Can you please do Part Two: (Presentation) and the topic is Cryptography (Keys, RSA, and DSE). This presentation should explain Cryptography (Keys, RSA, and DSE) in detail and be technical. Please include atleast 1 figures, diagrams, charts or tables in each slide. I will need to present this to my class and explain what cryptography is so if you can, please start it with basics and then go into technical details.
Cryptography (Keys, RSA and DSE)
Abstract
Cryptography is a crucial process for data protection over various organization networks. It is also applied in the protection of both hardware and software. Sensing and receiving messages or data over the network has become a risky approach due to the advancement in technology which increases the vulnerability of the systems to attacks. The use of cryptographic algorithms has aided in reducing the attacks by hiding the information and data from malicious people. There are several cryptographic keys that are applied in the protection of data. This research discussed the integration of cryptography in the protection of the organization’s infrastructure such as cloud computing.
Introduction
The advancement of technology has raised serious concerns about the security of organization systems. The increase in cyber-related cases has also made organizations to invest in security apparatus to protect their systems. The new developments such as cloud computing and sharing of data over the network have led to increasing of the vulnerabilities of the systems (Yamuna and Priya, 2015 p. 6758). Cloud provides the best mechanisms for sharing data within the organization. The security of the cloud is a major concern by organizations because it houses critical data.
It is the responsibility of the organization to secure all the data on the network and especially customer data. Cryptography is one of the ways of securing data and information from possible attacks/hacking. According to Yamuna and Priya (2015), security is critical for the cloud computing platform in an organization because it contains sensitive and important data. Therefore, cryptography is hiding of information from unauthorized users using three major methods which are keys, RSA and DSE. Cryptography ensures that the message is securely transmitted on the network and free from unauthorized users. Cryptography utilizes the algorithms that enable masking of important messages from unauthorized users.
Cryptography Algorithms
Organizations employ different cryptographic techniques to protect data or information over the network. According to Yamuna and Priya (2015), the most common types of cryptographic algorithms are the key cryptographic algorithms, the RSA algorithm and the DSE algorithm. The key cryptography involves two different approaches which are encryption and decryption using a common key known by both the sender and the receiver. The method is used in protecting sensitive data over the network and others also applied in other technologies such as clouding computing within an organization.
RSA utilizes two different keys. The most common ones include the public-key encryption and the private decryption keys. The RSA ensures that data is authenticated which suggests that it can only be used by authorized individuals (Jayapandian, Rahman, Radhikadevi & Koushikaa, 2016 p. 2). The operations of the RSA algorithm are mainly based on digital signatures of small data blocks. The three major steps involved in RSA include the key generation, encryption and decryption. Key generation includes both the public and private keys while encryption is keeping the information as a secret that can only be used by intended users. Decryption includes the process of revealing/recovering the original message. The process is done using the decryption keys. RSA is applied in enhancing the authentication and the security of the data in an organization. The DES/DSE data encryption method that utilizes the same key for both the decryption and encryption process (Jayapandian et al., 2016 p. 3). Both the sender and the user must be aware of the same secret key. – UAE Best Dissertation Writing Help Service
The Advanced Encryption Standard (AES) approach is commonly applied in the algorithm and involves the use of the block cypher. The process entails that both the algorithm and the encrypted key are applied simultaneously, and the process is done bit by bit. The cryptography algorithm plays key roles in securing the message transmitted across the network. The algorithms ensure that no unauthorized users can access the message thereby preventing the possibility of attacks. Organizations have integrated the methods in their security systems to help in reducing most of the cybercrime cases or the possibility of the attacks (Hossain, Hossain, Uddin & Imtiaz, 2016 p. 12). Understating the application of the cryptography in strengthening the security requires proper understanding of the mechanisms and the operations of the algorithms.
Figure 1: Representation of Cryptographic System (Yamuna & Priya, 2015)
Principles of Organizational Information Security/Cryptography
An organization has security principles that are followed while implementing the solution or integrating security in the organization system. The principles include privacy or confidentiality, authentication and non-repudiation (Forouzan & Mukhopadhyay, 2015 p. 12). The privacy and confidentiality ensure the information is read by the intended user and no other party. Organizations focusing on ensuring that confidentiality is maintained by employing cryptography techniques. The techniques help in securing information and keeping it safe from access by other parties.
According to Forouzan and Mukhopadhyay (2015) authentication is the process of verifying the identities of both the sender and the receiver before integrating cryptography in the system. Identification of both the sender and the user is critical in securing the information over the network. This is because it shields information from reaching the unauthorized individuals/parties. The aim of the cryptography is to solve the security issues that increase the vulnerabilities of the network which eventually results in attacks of the system. On the other hand, non-repudiation is used in ensuring that the sender is the real person that sent the message and the feedback is provided by the receiver. Both the sender and the receiver cannot deny the message that is transmitted over the network. The others are integrity and availability. The integrity provides the authority to the intended parties to modify the computer assets and the message that is transmitted. The examples of modifications are writing, deleting, and changing status among others. Availability outlines that the information should be available to the users when needed. According to Forouzan and Mukhopadhyay (2015), one of the main goals of organizations is to ensure the availability of information. The security principles are important in outlining the procedures for the application of the security systems.
Cryptography and Cyber Security
The manager of an organization should assess the security needs of an organization and identify the security requirements as well as satisfying the requirements. Therefore the manager should understand the security attacks, security mechanism and security service. According to Stallings (2013), security attacks include all activities that are likely to compromise the safety of information held by an organization within its networks. The security mechanisms define the apparatus that are available for detecting, preventing or helps in recovering from the security attacks.
