Introduction to applied cryptography
Cryptography is widely used in modern technology, particularly in software. The primary purpose of cryptography is to provide confidentiality of data, but it is also used for authentication, and to verify data integrity. However, cryptography is fragile, and a single error in design or implementation can render it completely useless.
Cryptography remains cryptic and complex because most people don’t have the time or the desire to become a cryptography expert. But a high-level understanding of applied cryptography and cryptanalysis is valuable to developers and hackers alike. Understanding when, why and how cryptography should be used in different contexts is important to ensure that the software is actually receiving the desired level of protection. And the ability to recognize misuse of cryptography can be useful for a hacker trying to determine whether encrypted data can be broken with ease or is beyond their capabilities.
Fundamentals of cryptography
Before digging into the details of how cryptography is used and can be broken, it’s important to understand the basic principles of cryptography, the types of cryptographic algorithms and how they can be used.
Symmetric and asymmetric encryption algorithms perform similar actions, but they have their own advantages and disadvantages. Hash functions, on the other hand, may look similar (and are cryptographic algorithms), but they work differently and are used for different purposes. Most cryptographic algorithms have libraries that make them plug-and-play; however, this is of limited utility if you don’t know which one is right for the job.
Modern applications of cryptography
Cryptography is used every day at the core of a variety of technologies and some of the largest applications in the modern world, including:
Public Key Infrastructure (PKI) is the backbone of many modern uses of encryption. Digitally signed email and websites that have URLs that (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Howard Poston. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/zRJtPvBW0CI/