Indiana University
University Information Technology Services
  
What are archived documents?
Login>>
Login

Login is for authorized groups (e.g., UITS, OVPIT, and TCC) that need access to specialized Knowledge Base documents. Otherwise, simply use the Knowledge Base without logging in.

Close

ARCHIVED: What is cryptography, and where can I find more information about it?

Cryptography is the science of enabling secure communications between a sender and one or more recipients. It is a centuries-old discipline with documented examples dating back to the time of Julius Caesar. Today, many highly sophisticated and evolved techniques are in the cryptographer's toolbox; all have the intent of providing one or more of these services:

  • Data confidentiality concerns who can read and understand a message that is exchanged between sender and receiver. Confidentiality is achieved through the use of cryptosystems, that is, companion encryption and decryption algorithms that respectively lock and unlock the contents of a message. Prior to encryption, the message is said to be in plaintext form. After encryption, it is usually called ciphertext.

  • Data integrity describes the condition of a message upon receipt, as compared to its original state before transmission. Hostile intermediate parties that handle a message can easily add to, remove from, or modify its contents. Cryptographic integrity checks provide a kind of super-sensitive "mathematical armor" for messages; the slightest tampering causes readily visible chinks to appear.

  • Sender authentication alleviates a problem commonly known as message forgery or message spoofing. Just as a printed memo can easily originate from someone other than its purported sender, so can its electronic counterpart. Of course, the former can be prevented by affixing a handwritten signature to the message; similarly, it is possible to generate a digital signature for an electronic message. Unlike a scribed autograph, however, a digital signature is mathematically infeasible to forge.

  • Non-repudiation of origin empowers a message recipient to unequivocally prove to a third party from whom a particular message originated. In other words, if Alice receives a message from Bob, and their cryptographic method provides non-repudiation of origin, then Alice can prove to Carol that Bob (and not someone other than he) was indeed the sender.

Email applications in particular benefit greatly from these cryptographic techniques. A world-famous program called PGP (Pretty Good Privacy) is available for no cost to qualified Internet participants. PGP runs on most contemporary common platforms, including Unix, Windows, Macintosh, MS-DOS, and VMS. Also attractive to some are the various programs which implement the S/MIME standards or Privacy Enhanced Mail (PEM) standards, such as one called RIPEM. These programs are also available for the prevalent computing platforms. Although you can use PGP, S/MIME, or PEM to securely exchange email within and without the IU computing environment, UITS does not support them at this time.

You can find a wealth of information about cryptography on the Internet. The following links provide a good start: http://www.faqs.org/faqs/cryptography-faq/ http://w2.eff.org/effector/effect04.05

Additionally, for those most interested in the applications of this important science, UITS recommends Bruce Schneier's landmark book Applied Cryptography (John Wiley & Sons, ISBN 0-471-12845-7, 2nd edition).

This is document agds in domain all.
Last modified on November 01, 2008.

Comments/Questions/Corrections

Use this form to offer suggestions, corrections, and additions to the Knowledge Base. We welcome your input!

If you are affiliated with Indiana University and would like assistance with a specific computing problem, please use the Ask a Consultant form, or contact your campus Support Center.

Contact Information

Note: We will reply to your comment at this address. If your message concerns a problem receiving email, please enter an alternate email address.