Difference between revisions of "Encryption Project Description"

From CSEP590TU
Jump to: navigation, search
(Project Description)
Line 9: Line 9:
  
 
== Project Description ==
 
== Project Description ==
Information secuirty has played a critical role in protecting national secrets, strategies and communications for many thousands of years.  Whenever a communication medium, such as paper-based message passing, radio transmissions, or digital information can be observed by an advesary, such as a foreign government, and the value of the information is high, information security has been critical to safeguarding the information.  Cryptography, the process of scrambling ordinary text into a cipher text with encryption techniques and decrypting the transmitted message, is one means of achieving information security and has been in use for thousands of years.  Julius Caesar used a simple substitution cipher to transpose the letters of the alphabet by three positions in 50 BC.  <!-- more examples -->.  The digital age has lowered, or eliminated, the cost for duplicating, transmitting or altering information and the encryption techniques used to ensure privacy, data integrity, authentication and other tenents of information security have evolved as well.
+
Information secuirty has played a critical role in protecting national secrets, strategies and communications for many thousands of years.  Whenever a communication medium, such as paper-based message passing, radio transmissions, or digital information can be observed by an advesary, such as a foreign government, and the value of the information is high, information security has been critical to safeguarding the information.  Cryptography, the process of scrambling ordinary text into a cipher text with encryption techniques and decrypting the transmitted message, is one means of achieving information security and has been in use for thousands of years.  Julius Caesar used a simple substitution cipher to transpose the letters of the alphabet by three positions in 50 BC.  ''more examples.'' The digital age has lowered, or eliminated, the cost for duplicating, transmitting or altering information and the encryption techniques used to ensure privacy, data integrity, authentication and other tenents of information security have evolved as well.
  
History has shown that adversaries can obtain transmitted cipher text. It is this realization that has lead the modern cryptographic/security community to make the fundamental assumption that adversaries are given cipher texts. Even further, they make the assumption that the encryption schemes which produce the cipher text are possessed by the adversary, leaving the security of the scheme to encryption keys (public, private, or both).
+
In most applications of cryptography, the transmitted cipher text is readily available.  In the early 20th century, encrypted messages were sent via radio making it possible for any listener to intercept the text.  Similarly, any knowledgable listener can intercept internet traffic and capture the cipher text. In almost every instance, cryptography is required because of unsecured communications channels that can be passivly or actively listened to be adversaries.  In addition there is little security through algorithmic obscurity.  History has shown that maintaining the secrecy of an encryption algorithm to be very difficult.  The modern cryptographic and security communities now assume that an adversary is given cipher texts and the encryption schemes that produce the cipher text.
  
Although most of the cryptographic community is highly skilled and trained to understand these fundamental assumptions which translate into more secure schemes, many of these people are not the ones applying the encryption schemes to cyber security in industry. Even when there were highly skilled personnel coming up with the encryption schemes, the use of these schemes was carried out by military and government officials that used the schemes in such ways that exposed the underlying keys to the enemies. In modern days, we have a similar situation, however the people participating are different. Industry personnel are mostly unfamiliar with cryptography concepts and may apply encryption schemes in the wrong way and comprimise security. Even with an encryption scheme that is secure against all attacks, incorrect application can render it insecure.  
+
Although most of the cryptographic community is highly skilled and trained to understand these fundamental assumptions which translate into more secure schemes, many of these people are not the ones applying the encryption schemes. Even when there were highly skilled personnel coming up with the encryption schemes, the use of these schemes was carried out by military and government officials that used the schemes in such ways that exposed the underlying keys to the enemy. In modern days, we have a similar situation, however the people participating are different. Industry personnel are mostly unfamiliar with cryptography concepts and may apply encryption schemes in the wrong way and comprimise security. Even with an encryption scheme that is secure against all attacks, incorrect application can render it insecure.  
  
 
Further, government policy places many restrictions on encryptions standards and implementations, such that many companies and consumers are unable to use the strongest encryption methods. This causes a heterogeneous pool of encryption schemes used across many applications, which although good for security purposes, disables implementors to learn a common encryption model that would prevent them from using encryption incorrectly.
 
Further, government policy places many restrictions on encryptions standards and implementations, such that many companies and consumers are unable to use the strongest encryption methods. This causes a heterogeneous pool of encryption schemes used across many applications, which although good for security purposes, disables implementors to learn a common encryption model that would prevent them from using encryption incorrectly.

Revision as of 07:23, 8 November 2004

A Survery on the Use of Encryption and Encryption Schemes

Team Members

Project Description

Information secuirty has played a critical role in protecting national secrets, strategies and communications for many thousands of years. Whenever a communication medium, such as paper-based message passing, radio transmissions, or digital information can be observed by an advesary, such as a foreign government, and the value of the information is high, information security has been critical to safeguarding the information. Cryptography, the process of scrambling ordinary text into a cipher text with encryption techniques and decrypting the transmitted message, is one means of achieving information security and has been in use for thousands of years. Julius Caesar used a simple substitution cipher to transpose the letters of the alphabet by three positions in 50 BC. more examples. The digital age has lowered, or eliminated, the cost for duplicating, transmitting or altering information and the encryption techniques used to ensure privacy, data integrity, authentication and other tenents of information security have evolved as well.

In most applications of cryptography, the transmitted cipher text is readily available. In the early 20th century, encrypted messages were sent via radio making it possible for any listener to intercept the text. Similarly, any knowledgable listener can intercept internet traffic and capture the cipher text. In almost every instance, cryptography is required because of unsecured communications channels that can be passivly or actively listened to be adversaries. In addition there is little security through algorithmic obscurity. History has shown that maintaining the secrecy of an encryption algorithm to be very difficult. The modern cryptographic and security communities now assume that an adversary is given cipher texts and the encryption schemes that produce the cipher text.

Although most of the cryptographic community is highly skilled and trained to understand these fundamental assumptions which translate into more secure schemes, many of these people are not the ones applying the encryption schemes. Even when there were highly skilled personnel coming up with the encryption schemes, the use of these schemes was carried out by military and government officials that used the schemes in such ways that exposed the underlying keys to the enemy. In modern days, we have a similar situation, however the people participating are different. Industry personnel are mostly unfamiliar with cryptography concepts and may apply encryption schemes in the wrong way and comprimise security. Even with an encryption scheme that is secure against all attacks, incorrect application can render it insecure.

Further, government policy places many restrictions on encryptions standards and implementations, such that many companies and consumers are unable to use the strongest encryption methods. This causes a heterogeneous pool of encryption schemes used across many applications, which although good for security purposes, disables implementors to learn a common encryption model that would prevent them from using encryption incorrectly.

This project will discuss the history of encryption from Room 40 to RSA, and will point out the key events which led to the formulation of the current structure of encryption and possibly a hypothesis as to how the evolution of this structure will continue in the future.


http://cse.unl.edu/~bholley/Cypher%20Tutorial.html

Retrieved from "http://cubist.cs.washington.edu/CSEP590TU-wiki/index.php?title=Encryption_Project_Description&oldid=1623"