In

**networking** and

**telecommunications**, the data transmitted over a network in such a way that if the data is captured but it cannot be read by unauthorized users.

# What is Cryptography?

**Cryptography** is the science of information security. it is closely related to the disciplines of cryptology (it is the mathematics, such as a number theory and the application of formulas and algorithms) and cryptanalysis (it refers to the study of ciphers, ciphertext with a view to finding weaknesses in them that will permit retrieval of the plain text from the ciphertext, without necessarily knowing the key or the algorithms).

Cryptography includes techniques such as microdots, merging words with images, and other ways to hide information in storage or transit. however, cryptography is most often associated with scrambling plain text (ordinary text) into ciphertext (a process called encryption), then back again (known as description). individuals who practice this field are known as cryptographers.

**Cryptographic techniques** allow a sender to disguise data so that an intruder can gain no information from the intercepted data. cryptography involves two corresponding processes. these processes are described as under:

## Encryption

It is the process of taking data and modifying it so that it cannot be read by untrusted users.

## Decryption

It is the process of taking encrypted data and rendering it readable for trusted users.

**Encryption** and **decryption** are performed using algorithms and keys. an algorithm, a series of mathematical steps that scrambles data, is the underlying mathematical process behind encryption. there are a variety of cryptographic algorithms that have been developed based on different mathematical processes. some algorithms result in stronger encryption than others-the stronger the algorithm, the more difficult the encrypted data is to crack.

Traditional cryptography (secret key cryptography or symmetric cryptography) involves a private or secret key that was shared by the individuals involved in the transmission. the key is a mathematical entity that the sender can use to encrypt a message and the receiver can use it to decrypt it. the main problem with this type of cryptography is that how the owner of the key can securely transmit the key.

In other words, the main problem is one of key management how to create, store, and transmit the key to those who will need it to decrypt messages sent to them.

**Public key cryptography** solves this problem by creating a set of two different keys for anyone needing to transmit encrypted information. a precise mathematical relationship exists between the two keys, which together are called a key pair. both keys are produced at the same time using an algorithm. as a result, when either one of the two keys is used to encrypt a message, the other can be used to decrypt it. the two keys in a key pair are as follows:

## Private key

A private key is known only to the owner (or the owner's client program).

## Public key

A public key is distributed to any user (or to any client program) who requests it. because the public and private keys are related mathematically, someone could take another person's public key, perform complex mathematical calculations on it, and extract the corresponding private key. therefore, use keys sufficiently long and with a sufficiently complex mathematical relationship so that it is all but impossible to extract the private key from the public one.

Once a key pair is generated for someone, that person can use it to encrypt messages and digitally sign messages so that the recipient can be sure of the identity of the sender.

The whole public key cryptography system is founded on trust. all persons who are issued key pairs must trust the third-party authority who provided the key pairs. this trusted authority is called a **certificate authority** (**CA**). someone who wants to obtain a key pair from a **CA** must contact the CA and present proof of identity. this could involve a face-to-face meeting, examination of a driver's license with a photograph, or some other method of establishing a user's identity.