
: Cryptography :
PublicKey Cryptography : Generic PKC employs two keys that
are mathematically related although knowledge of one key does not allow
someone to easily determine the other key. One key is used to encrypt the
plaintext and the other key is used to decrypt the ciphertext. No matter
which key is applied first, but both the keys are required for the process
to work. Because a pair of keys are required, this approach is also called
asymmetric cryptography.
In PKC, one of the keys is designated the public key and may be advertised
as widely as the owner wants. The other key is designated the private key
and is never revealed to another party.
Publickey cryptography algorithms that are in use today for key exchange
or digital signatures include :
1) RSA : One of the most popular
encryption algorithm, invented in 1977 by three MIT scientists (Ronald Rivest,
Adi Shamir, and Leonard Adleman)
The keypair is derived from a very large number, n, that is the product
of two prime numbers chosen according to special rules; these primes may
be 100 or more digits in length each, yielding an n with roughly twice as
many digits as the prime factors. The public key information includes n
and a derivative of one of the factors of n; an attacker cannot determine
the prime factors of n (and, therefore, the private key) from this information
alone and that is what makes the RSA algorithm so secure.
Hash Functions :
Hash functions, also called message digests and oneway encryption, are
algorithms that, in some sense, use no key. Instead, a fixedlength hash
value is computed based upon the plaintext that makes it impossible for
either the contents or length of the plaintext to be recovered. Hash algorithms
are typically used to provide a digital fingerprint of a file's contents,
often used to ensure that the file has not been altered by an intruder or
virus. Hash functions are also commonly employed by many operating systems
to encrypt passwords. Hash functions, then, provide a measure of the integrity
of a file.
Hash algorithms that are in common use today include:
1) Message Digest (MD) algorithms :
A series of byteoriented algorithms that produce a 128bit hash value
from an arbitrarylength message.
MD2 : Designed for systems with limited memory, such
as smart cards.
MD4 : Developed by Rivest, similar to MD2 but designed
specifically for fast processing in software.
MD5 : Also developed by Rivest in 1991 after potential
weaknesses were reported in MD4; this scheme is similar to MD4 but is
slower because more manipulation is made to the original data.It accepts
variable length message from the user and converts it into a fixed 128bit
message digest value.
One interesting and important aspect of the MD5 hash function is that it
is a one way algorithm. This means you can produce the 128bit fingerprint
if the data chunk is available to you. You cannot, however, generate the
entire data if only the fingerprint of the data is known.
2) Secure Hash Algorithm (SHA) :
Algorithm for NIST's Secure Hash Standard (SHS). SHA1 produces a 160bit
hash value and was originally published as FIPS 1801 and RFC 3174. FIPS
1802 describes five algorithms in the SHS: SHA1 plus SHA224, SHA256,
SHA384, and SHA512 which can produce hash values that are 224, 256,
384, or 512 bits in length, respectively. SHA224, 256, 384, and 52
are also described in RFC 4634.
3) RIPEMD : A series of message
digests that initially came from the RIPE (RACE Integrity Primitives Evaluation)
project. RIPEMD160 was designed by Hans Dobbertin, Antoon Bosselaers, and
Bart Preneel, and optimized for 32bit processors to replace the thencurrent
128bit hash functions. Other versions include RIPEMD256, RIPEMD320, and
RIPEMD128.
4) HAVAL (HAsh of VAriable Length) :
Designed by Y. Zheng, J. Pieprzyk and J. Seberry, a hash algorithm with
many levels of security. HAVAL can create hash values that are 128, 160,
192, 224, or 256 bits in length.
5) Whirlpool : A relatively
new hash function, designed by V. Rijmen and P.S.L.M. Barreto. Whirlpool
operates on messages less than 2256 bits in length, and produces a message
digest of 512 bits. The design of this hash function is very different
than that of MD5 and SHA1, making it immune to the same attacks as on
those hashes.
6) Tiger : Designed by
Ross Anderson and Eli Biham, Tiger is designed to be secure, run efficiently
on 64bit processors, and easily replace MD4, MD5, SHA and SHA1 in other
applications. Tiger/192 produces a 192bit output and is compatible with
64bit architectures; Tiger/128 and Tiger/160 produce the first 128 and
160 bits, respectively, to provide compatibility with the other hash functions.

