow(k, n); String code = c.toString(); String m = new String(); for (int x = 0; x < code.length(); x += 3) { char ch[] = new char[1]; ch[0] = (char) (Integer.parseInt(code.substring(x, x+3)) - 100); m += new String(ch);} mText.setText(m);}}
Finale:
With this Cryptography is no more a mystery. Aren’t the confusing threads unwounded? Wont this be a good start for a novice? Wouldn’t the codes be a food for the brains for the professionals? For all this the only answer we sincerely hope is YES. And now I am sure you wouldn’t be puzzled if I say “Fgzmj xnt” for a thank you.
Bibliography: Computer Networking, James.F.Kurose and Keith.W.Ross
Net references: http://www.ssh.fi/support/cryptography/index.html http://www.itsecurity.com/papers/p7.htm

[1]

-----------------------
[1]