Security services are used to enhance data safety, especially within the transfer and the processing systems. Stallings (2013) indicates that the system should be secured to reduce the possibility of attacks such as the passive attacks, active attacks, and denial of service. Passive attacks occur due to the nature of eavesdropping or during the process of monitoring of the system. The attacks are designed to illegally obtain information that is transmitted across a given network. Active attacks usually result in the modification of the data stream which eventually alters the authenticity of the data. Such kind of attacks is grouped as masquerade, replay and denial of service (Stallings, 2013 p. 34). The application of cryptography can be applied to reduce such kind of attacks on the network.
There are several attacks associated with the RSA algorithm. Smart (2015) indicates that such attacks include protocol attacks, mathematical attacks, and side-channel attacks. The protocol attacks are as a result of the weaknesses of the RSA algorithm. Such kind of attacks can be avoided by using the padding approach. The RSA algorithms should be used appropriately by following the right standards and guidelines. The mathematical attacks are as a result of the weaknesses of the mathematical algorithm. These types of attacks can be avoided by using a more advanced algorithm. The side-channel attacks are due to the leakage of the primary key through channels such as power consumption and the timing behaviour (Smart, 2015 p. 165). An attacker should have direct access to RSA implementation for execution.
Cryptography and Information Security
Cryptography is implemented in an organization to enhance the security of information. The algorithms are used in the protection of data over the network and the protection of hardware and software. The DES algorithm can be implemented to run in the hardware and software by embedding them in the desktops or microprocessors such as the smart cards (Paar, Pelzl & Preneel, 2014 p. 3). For instance, the small S-boxes used in DES works well in software systems. Several methods have been outlined for accelerating the DES software implementation. Such methods include the use of tables with pre-computed values or using the slicing method.
DES can also be implemented on the hardware systems using permutations such as the E, P, IP and IP-1 (Paar, Pelzl & Preneel, 2014 p. 6). The algorithm works well in the hardware as compared to the software. The process of implementation follows the use of wiring but no logic. The S-boxes can be easily resized in the hardware of the computer and implemented using Boolean logic or logic gates. The methods are efficient in protecting the systems against possible attacks. According to Paar, Pelzl and Preneel (2014), the RSA algorithm can be implemented in the software and hardware of the systems by the use of the public-key algorithm. The algorithm utilizes RSA modulus, for instance, an RSA-2048. The method is critical in the protection of the data stored in the hardware systems and prevention of the software from attacks.
The security of the information is also enhanced on the network by the use of the cryptography. The cryptography takes to control the information transmitted over the network by the use of the algorithms. The method ensures that the information is safe and exchanged between the sender and the receiver without any attacks. The encryption/decryption approach is critical in ensuring that is hidden from the unauthorized users.
Figure 2: Representation of Secrete Cryptography (Stallings, 2013)
The use of public-key cryptography is to enhance secure communication between the parties in on the network. The communication party has a pair of keys for securing the message. The information is securely transmitted over the network by the use of the keys.
Figure 3: Public Key Cryptography (Stallings, 2013)
The role of cryptography to information security is to ensure confidentiality, integrity and authentication of the information (Stinson & Paterson, 2019). Cryptography is used in protecting the information by the use of specific keys in the event of an attack. The integrity is promoted by the use of algorithms for hiding the messages from other users who should not access it. Similarly, cryptography is used for authentication. The most common applications involve the use of digital certificates, digital signatures and the Public Key Infrastructure (PKI).
Conclusion
In summary, it has been shown that organizations transmit information and secrete on the internet for purposes of growing the businesses and interacting with customers. The information on the cyberspace may be hacked by the criminals and therefore raising more concern on the need to protect the systems. The protection of information/information security should be a major concern by organizations and other computer users. Therefore, there is a need for advancement or modern cryptography to protect the digital keys and ensure that the information that is transmitted over the network is secure. Decryption and encryption techniques should be strengthened to provide the most effective security to the organization. All users should be protected from the risk of cyber-attacks. The goal is to secure data and information by ensuring that it reaches its destination safely. The technologically changing world continues to introduce other issues such as impersonation, cheating and even compromising the intellectual property owned by organizations. Strong cryptography is necessary to improve security the of the systems.
References
Forouzan, B. A., & Mukhopadhyay, D., 2015. Cryptography and network security. Chennai: Mc Graw Hill Education (India) Private Limited.
Hossain, M.A., Hossain, M.B., Uddin, M.S. and Imtiaz, S.M., 2016. Performance analysis of different cryptography algorithms. International Journal of Advanced Research in Computer Science and Software Engineering, 6(3).
Jayapandian, N., Rahman, A.M.Z., Radhikadevi, S. and Koushikaa, M., 2016, February. Enhanced cloud security framework to confirm data security on asymmetric and symmetric key encryption. In 2016 World Conference on Futuristic Trends in Research and Innovation for Social Welfare (Startup Conclave) (pp. 1-4). IEEE. – UAE Best Dissertation Writing Help Service
Paar, C. and Pelzl, J., 2009. Understanding cryptography: a textbook for students and practitioners. Springer Science & Business Media.
Smart, N.P., 2016. Information-Theoretic Security. In Cryptography Made Simple (pp. 163-177). Springer, Cham.
Stallings, W. 2013. Cryptography and network security. Harlow: Pearson Education.
Stinson, D.R., 2005. Cryptography: theory and practice. Chapman and Hall/CRC.
Yamuna, V. and Priya, A.A., Efficient and Secure Data Storage in Cloud Computing RSA and DSE Function, 2015/7. International Journal of Innovative Research in Computer and Communication Engineering, 3(7), pp.6758-6763.