What is Cryptography ?

Cryptography is the science of information security. It is closely related to the disciplines of cryptology (it is the mathematics, such as a number theory and the application of formulas and algorithms) and cryptanalysis (it refers to the study of ciphers, ciphertext with a view to finding weakness in them that will permit retrieval of the plain text from the ciphertext, without necessarily knowing the key or the algorithms). Crypttogarphy  includes techniques such as microdots, merging words with images, and other ways to hide information in storage or transmit. However, cryptography is most often associated with scrambling plain text (ordinary text) into ciphertext (a process called encryption), then back again (known as decryption). Individuals who practice this field are known as cryptographers.
Cryptographic techniques allow a sender to disguise data so that an intruder can gain no information from the intercepted data. Cryptography involves two corresponding process. These processes are described as under::

(a) Encryption : It is the process of taking data and modifying it so that it can not read by untrusted users.

(b) Decryption : It is the process of taking encrypted data and rendering it readable for trusted users.

Encryption and decryption are performed using algorithms and keys. An algorithm, a series of mathmetical steps that scrambles data, is the underlying mathmetical process behind encryption. There are a variety of cryptographic algorithms that have been developed based on different mathmetical process. Some algorithms result in stronger encryption than others--the stronger the algorithm, the more difficult the encrypted data is to crack.

Traditional cryptography (secret key cryptography or symmetric cryptography) involves a private or secret key that was shared by the individuals involved in the transmission. The key is a mathematical entity that the sender can use to encrypt a message and the receiver can use to decrypt it. The main problem with this type of cryptography is that how to owner of the key can securely transmit the key. In other words, the main problem is one of key management -- how to create, store, and transmit the key to those who will need it to decrypt messages sent to them.

There are two types of symmetric algorithms. These are :

(a) Stream Algorithm :  This algorithm works on one bit or byte at a time.

(b) Block Algoriththm : This algorithm works on large block of data (typically 64 bits). The drawback to   this type of system is that if the key is discovered, all message can be decrypted.


Public key Cryptography solves this problem by creating a set of two different keys for anyone needing to transmit encrypted information. A precise mathematical relationship exists between the two keys, which together are called a key pair. Both keys are produced at the same time using algorithm. As a result, when either one of the two keys is used to encrypt a message, the other can be used to decrypt it.

The two keys in a key pair are as follows :

(a) Private key  ::-:: A private key is known only to the owner (or the owner's client program)

(b) Public key ::-:: A public key is distributed to any user (or to any client program) who requests it. Because the public and private keys are related mathematically, someone could take another person's public key, perform complex mathematical calculations on it, and extract the corresponding private key. Therefore, use keys sufficiently long and with a sufficiently complex mathematical relationship so that it is all but impossible to extract the private key from the public one.
once a key pair is generated for someone, that person can use it to encrypt messages and digitally sign messages so that the recipient can be sure of the identity of the sender.

The whole public key cryptography system is founded on trust. all persons who are issued key pairs must trust the third party authority who provided the key pairs. This trusted authority is called a cirtificate authority (CA). Someone who wants to obtain a key pair from a CA must cantact the CA and present proof of identity. This could involve a face-to-face meeting, examination of a driver's license with photograph, or some other method of establishing a user's identity.