In cryptography, a message that humans can read is called plaintext, or cleartext. As shown in the image below,
the process of scrambling a message to make it unreadable by humans is called encryption, and the resulting message is called ciphertext.
The reverse process, called decryption, takes an encrypted (or ciphertext) message and restores it to the original plaintext - decryption unscrambles the message.
The image demonstrates a basic concept of encryption and decryption in cryptography. Here's the analysis:
Plain Text:
The original, readable text ("Mary had a little lamb.") represents the information in its unencrypted, human-readable form.
Encryption:
The process of transforming plain text into cipher text. In the image, a "key" is depicted, which suggests that the encryption is key-based.
This operation scrambles the plain text to produce the "Cipher Text," making it unreadable to unauthorized users.
Cipher Text:
The resulting encrypted output ("aswdfd323rewfc89...") is a scrambled, unreadable format. It is intended to protect the original data from being understood by anyone without the decryption key.
Decryption:
The reverse process of encryption. Using the same key, the cipher text is transformed back into the original plain text, restoring its readability.
Nature of Encryption and Decryption:
Symmetric Encryption:
The use of a single key for both encryption and decryption suggests symmetric encryption.
Examples of symmetric encryption algorithms include AES (Advanced Encryption Standard) and DES (Data Encryption Standard).
Key Dependency:
The security of this encryption relies on the confidentiality of the key. If the key is compromised, both the encryption and decryption processes are vulnerable.
This image visualizes how encryption secures data during transmission or storage, ensuring only authorized parties with the correct key can decrypt and access the original content.
Ciphers and keys
A cryptographic algorithm is a procedure that uses a cipher to encrypt and decrypt plaintext messages. A cipher is a mathematical function. The keys are the numbers or values that are used in this mathematical function, or cipher.
The cipher
The key is simply a binary number, represented in hexadecimal. Keys usually use only the characters: 0-9 and A-F. The characters that make up the key are usually grouped in pairs, or fours. To the human eye, a key might look something like this:
B6AF 5BE5
All modern encryption algorithms use a key to decrypt a ciphertext message. As you can imagine, most attacks on cryptographic systems, called
cryptanalysis, focus on finding that encryption key.
The following section reviews the implementation of encryption by matching terms with their definitions.
Encryption Types and methods used in ecommerce
Cryptography: Uses algorithms to produce ciphertext
Data Encryption Standard: Used to ensure fast, secure encryption
One-way encryption: Used to encrypt information permanently
Public-key encryption: Uses two mathematically related keys
Private-key encryption: Uses a single key to encrypt and decrypt messages
Cryptographic strength: Used to ensure the difficulty of inverting (or solving) the algorithm
ecommerce Transactions
ecommerce transactions take place in an open environment that cannot be trusted since the network is highly vulnerable to outside security threats. This network can be made secure with the help of cryptography. Implementing cryptography can hide content of electronic transactions, detect changes in electronic transactions and confirm the source of electronic transactions. Cryptography can be applied through encryption and digital signatures. Cryptography is an effective method of securing E-Commerce
transactions that take place over the Internet. Secure Sockets Layer (SSL) is a commonly used protocol used to encrypt messages between web browsers and web servers. It encrypts the datagrams of the Transport Layer protocols. SSL is also widely used by merchants to protect the consumer’s information
during transmission, such as credit card numbers and other sensitive information. SSL is used to provide security and data integrity over the Internet and thus plays an important role. SSL has now become part of Transport Layer Security (TLS), which is an overall security protocol. Transport Layer Security (TLS) is a protocol that is used for securing the communications among the applications and their users on the Internet. During the communication between the server and the client, the Transport Layer Security ensures that no message is tampered with and that no third party is able to eavesdrop. TLS consists of two layers: 1) TLS Record Protocol and 2) TLS Handshake Protocol. TLS Record Protocol provides connection security. TLS Handshake Protocol allows the authentication of server and the
client, and the negotiation of an encryption algorithm and cryptographic keys, before the exchange of data.
In the next lesson, you will identify various methods of attacking encrypted data.
