Cryptography : Secure Communication

The following table provides a little list of some of the most common schemes employed today for a variety of functions. The Table also includes several real cryptographic applications that many of us employ (knowingly or not) everyday; for password protection and private communication.

DES (Data Encryption Standard)	DEA is an improvement of the algorithm Lucifer (developed by IBM). The DEA has a 64-bit block size and uses a 56-bit key during execution (8 parity bits are stripped off from the full 64-bit key). The DEA is a symmetric cryptosystem. DES invokes 16 rounds of permutations, swaps, and substitutes.
RSA	The RSA cryptosystem is a public-key cryptosystem that offers both encryption and authentication. Created by Ron Rivest, Adi Shamir, and Leonard Adleman This is the first asymmetric key system. This is the basis of today’s Public Key Infrastructure.
Advanced Encryption Standard (AES)	NIST replacement of DES, using a very public process over a 4-1/2 year period.
Blowfish	Secret-key, block-cipher cryptosystem with widely varying key-length. Designed by Bruce Schneier, it is available freely to any user as a substitute for DES or IDEA.
Diffie-Hellman	In 1976 First public-key cryptosystem, used for key exchange for secret-key (symmetric) cryptosystems.
Elliptic Curve Cryptography (ECC)	A relatively new PKC algorithm based upon elliptic curves. ECC can offer levels of security comparable to RSA and other PKC methods with much smaller keys. It is well-suited to devices that are resource constrained, such as smartcards and PDAs.
Pretty Good Privacy (PGP)	A family of cryptographic routines for e-mail and file storage applications developed by Philip Zimmermann in 1991. PGP 2.6.x uses RSA for key management and digital signatures, IDEA for message encryption, and MD5 for computing the message's hash value.
Message Digest (MD) algorithms: 2,4,5	Message-digest algorithms, used for digital signature applications for message integrity.
International Data Encryption Algorithm (IDEA)	Secret-key cryptosystem written by Xuejia Lai and James Massey, in 1992 and patented by Ascom; a 64-bit SKC block cipher using a 128-bit key.
Public-Key Cryptography Standards (PKCS)	A set of interoperable standards and guidelines for public-key cryptography, designed by RSA Data Security Inc.

Cryptanalysis is the flip-side of cryptography: It is the art of deciphering encrypted communications without knowing the proper keys. In order to design a robust encryption algorithm or cryptographic protocol, one should use cryptanalysis to find and correct any weaknesses. This is precisely the reason why the most trusted encryption algorithms are ones that have been made available to public scrutiny.

The various techniques in cryptanalysis attempting to compromise cryptosystems are referred to as attacks. Some of the better-known attacks (or techniques) are as follows.

Brute force attack: This attack requires trying all (or a large fraction of all) possible values till the right value is found; also called an exhaustive search.

Cipher text only attack: This is the situation where the attacker does not know anything about the contents of the message, and must work from cipher text only. In practice it is quite often possible to make guesses about the plain text contents of messages, as many types of messages have fixed-format headers.

Known plain text attack: The attacker knows or can guess the plain text for some parts of the message. The task is to decrypt the rest of the cipher text blocks using this information. This may be done by determining the key used to encrypt the data, or via some shortcut.

Chosen plain text attack: The attacker is able to have any text he likes encrypted with the unknown key. The task is to determine the key used for
encryption.

Algebraic attack: A method of cryptanalytic attack used against block ciphers that exhibit a significant amount of mathematical structure. Algebraic attacks are a class of techniques that rely for their success on block ciphers exhibiting a high degree of mathematical structure.

Man-in-the-middle attack: This attack is relevant for cryptographic communic-ation and key exchange protocols. When two parties are exchanging keys for secure communications (e.g., using Diffie-Hellman), an adversary puts himself between the parties on the communication line. The adversary then performs a separate key exchange with each party, decrypts communications, and encrypts them again for sending to the other party. The parties think that they are communicating securely, but in fact the adversary is hearing everything.

Timing Attack: This attack is based on repeatedly measuring the exact execution times of modular exponentiation operations. It is relevant to at least RSA, Diffie-Hellman, and Elliptic Curve methods.