IntechOpen

Home > Books > Biometrics and Cryptography

Open access

Introductory Chapter: Exploring Cryptography – Examining Its Fundamentals and Potential Applications

Written By

Sudhakar Radhakrishnan and Sherine Jenny Rajan

Published: 19 June 2024

DOI: 10.5772/intechopen.114073

Biometrics and Cryptography IntechOpen
Biometrics and Cryptography Edited by Sudhakar Radhakrishnan and Carlos M. Travieso-Gonzalez

From the Edited Volume

Biometrics and Cryptography

Edited by Sudhakar Radhakrishnan and Carlos M. Travieso-González

Book Details Order Print

Chapter metrics overview

12 Chapter Downloads

View Full Metrics
Advertisement

1. Introduction

Fast communication between the digital and physical worlds is made possible by the Internet of Things (IoT).

This rapid growth has made everything in the world to get connected. Therefore, it will be essential to secure this growing amount of data while it is being transmitted. Cryptography is a crucial instrument used to protect this data [1].

The study of encrypting and decrypting data using mathematics is known as cryptography. With the use of cryptography, you can send or keep confidential data over unsecure networks, such as the Internet, such that only the intended receiver can read it. In our IoT-connected world, cryptography is utilized to encrypt all transferred data as well as to authenticate individuals, devices, and other gadgets. The study of data security is known as cryptography, and the science of deciphering and intercepting secure communication is known as cryptanalysis. Cryptography and Cryptanalysis together is said to be Cryptology. The history of cryptography is interesting and extraordinarily long and may be found in the book “The Code Book: The Secrets Behind Code breaking” by Simon Singh.

Advertisement

2. Fundamentals

The goals of cryptography are confidentiality, integrity and availability. Information confidentiality is safeguarded by cryptography, which also makes sure data has not been altered and that the information originated from the intended source rather than an unauthorized sender [2].

Symmetric key and asymmetric key cryptography are the two forms of cryptography. Using the same secret key, the sender and the recipient encrypt and decode a message in symmetric cryptography [3]. Refer Figure 1. Most widely used AES belongs to symmetric key cryptography. Owing to its less complex mathematical procedures, symmetric key cryptography is typically quicker and more effective than asymmetric encryption. This makes it appropriate for real-time encryption of massive amounts of data, like that needed to secure network connections and data storage.

Figure 1.

Symmetric encryption.

A pair of keys, private and public key are used by Asymmetric key cryptography. A few of the algorithms are Diffie-Helman key exchange, RSA and others. The private key is kept private and is only known to its owner, but the public key is freely shared and can be circulated broadly [4]. To decrypt messages encrypted with a public key, only the corresponding private key is needed, and vice versa. Digital signatures, the cryptographic equivalent of handwritten signatures, are made possible via asymmetric cryptography [5]. A message or document can be signed by the sender using their private key, and the recipient can verify the authenticity of the signature using the sender’s public key. The message’s origin and integrity are guaranteed by this procedure. The public key can be provided by a trusted third party like certificate authority (CA). Asymmetric encryption is exemplified in Figure 2, where the recipient’s public key is used to encrypt the plain text, and the recipient’s private key is used to crack it. This provides confidentiality.

Figure 2.

Asymmetric encryption.

Advertisement

3. Challenges and research avenue

The art of secure communication, cryptography, has several theoretical and practical difficulties [6]. Among the major challenges are

  • Key management: the hardest part of securing large-scale systems is frequently managing the safe distribution, storage, and frequent updating (even during a single session) of secret keys [7].

  • Computational power: attacks on standard encryption techniques can become more likely as computational power rises. The constant development of more robust algorithms that can survive ever-powerful computers is required of cryptographers [8].

  • Side-channel attacks: it takes into account adversaries attempting to exploit the physical characteristics of real cryptography equipment [9]. Algorithm vulnerabilities provide a serious threat to the security of encrypted data.

  • Algorithm vulnerabilities: vulnerabilities in even well-designed algorithms may not always be obvious at first [10]. A security vulnerability can expose all sensitive information to the attacker.

  • Threats from quantum computing: quantum computers can solve some mathematical problems far quicker than conventional computers. Their ability to overcome well-known encryption methods like RSA and ECC is considerable [11].

Numerous avenues for research into cryptography have been made possible by the difficulties in creating cryptographic algorithms. A great deal of recent effort has gone into creating post-quantum encryption that is resistant to quantum attacks, aiming to develop workable quantum-resistant cryptographic schemes. Current research examines methods such as homomorphic encryption to perform computations on encrypted data without exposing it. Research concentrating on standardization efforts to promote interoperability while maintaining security is in process. Further research on designing algorithms and implementations resistant to side channel attacks and optimizing cryptographic algorithms and protocols for better performance without compromising security is carried out.

Advertisement

4. Applications

In many real-time applications, cryptography is essential for maintaining data confidentiality and privacy on a variety of digital platforms. Cryptography protects sensitive data in the domain of online banking and financial transactions by using encryption algorithms to prevent theft or unauthorized access to user passwords [12], credit card information, and transactional data. Cryptographic protocols like SSL/TLS are used by secure communication channels, such email services and instant messaging applications, to encrypt data during transmission, protecting attachments and messages from tampering or eavesdropping. Cryptographic techniques are also used in the healthcare industry to secure electronic health records (EHRs), protecting patient privacy and adhering to legal requirements. Furthermore, encryption plays a major role in the developing field of block chain technology [13] by guaranteeing the immutability and integrity of distributed ledgers, allowing safe transactions. Many real time applications like Web Browsing [14], Messaging Apps [15], Bitcoin Transactions [13], Full Disk Encryption [16], Cloud Storage Encryption [17], Two-Factor authentication [12], Digital Signatures in Emails, Smart Home Devices & IoT devices [1], Military, Document security has increased the significance of encryption.

