Cryptography & Data Security

Man in the middle attack →

• when we send data across a network outside out physical control, we mst assume that a main in the middle attacker exists

• they have three options: view, intercept, repeat

Solution →

• Cryptography- a form of secret writing

Cryptography:

Symmetric Encryption →

• Transposition ciphers- swapping the order of letters in a fixed pattern

  • e.g. Caesar cipher

• Substitutional ciphers- replacing a letter with another letter

• Issues with these methods: Frequency analysis

• One-time pad- Single-use pre-shared key shared by sender and recipient

  • requires true randomness

• Polyalphabetic ciphers

  • issues: once algorithms is figured out, all messages are exposed

Asymmetric Encyption →

Kerckhoff’s principle →

• the security of the key must be sufficent for it to be secure

• this is where we use secret keys

Key-based encyption →

• Public key encyption