**Content**

● Cryptography

● Encryption technique

○ Symmetric Key Algorithm Standard (SKAS)

○ Asymmetric Key Algorithm Standard (AKAS)

● Non-Repudiation technique

○ Digital Signature

○ Public Key Infrastructure (PKI)

**Cryptography**

Cryptography is a cornerstone of the modern electronic security

technologies.

Cryptography is a technique of converting data into a format that is

unreadable for an unauthorized user using different codes.

Information security uses cryptography to maintains data integrity during

transmitting and while storing.

Cryptography also aids in Encryption and non-repudiation.

**Encryption**

In network, data is transmitted in the form of 1 and 0.

Encryption is a process of converting user data into a code in such a way that

only authorized parties can access it.

Encryption can be one in two ways:

● Symmetric Key Algorithm Standard (SKAS)

● Asymmetric Key Algorithm Standard (AKAS)

**Encryption**

● Symmetric Key Algorithm Standard (SKAS):

In this algorithms, the same cryptographic keys are used for both

encryption and decryption of data.

SKAS use DES (Data Encryption Standard) which is a first standard used for

encryption.

Rivest Cipher 4 (RC4) was a very popular SKAS algorithm technique used

to encrypt data from 2001 to 2013.

Now most of the TCP/IP applications use Algorithm Encryption Standard

(AES) technique.

● Symmetric Key Algorithm Standard (SKAS):

SKAS has one serious drawback that if anyone get a hold of the key can

encrypt and decrypt data easily.

So there is a need to create a new method which allow the encrypter to

send a key to the decrypter without the fear of intervention

So that method is AKAS (Asymmetric key algorithm standard)

● Asymmetric Key Algorithm Standard (AKAS):

In this method of cryptography, the two different cryptographic keys are

used for both encryption and decryption of data.

In AKAS, Public Key Cryptography is used to exchange the key securely

between two communicating devices.

The two key generated are : Private key is used by sender to encrypt the

data and Public key is used by receiver to decrypt the data.

These two keys are called key pairs and are generated at same time and

designed to work together.

**Non Repudiation**

Non Repudiation is a process of making sure that the party with which we are

signing any contract or a communication cannot deny the authenticity of their

signature on a document.

It provide assertion of authentication with high assurance that the person or

entity with which we are dealing are genuine.

Non Repudiation is done by Digital Signatures or PKI

● Digital Signature:

It is a digital code which is attached to an electronically transmitted

document or message to verify its contents and the sender’s identity.

Digital Signature are hash of messages encrypted by a private key.

Digital signature solve the problem of tampering and impersonation in

digital communications.

It is widely used by e-mail user.

Non Repudiation:

● Public Key Infrastructure (PKI):

It is a set of rules and regulations need to create, manage, use and store

digital certificates and manage public-key encryption.

PKI is used to facilitate the secure electronic transfer of data for a

different network activities such as e-commerce, internet banking and

confidential email.

● Public Key Infrastructure (PKI):

The Digital certificates are used to verify the exchange of public keys in

network.

When someone wants to create a secure website then he or she have to

buy a certificate signed by a certificate authority (CA) such as Verisign,

Thawte or GoDaddy.

Public Key Infrastructure (PKI): consists of

● Certificate Authority (CA)

● Registration Authority

● Central Directory

● Certificate Management System

● Certificate Policy