Applications of Cryptography
Digital Signatures/ Authentication
Digital signatures and authentication are vital applications of public-key cryptography. An instance, if someone sends you an encrypted message, one that they have encrypted with their private key; and you can decrypt using their public key, you should be very certain that that message came from them. When there is the need for the message to be private, they can encrypt it with their private key and then with your public key. This way, only you can access or read the contents of the message and will be certain that that message came from them (Joye, 2009). A major requirement is that public keys have an association with their owners through a trusted manner such as a trusted directory. Certificates have been invented by the standards community to address this bottleneck. The contents of a certificate include some time stamps, the subject’s public key, the name of the subject being issued the certificate and the name of the issuer of the certificate. To ascertain the credibility of the public key, the issuer of the certificate has a certificate as well (Goldreich, 2011).
This is essentially giving communications or electronic documents an identity by the use of its time of occurrence or delivery. It is a technique used to certify communication and its delivery, as well as electronic documents. Time stamping utilizes a model of encryption referred to as blind signature scheme. These schemes allow a sender to receive a message that has been received by another party without the revelation of information pertaining to the message to the other party. The technique is in its essence similar to sending letters that are registered through the mail. It is better in that it avails an extra level of proof. It can be used to prove that a party received a certain document. Applications that could utilize time stamping include contracts, copyright archives and patent applications. This technique is a vital application that plays a role in making possible the transition to electronic legal documentation (Kilma et al., 2010).
It is also referred to as digital or electronic cash. This method entails carrying out transactions electronically by a net funds transfer between parties. These transactions can be identified or anonymous and credit or debit transactions of funds. This method entails implementations in both software and hardware. Blind signature schemes are used by anonymous applications that hold back revelation of the identity of their customers. An example is Ecash by Digicash. On the other hand, general types of signature schemes are used for identified spending schemes that reveal the identity of the customers. Identified schemes are electronic analogs of credit and debit cards as anonymous schemes are electronic analogs of cash. Approaches can also be hybrid that work such that they are anonymous as per the merchant but not as per the banks. A good example is Cybercash that offers transactions of credit cards. Hybrid approaches can be anonymous to all parties but can be traced. Tracing is enabled by purchase sequences that cannot be directly linked to the identity of the spender but can be related (Daras, 2012).
Public-key encryption avails confidentiality. Digital signatures act as credit card authorizations or handwritten signatures. Electronic money schemes utilize encryption in order to protect transaction data such as amounts and account numbers. This range of applications is covered by numerous systems. This ranges from transactions that act like conventional paper transactions to numerous micropayment schemes. The former can have values of several dollars while the latter batches very low-cost transactions in amounts that clear the bank and bear the overhead of encryption (Klima et al., 2010).
Network Communication (Secured)
Secure Socket Layer, SSL
SSL is a public-key protocol developed by Netscape. It provides layered data security between application protocols and TCP/IP. Examples of the former include FTP and HTTP while the latter is the base on which internet-based communications are made. SSL entails support for client authentication for TCP/IP connections, message integrity, data encryption and authentication of servers. SSL employs a handshake protocol that undertakes authentication of each connection node i.e. client and server (Batten, 2013). It also has an optional authentication for clients. In the first step, the server’s cipher preferences and certificate are requested by the client. On reception of this information by the client, a master key is generated that the client encrypts with the public key of the server. This avails the encrypted master key to the server who undertakes it decryption using its private key and authenticates itself to the client through the return of an encrypted message that entails the master key. Data that is availed in communication is thus encrypted with keys that are derivations of the master key. Step two, which is the authentication of the client is an optional step. Challenge is made to the client by the server. The client’s response entails the return of its digital signature as well as it public-key certificate. The SSL protocol utilizes a public-key cryptosystem known as RSA for the steps of authentication. When keys exchange is concluded, numerous distinguished cryptosystems are utilized. These include DES, RC4 and RC2 (Joye, 2009).
Batten, L. (2013). Public key cryptography. Hoboken, N.J: John Wiley & Sons.
Daras, N. (2012). Applications of mathematics and informatics in military science. New York, NY: Springer.
Goldreich, O. (2011). Foundations of Cryptography: Volume 2, Basic Applications. New York: Cambridge University Press.
Joye, M., & Neven, G. (2009). Identity-based cryptography. Amsterdam: IOS Press.
Klima, R., Sigmon, N., & Stitzinger, E. (2010). Applications of abstract algebra with Maple.