2021.03.17 13:45

Get started Open in app Prashanth_Reddy 6 Followers About Follow

Sign in

Get started Follow 6 Followers About Get started Open in app

Real Life Applications of CRYPTOGRAPHY


Nov 8, 2019 · 7 min read


Cryptography is the study of secure communications techniques that allow only the sender and intended recipient of a message to view its contents. The term is derived from the Greek word kryptos, which means hidden. It is closely associated to encryption, which is the act of scrambling ordinary text into what’s known as ciphertext and then back again upon arrival. In addition, cryptography also covers the obfuscation of information in images using techniques such as microdots or merging

When transmitting elec t ronic data, the most common use of cryptography is to encrypt and decrypt email and other plain-text messages. The simplest method uses the symmetric or “secret key” system. Here, data is encrypted using a secret key, and then both the encoded message and secret key are sent to the recipient for decryption. The problem? If the message is intercepted, a third party has everything they need to decrypt and read the message. To address this issue, cryptologists devised the asymmetric or “public key” system. In this case, every user has two keys: one public and one private. Senders request the public key of their intended recipient, encrypt the message and send it along. When the message arrives, only the recipient’s private key will decode it — meaning theft is of no use without the corresponding private key.


Authentication/Digital Signatures:

Authentication is any process through which one proves and verifies certain information. Sometimes one may want to verify the origin of a document, the identity of the sender, the time and date a document was sent and/or signed, the identity of a computer or user, and so on. A digital signature is a cryptographic means through which many of these may be verified. The digital signature of a document is a piece of information based on both the document and the signer’s private key. It is typically created through the use of a hash function and a private signing function (algorithms that create encypyted characters containing specific information about a document and its private keys).

Time Stamping:

Time stamping is a technique that can certify that a certain electronic document or communication existed or was delivered at a certain time. Time stamping uses an encryption model called a blind signature scheme. Blind signature schemes allow the sender to get a message receipted by another party without revealing any information about the message to the other party.

Time stamping is very similar to sending a registered letter through the U.S. mail, but provides an additional level of proof. It can prove that a recipient received a specific document. Possible applications include patent applications, copyright archives, and contracts. Time stamping is a critical application that will help make the transition to electronic legal documents possible.

Electronic Money:

The definition of electronic money (also called electronic cash or digital cash) is a term that is still evolving. It includes transactions carried out electronically with a net transfer of funds from one party to another, which may be either debit or credit and can be either anonymous or identified. There are both hardware and software implementations.

Anonymous applications do not reveal the identity of the customer and are based on blind signature schemes. Identified spending schemes reveal the identity of the customer and are based on more general forms of signature schemes. Anonymous schemes are the electronic analog of cash, while identified schemes are the electronic analog of a debit or credit card. There are also some hybrid approaches where payments can be anonymous with respect to the merchant but not the bank ;or anonymous to everyone, but traceable (a sequence of purchases can be related, but not linked directly to the spender’s identity).

Encryption is used in electronic money schemes to protect conventional transaction data like account numbers and transaction amounts, digital signatures can replace handwritten signatures or a credit-card authorizations, and public-key encryption can provide confidentiality. There are several systems that cover this range of applications, from transactions mimicking conventional paper transactions with values of several dollars and up, to various micropayment schemes that batch extremely low cost transactions into amounts that will bear the overhead of encryption and clearing the bank.

Encryption/Decryption in email:

Email encryption is a method of securing the content of emails from anyone outside of the email conversation looking to obtain a participant’s information. In its encrypted form, an email is no longer readable by a human. Only with your private email key can your emails be unlocked and decrypted back into the original message.

Email encryption works by employing something called public key cryptography. Each person with an email address has a pair of keys associated with that email address, and these keys are required in order to encrypt or decrypt an email. One of the keys is known as a “public key”, and is stored on a keyserver where it is tied to your name and email address and can be accessed by anyone. The other key is your private key, which is not shared publicly with anyone.

When an email is sent, it is encrypted by a computer using the public key and the contents of the email are turned into a complex, indecipherable scramble that is very difficult to crack. This public key cannot be used to decrypt the sent message, only to encrypt it. Only the person with the proper corresponding private key has the ability to decrypt the email and read its contents.

There are various types of email encryption, but some of the most common encryption protocols are:

OpenPGP — a type of PGP encryption that utilizes a decentralized, distributed trust model and integrates well with modern web email clients S/MIME — a type of encryption that is built into most Apple devices and utilizes a centralized authority to pick the encryption algorithm and key size

Email encryption services can be used to provide encryption in a few separate but related areas:

The connection between email providers can be encrypted, preventing outside attackers from finding a way to intercept any incoming or outgoing emails as they travel between servers The content of the email can be encrypted, ensuring that even if an email is intercepted by an attacker, the contents of the email will still be entirely unreadable Old or archived emails that are already stored within your email client should also be encrypted to prevent attackers from potentially gaining access to emails that aren’t currently in transit between servers

Encryption in WhatsApp:

WhatsApp uses the ‘signal’ protocol for encryption, which uses a combination of asymmetric and symmetric key cryptographic algorithms. The symmetric key algorithms ensure confidentiality and integrity whereas the asymmetric key cryptographic algorithms help in achieving the other security goals namely authentication and non-repudiation. In symmetric key cryptography a single key is used for encryption of the data as well as decryption. In asymmetric key cryptography there would be two separate keys. The data which is encrypted using the public key of a user can only be decrypted using the private key of that user and vice versa.