Advertisement

5. Conclusion

Ultimately, cryptography ought to be viewed as the fundamental component of digital security, a vital tool for safeguarding personal information and ensuring secure communication in a range of settings. An overview of the basic ideas, challenges and applications of cryptographic systems has been given in this introductory chapter. Next chapters will explore the intricacies of encryption algorithms, key management, and real-world applications of cryptography in a variety of sectors as we continue our investigation of this fascinating field. Moreover, the ever evolving technological landscape poses a constant threat to cryptographic systems, necessitating constant innovation and adaptation to counter new attacks. By carefully examining its roots and applications, this study aims to shed light on how cryptography supports data integrity, confidentiality, and authenticity in our increasingly interconnected world.

References

  1. 1. Fursan Thabit GHA-G, Can O, Aljahdali AO. Cryptography algorithms for enhancing IoT security. Internet of Things. 2023;22. Article No. 100759. DOI: 10.1016/j.iot.2023.100759
  2. 2. Wu C-K. Fundamentals of cryptography. In: Internet of Things Security. Advances in Computer Science and Technology. Singapore: Springer; 2021
  3. 3. Kumar T, Wollinger S. Fundamentals of symmetric cryptography. In: Lemke M, Paar K, Wolf C, editors. Embedded Security in Cars. Berlin, Heidelberg: Springer; 2006. pp. 125-143
  4. 4. Diffie W, Hellman ME. New directions in cryptography. IEEE Transactions on Information Theory. 1976;22(6):644-654. DOI: 10.1109/TIT.1976.1055638
  5. 5. Rivest RL, Shamir A, Adleman L. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM. 1978;21(2):120-126. DOI: 10.1145/359340.359342
  6. 6. Menezes A, Stebila D. Challenges in cryptography. IEEE Security and Privacy. 2021;19(2):70-73. DOI: 10.1109/MSEC.2021.3049730
  7. 7. Shahnawaz Ahmad SMB. Hybrid cryptographic approach to enhance the mode of key management system in cloud environment. The Journal of Supercomputing. 2023;79:7377-7413. DOI: 10.1007/s11227-022-04964-9
  8. 8. Bhat KJG, Iqbal M. Impact of computational power on cryptography. In: Giri KJ, Parah SA, Bashir R, Muhammad K, editors. Multimedia Security. Algorithms for Intelligent Systems. Singapore: Springer; 2021
  9. 9. Standaert F-X. Introduction to side-channel attacks. In: Verbauwhede I, editor. Secure Integrated Circuits and Systems. Integrated Circuits and Systems. Boston, MA: Springer; 2010
  10. 10. Zhou Y, Ma F, Chen Y, Ren M, Jiang Y. CLFuzz: Vulnerability detection of cryptographic algorithm implementation via semantic-aware fuzzing. ACM Transactions on Software Engineering and Methodology. 2023;33(2):1-28. DOI: 10.1145/3628160
  11. 11. Renner R, Wolf R. Quantum advantage in cryptography. AIAA Journal. 2023;61(5):1895-1910. DOI: 10.2514/1.J062267
  12. 12. Ometov A, Bezzateev S, Mäkitalo N, Andreev S, Mikkonen T, Koucheryavy Y. Multi-factor authentication: A survey. Cryptography. 2018;2(1):1-31. DOI: 10.3390/cryptography2010001
  13. 13. Zhai S, Yang Y, Li J, Qiu C, Zhao J. Research on the application of cryptography on the blockchain. Journal of Physics Conference Series. 2019;1168(3):1-8. DOI: 10.1088/1742-6596/1168/3/032077
  14. 14. Trevisan M, Soro F, Mellia M, Drago I, Morla R. Does domain name encryption increase users’ privacy? ACM SIGCOMM Computer Communication Review. 2020;50(3):16-22. DOI: 10.1145/3411740.3411743
  15. 15. Trauthig IK, Martin ZC, Woolley SC. Messaging apps: A rising tool for informational autocrats. Political Research Quarterly. 2023:1-13. DOI: 10.1177/10659129231190932
  16. 16. Sassani BA, Alkorbi M, Jamil N, Naeem MA, Mirza F. Evaluating encryption algorithms for sensitive data using different storage devices. Scientific Programming. 2020;2020:1-9. DOI: 10.1155/2020/6132312
  17. 17. Mahato GK, Chakraborty SK. A comparative review on homomorphic encryption for cloud security. IETE Journal of Research. 2023;69(8):5124-5133. DOI: 10.1080/03772063.2021.1965918

Written By

Sudhakar Radhakrishnan and Sherine Jenny Rajan

Published: 19 June 2024

© 2023 The Author(s). Licensee IntechOpen. This chapter is distributed under the terms of the Creative Commons Attribution 3.0 License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Continue reading from the same book

View All