34,333
edits
Changes
→Cryptography Usage
== Cryptography Usage ==
Now that we have covered the basics of the different cryptography categories and algorithms the next step is to look at some of the uses of cryptography within the context of information technology. Many people associate encryption with the obfuscation of informat to keep it from being compromised by unauthorized parties. Whilst this is a very common use of encryption it is by no means the only use.
== Confidentiality ==
When we refer to confidentiality we are talking about the use of encryption techniques on data to avoid it being accessed by unauthorized parties. Encryption for the purposes of ensuring confidentiality can be applied both to transmitted data (such as data sent over a public network) and stored data (such as information stored on a hard drive or portable storage device).
== Integrity ==
Also referred to as ''message integrity'' this use of cryptography provides a mechanism to verify that a message has not been modify on its journey between the sender and the recipient. This is commonly achieved through the use of digital signatures and one-way hash functions.
== Nonrepudiation ==
Nonrepudiation is the name given to a technique by which the sender is unable to subsequently deny having sent a message. This is particularly important in the sending of financial instructions. A trader may, for example, send a broker instructions to buy shares shortly before a market crash. In a panic at having bought shares at significantly more than their new value the trader may try to deny having sent the buy order to the broker. Nonrepudiation works on the basis that only the sender is in possession of his or her private key. When the sender uses a private key to sign the message and the recipient uses the senders public key to successfully verify the signature it essentially proves the message was sent by the owner of the private key.
== Authentication ==
Authentication is the concept of proving user identity, typically in or to establish communication or to gain access to a system or network.
The most basic form of authentication involves the use of a login name and password. Another form of authentication involves the use of digital certificates (for example when accesses secure web sites).
== Digital Signatures ==
Digital signatures are based on a combination of asymmetric cryptography and hash functions and are commonly used for signing digital documents and ensuring that downloaded applications are provided by a trusted source.
Once a document has been signed with a digital signature it is essential that a message digest be created using a hash function. This ensures that if the document is modified the change will be detected because the hash will fail verification by the recipient. Asymmetric encryption is also used to verify that the signature was indeed signed by the apparent document sender. To achieve this the hash is typically encrypted using the senders private key. If the recipient is able to decrypt the hash using the senders public key then the message is deemed to be authentic. It will not go unnoticed to those who have read the previous sections that this involves both ''integrity'' and ''nonrepudiation''.