Whatsapp uses the Curve25519 based algorithm. The history of Curve25519 is worth noting as it was introduced after the concerns over allegations that certain parameters of the previously prevalent P-256 NIST standards have been manipulated by NSA for easier snooping. Elliptic Curve Diffie Hellman algorithm is a mathematical algorithm which helps two communicating entities to agree up on a shared secret without actually sending the actual keys to each other.

Encryption in Instagram:

Your interaction with Instagram is likely an encrypted communication. When your phone requests data with instagram it will use SSL/TLS over port 443 to encrypt requests from Instagram servers and will send you data over the same encrypted data stream.

This prevents malicious parties from eavesdropping on the conversation between you and instagram.

Sim card Authentication:

Authentication To decide whether or not the SIM may access the network, the SIM needs to be authenticated. A random number is generated by the operator, and is sent to the mobile device. Together with the secret key Ki, this random number runs through the A3 algorithm (it is this Ki that recently has been compromised ). The output of this calculation is sent back to the operator, where the output is compared with the calculation that the operator has executed himself (the operator possesses the secret keys for all SIM cards the operator has distributed).

Encryption This part is the part that has been cracked. In short, the operator generates a random number (again), and sends it to the mobile phone. Together with the secret key Ki, this random number runs through the A8 algorithm, and generates a session key KC. This KC is used, in combination with the A5 algorithm to encrypt/decrypt the data.








More from Prashanth_Reddy


More From Medium

16 Million Americans Will Vote on Hackable Paperless Machines

MIT Technology Review in MIT Technology Review

Windows (in)security

Sam Berry in The Startup

Restrict AWS IAM User API Calls from Specific IPs — Hardening Your AWS Programmatic Access User…

Tiexin Guo in DevOps Dudes

Wireshark in the Command Line

Vickie Li in The Startup

Why Do We Still Give Away Our Secrets?

Prof Bill Buchanan OBE in ASecuritySite: When Bob Met Alice

Build The Next Generation of Cybersecurity Training and Academic Study

Prof Bill Buchanan OBE in ASecuritySite: When Bob Met Alice

5 Important Steps You Should Take After a Data Breach

Eddie Segal

The missing chief security officer

Andy Bochman in CXO Magazine




Get the Medium app

  • Cryptography Tutorial - Tutorialspoint
    Definition: Cryptography is associated with the process of converting ordinary plain text into unintelligible text and vice-versa. It is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it.
  • Cryptography | Computer science | Computing | Khan Academy
    Cryptography is used in all fields to secure data and prevent it from getting hacked. For example, for securing passwords, authenticating banking transactions, etc. Nowadays, various new cryptographic techniques are developed and cracked; hence, it is important always to be aware of computer threats and take precautions to avoid them as best as we can.
  • What is Cryptography? Definition of Cryptography ...
    Cryptography is the science of using mathematics to encrypt and decrypt data. Cryptography enables you to store sensitive information or transmit it across insecure networks so that it cannot be read by anyone except the intended recipient.
  • Cryptography Techniques | Learn Main Types Of Cryptography ...
    This is called 'decryption.' Cryptography begins when we abandon physical locks and use 'ciphers' instead. Think of [ciphers] as virtual locks. Ciphers allow Alice and Bob to scramble and descramble their messages so that they would appear meaningless if Eve intercepted them. Cryptography has been around for thousands of years.
  • Cryptography - SlideShare
    Cryptography is the study of secure communications techniques that allow only the sender and intended recipient of a message to view its contents. The term is derived from the Greek word kryptos ...
  • cryptography · PyPI
    This tutorial covers the basics of the science of cryptography. It explains how programmers and network professionals can use cryptography to maintain the privacy of computer data. Starting with the origins of cryptography, it moves on to explain cryptosystems, various traditional and modern ciphers, public key encryption, data integration, message authentication, and digital signatures.
  • Real Life Applications of CRYPTOGRAPHY | by Prashanth ...
    Block Cipher. An encryption method that applies a deterministic algorithm along with a symmetric key to encrypt a block of text, rather than encrypting one bit at a time as in stream ciphers. Example: A common block cipher, AES, encrypts 128-bit blocks with a key of predetermined length: 128, 192, or 256 bits.
  • Cryptography and its Types - GeeksforGeeks
    cryptography is a package which provides cryptographic recipes and primitives to Python developers. Our goal is for it to be your “cryptographic standard library”. It supports Python 3.6+ and PyPy3 7.2+. cryptography includes both high level recipes and low level interfaces to common cryptographic algorithms such as symmetric ciphers, message ...
  • What is cryptography? (video) | Cryptography | Khan Academy
    Cryptography is technique of securing information and communications through use of codes so that only those person for whom the information is intended can understand it and process it. Thus preventing unauthorized access to information.
  • What is Cryptography? | Cryptographic Algorithms | Types ...
    Unit: Cryptography. Lessons. Ancient cryptography. Learn. What is cryptography? (Opens a modal) The Caesar cipher (Opens a modal) Caesar Cipher Exploration (Opens a modal) Frequency Fingerprint Exploration (Opens a modal) Polyalphabetic cipher (Opens a modal) Polyalphabetic Exploration (Opens a modal)