Compression, Encryption and Hashing

why is compression used?

• reduce storage space of files on disk

• enable web pages to load quicker

• reduce buffering on video/audio streaming

• obey bandwidth restrictions by ISPs, mobile phone networks, email providers

what is lossy compression?

• removes non-essential data from the original file

• the resulting file can have lower quality as a result

• used in phone calls and in sound and video (eg. MP3 files remove frequencies higher than human hearing and quieter sounds)

what is lossless compression?

• no data is lost from the original file

• lossless compression records patterns in data and a set of instructions on how to use them

• computer can reverse procedure and reassemble the original file with exact accuracy

• useful for compression of program files, text files where lost characters would result in an error

• results in a larger file than lossy compression, but still smaller than original file

what is run length encoding?

• instead of recording every pixel in a sequence, it records the pixel’s value and the number of times it repeats

• reduces file size because 1 byte used to store colour (etc.) of pixel and 1 byte used to store number of times repeated

• unsuitable for text files without repeated strings

what are dictionary-based compression techniques?

• a dictionary is maintained containing each word in the text along with a code representing that word

• in the text, each word is replaced with its dictionary code which reduces the amount of bytes used to store that word

• however, the dictionary must be stored with the text

• in larger texts when certain words are repeated a lot, the dictionary is insignificant in size compared to the original

what is encryption?

• when data is transformed from one form to another to prevent unauthorised third parties understanding it

• plaintext=original text

• ciphertext=encrypted text

• algorithm used to scramble data=cipher

• secret information used to unscramble data=key

what is the vernam cipher?

• the encryption key is a one-time pad, which must be greater than or equal to in length than the plaintext, fully random and used only once

• the one time pad must be shared in person and then destroyed

• as the key is random, the distribution of characters will be random so cryptanalysis won’t produce meaningful results

• XOR is carried out between the ASCII values of each plaintext character and each one time pad character, to determine the ciphertext (the XOR is reversible)

what are truly random numbers?

• they are not computer generated random keys because mathematically generated random numbers are not actually random

• real random numbers come from physical, unpredictable phenomena such as white noise, radioactive decay

what is symmetric encryption?

• same key used for encryption and decryption

• key must be transferred across the network, which isnt safe because it could be intercepted

what is asymmetric encryption?

• if person A wants to send a message to person B

• person A finds B’s public key on the public domain

• A uses B’s public key to encrypt data

• A sends message to B

• B uses B’s private key to decrypt data

• as the private key cannot be deduced from the public key, asymmetric encryption is more secure

what is hashing?

• provides mapping between arbitrary length input and smaller length output

• one way, original text cannnot be determined from hash

• encrypted pins and passwords can be stored using hashing so if they are discovered, the original cannot be determined by hackers

• the software applies the hashing algorithm to the user’s input and compares it with the hash stored

what is a hash total/checksum/digest?

• a mathematical value calculated from unencrypted message data

• irreversible and impossible to crack

• a slight change in the message will produce a different total

• useful when checking that the message hasnt been corrupted or changed during transmission

what is a digital signature or hash value?

• the sender encrypts the hash total with their private key

• the encrypted hash total is the digital signature

• the recipient decrypts the hash total using the sender’s public key

• if the hash total= the actual calculated hash total of the message, then the message is exactly the same as it was when it was sent out

what is a digital certificate?

• verifies the trustworthiness of a message sender or website

• allows the website to use public keys

• prevents people creating hoax digital signatures claiming to be a trusted individual