Understanding Cryptography: From CIA Triad to Encryption Algorithms
Confidentiality, Integrity, and Availability (CIA) Triad
The CIA triad is a model for understanding and discussing security concepts, particularly concerning data security. It emphasizes the negative impacts of security breaches: disclosure, alteration, and denial (DAD).
Confidentiality
Confidentiality, while similar to privacy, is not synonymous. It’s a crucial component of privacy, focusing on protecting data from unauthorized access. In essence, confidentiality means preventing unauthorized access.
For example, the PIN used with an ATM card ensures confidentiality, allowing only the authorized user to withdraw funds.
Integrity
Integrity ensures data remains unaltered in unauthorized or undesirable ways. This encompasses unauthorized changes, deletions, or even authorized modifications that are undesirable. Maintaining integrity involves preventing unauthorized changes and reversing necessary authorized changes.
Modern operating systems like Windows and Linux exemplify integrity control mechanisms within their file systems.
Availability
Availability ensures data accessibility when needed. Data unavailability signifies a breach of this principle.
Types of Security Attacks
Interception
Interception attacks grant unauthorized access to data, applications, or environments, primarily targeting confidentiality.
Interruption
Interruption attacks render assets unusable or inaccessible, temporarily or permanently, primarily affecting availability and potentially integrity.
Modification
Modification attacks involve tampering with assets, primarily affecting integrity but potentially impacting availability. For instance, unauthorized alteration of data in a file compromises its integrity.
Fabrication
Fabrication attacks involve generating fake data, processes, communications, or similar activities, primarily affecting integrity but potentially impacting availability.
Identification
Identification is simply asserting one’s identity, whether as an individual, a system on a network, or the sender of an email. It doesn’t involve verification or validation of the claimed identity.
Examples of Identification
Identification methods are diverse, including full names, nicknames, account numbers, usernames, ID cards, fingerprints, and DNA samples.
Types of Identification
Identity Verification
Identity verification goes a step beyond identification but falls short of authentication. It involves presenting documents like driver’s licenses or Social Security cards to confirm the claimed identity.
Falsifying Identification
Identification methods are susceptible to falsification, such as using a fake driver’s license.
Access Control
Allowing Access
Access control grants specific parties access to resources, such as file access for a user or building access for employees.
Denying Access
Denying access is the opposite of granting it, preventing unauthorized access to resources based on factors like time of day.
Limiting Access
Limiting access restricts access to a certain extent. For example, running an application in a sandbox limits its actions outside its context.
Revoking Access
Revoking access is crucial when access is no longer authorized, such as when an employee is terminated.
Accountability
Accountability enables tracing activities back to their source, crucial for maintaining compliance and security. It relies on proper monitoring, logging, and auditing.
Authentication
Authentication verifies the claimed identity using various factors, including something you know, something you are, something you have, something you do, and where you are. Using multiple factors strengthens authentication.
Types of Authentication
- Single-factor Authentication
- Multi-factor Authentication
- Mutual Authentication
- Password
- Biometrics
Auditing
Auditing ensures accountability by maintaining accurate records of activities, enabling compliance checks and security analysis.
DES (Data Encryption Standard)
DES is a symmetric cipher algorithm using a block cipher method, developed by IBM. It encrypts plaintext into ciphertext using a 64-bit key.
Key Concepts
- Initial permutation
- 16 rounds
- Left-right swap
- Final permutation
Decryption
Decryption recovers the plaintext from the ciphertext.
Plain Text vs. Cipher Text
Plain text is the original, unencrypted data, while ciphertext is the encrypted data, making it more secure.
Symmetric vs. Asymmetric Cryptography
Both symmetric and asymmetric cryptography have strengths and weaknesses. Symmetric key cryptography is faster but faces key exchange challenges. Asymmetric key cryptography is slower but offers more secure key management.
Symmetric Key Cryptography
Symmetric key cryptography, also known as public key cryptography, uses a single key for both encryption and decryption.
Asymmetric Cryptography
Asymmetric cryptography, or private key cryptography, uses two keys: a public key for encryption and a private key for decryption.
RSA Algorithm
The RSA algorithm, developed in 1978, is an asymmetric cryptography algorithm using a public key and a private key.
Generating a Public Key
- Select two prime numbers (e.g., P = 53, Q = 59).
- Calculate n = P * Q (e.g., n = 3127).
- Choose a small exponent (e) that is not a factor of (P-1) * (Q-1).
Generating a Private Key
- Calculate the totient of n: φ(n) = (P-1) * (Q-1).
- Find the modular multiplicative inverse of e (modulo φ(n)), denoted as d.
Stream Cipher
A stream cipher encrypts data one bit or byte at a time, using the same key for encryption and decryption.
Block Cipher
A block cipher encrypts data in fixed-size blocks, typically 64 or 128 bits.
Block vs. Stream Ciphers
Block ciphers are generally slower but more efficient than stream ciphers. Most modern encryption algorithms are block ciphers.
