Tuesday, 2019-07-23, 9:22 PM
Welcome Guest | RSS

Total online: 1
Guests: 1
Users: 0
Site menu
Our Documentations
Blog Category
# Only for beginners [39]
This category contains some introductions and tutorials about UBUNTU and BACKTRACK for those who just start using LINUX.
# Computer Security [11]
In this category, you will find all courses about the Informatique Security
# LINUX [2]
# BackTrack 5 Tutorials [6]
In this categorie, I will post all tutorials about BackTrack5 (Installation, Configuration, Update, Hacking...)
# TechnicDynamic Tutorials [12]
Technic Dynamic is a source of education focused in the following categories of technology: (Computer - Design - Gadgets - Networking - Security) Link : http://technicdynamic.com
# Vishnuvalentino Tutorials [2]
He is a computer security specialist, and also freelance website designer. Read more : http://vishnuvalentino.com/about/
# Hackers News [6]
All news about the hackers of the world ...
# Tools [18]
All Security Tools
Entries archive

Follow us
Main » 2012 » February » 2 » Introduction to cryptography
7:12 PM
Introduction to cryptography
Introduction to cryptography

What is it? 

Cryptography is the science of converting information "in the clear" in coded information that is not understandable, then, from the coded information, to restore the original information. 

Symmetric cryptography and asymmetric cryptography 

Symmetric cryptography 

We speak of symmetric cryptography where multiple people use the same key to encrypt and decrypt messages. 
The main disadvantage of this system is the sharing of this unique key between different people: How to send to everyone and securely this unique key that allows you to encrypt and decrypt? 

Asymmetric cryptography 

In this type of cryptography, each user has two keys: 

  • A private key that must be kept secret.
  • A public key that is available to all other users.
These two keys are mathematically related. 
In practice, the public key used to encrypt messages, and the private key used to decrypt them. Once the encrypted message, only the recipient is able to decrypt it. 
The utility PGP (Prety Good Privacy) works this way. 

The integrity of information 

Good cryptography is to offer a guarantee of the integrity of information. Indeed, it should not be possible to modify encrypted information seamlessly. A process of checking the integrity of the message (encrypted and unencrypted) must be established. This process is performed by a hash function. The result of a hash (hash in English) is a kind of digest of the original message. 

The authentication of the corresponding 

One aspect not to be overlooked when it is desired to secure transactions is the authentication of correspondents: The person to whom I send an encrypted message is she the one to whom I think? The person who sends me an encrypted message is she the one to which I think? 
The principle of authentication uses a prover (who claims to be, who identified himself) and a verifier (the service provider) the verifier submits a challenge to the prover that he must achieve.This implies that pre-prover and verifier have agreed to share a secret. 

The digital signature 

This is a unique electronic code that allows you to sign a coded message. This signature identifies the origin of the message: it has the same function as a signature "by hand". This is the private key that can sign, and the public key to verify the signature. 

The digital certificate 

This is an electronic document that maps a key with an entity (individual, company, computer ...). This match is validated by a certification authority (Certificate Authority: CA). These certificates are used to identify an entity. This certificate is normalized (standard X.509v3).Specifically, the user data (identity of the owner of the key, public key and use the key) are themselves signed by the CA, to include certain specific data (period of validity, the encryption algorithm used, serial number, etc. ...). 

The registration authority 

It is an organization that generates requests for certification of a user. The recording of this user is validated after verification of the information about that user. The request is then sent to the CA. 

The CA 

It is an organization that generates certificates for different users. This is a must for the establishment of a secure system (e-commerce. ..). 


PKI stands for "Public Key Infrastructure", ie "Public Key Infrastructure" (PKI). It is a set of tools (software and hardware) that manage the cryptographic keys and certificates. The IGC provides secure transactions and information exchange between two parties to ensure the confidentiality, integrity and authentication. 

It includes:
  • Key management (creation, distribution, storage ...).
  • Association and the public key of the entity (certificate).
  • Recovery key.


SPKI means "Simple Public Key Infrastructure", ie "Simple Public Key Infrastructure" (ICPS). This infrastructure allows a more direct use of the authorization. Indeed, in the IGC, authorization takes place as follows:
  • The key is obtained via an identification certificate in X.509 format.
  • Of this identity, we get or not authorized.
Under ICPS, authorization is given or not, from the key itself. 
Category: # Computer Security | Views: 665 | Added by: Administrator | Rating: 0.0/0
Total comments: 0
Name *:
Email *:
Code *:

Share This On:
Google Translator
Login form
Our poll
Rate my site
Total of answers: 17
Clock & Calendar

«  February 2012  »