Cryptography's Role in Modern Cyber Security: An In-Depth Analysis

Verified

Added on 2020/03/23

AI Summary

This essay provides a comprehensive analysis of cryptography's role in modern cyber security. It begins by highlighting the increasing threat of cybercrimes and the need for robust data protection mechanisms. The essay then delves into the core concepts of cryptography, explaining encryption, decryption, and the use of secret keys. It explores the benefits of cryptography, such as data protection, secure transactions, and compliance with industry standards. Furthermore, it discusses the challenges associated with cryptography, including key management, vulnerability to attacks, and the need for system-specific implementations. The essay also evaluates the different types of cryptography, including secret key, public key, and hash functions. It underscores the importance of cryptography in protecting sensitive information and ensuring the integrity of data in various applications, from online transactions to government communications. The essay concludes by emphasizing the crucial role of cryptography in safeguarding data in an increasingly interconnected digital world and its implications for the future of data security.

Running head: CRYPTOGRAPHY 0
Cryptography

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

CRYPTOGRAPHY 1
Table of Contents
Introduction................................................................................................................................2
Role of Cryptography in Cyber Security...................................................................................3
Conclusion..................................................................................................................................8
References..................................................................................................................................9

CRYPTOGRAPHY 2
Introduction
With the modernisation of technology and Internet-based services, the risk of
cybercrimes has grown significantly. People, companies, and government are under constant
threat of cyber-attacks. Cybercriminals attack over the personal and sensitive data such as
personal information, banking details, and national security secrets. Hackers use the
popularity of social media websites and instant messaging application to collect the data of
people and organisations. Most corporations and governments use various methods of
security to protect their data from hackers, such as antivirus, firewalls, and data-in-motion.
Cryptography is another method of protecting data from hackers, cryptography in a
Greek word which means secret writing. Cryptography is a method of coding and decoding
messages and data while transferring them, which protect the data from cloning by a hacker.
If a corporation encrypts their data while transferring, then the receiver will require a
password or secret key to open such data. With the growth of cyber-attacks, the relevancy of
proper security mechanism is required for protection of data. The organisation can use
cryptography to protect their data from hackers, but there are several problems in using
cryptography. This essay will focus on analysing the benefits of cryptography from
protecting the data from cybercriminals. The essay will discuss the requirement of
cryptography and problems faced by organisations while using it as a security mechanism.
Further, the essay will evaluate the role of cryptography in the future of data security.

CRYPTOGRAPHY 3
Role of Cryptography in Cyber Security
The popularity of social media and internet-based services has grown rapidly in past
decade, billions of people use them daily to communicate, share and create new content.
According to Vacca (2012), many of the modern corporations are conducting their business
through online portals. Organisations use the internet and cloud-based services to store data
online which can be easily accessible through various networks. On-line services provide
various benefits to companies such as essay accessibility, faster transfer, communications
through different channels and ease in payment. The government of various nations uses
online services to store national secrets and perform other activities. The popularity of
internet-based services raised the risk of cyber-attacks, hackers attack over the data of
corporations and government to gain their secret information which shows the requirement of
a proper safety mechanism (Ling & Masao 2011).
In 2016, more than 3.1 billion records leaked by the cybercriminals, most of these
breaches include data from organisation such as MySpace, Minecraft, Tumblr, Wendy’s Co.
and Payroll. According to Morgan (2016), as compared to 2015, the number of cyber-attacks
has grown 40 percent in 2016. Many individuals, corporations, and government face risk of
cyber-attack and breach of data from cybercriminals. The amount spent by worldwide
organisations over cybersecurity-related hardware has risen from US$62.2 billion in 2015 to
US$73.7 billion in 2016; these numbers are expected to grow more than US$90 billion in
2018 (Kharif 2017). Cybercriminals attack over the personal data of individuals such as
social security number, banking information and other private details to siphon money out of
their accounts. Cybercriminals collect sensitive data of government such as public data,
government secrets or even nuclear codes, which can be dangerous for national security,
proving the relevancy a security mechanism.
Cryptography is a method of converting the data into gibberish which can only be
understood by the person who has the secret key. According to Stallings & Tahiliani (2014),
the requirement of cryptography has gained in the modern world but the use of Cryptography
become popular during the World War I and II. To avoid leaking their conversations and
secrets to enemy soldiers, the army uses secret codes to communicate and share important
information between each other. The person receiving the message must require having the
secret codes to understand the secret message. In World War II, armies started using modern

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

CRYPTOGRAPHY 4
machinery to encrypt and decrypt their data for securing the information, such as German
Lorenz cipher, Enigma, Fish and Short Weather Cipher. In the modern age, computers are
getting smarter each day. It has become easier for hackers to easily gain the information of
people, corporations, and governments; therefore, the requirement of encryption of data has
risen significantly. Many organisations and online services are already using cryptography to
protect their data from cybercriminals (Joyner 2012).
Julius Cease, a Roman politician, did not trust his messengers when he communicates
important information to his generals, therefore, he changes all the alphabets with the third
letter for example, he changes all ‘A’ letter in his message with letter ‘D’ and every ‘B’ with
an ‘E’ and so on. By changing the alphabets like this, only the general who knew the ‘shift by
3’ rule was able to decrypt the message, cryptography works the same way. If any data can be
read and understood by anyone without the requirement of any key is called plaintext or
cleartext. As per Katz & Lindell (2014), by hiding the substance or meaning of a plaintext by
changing or converting the data is called encryption. The data which is encrypted turn the
information into gibberish which is known as ciphertext. By encrypting any data, any person
can ensure that such data can only be read by the person who has secret key or password. The
process of converting a ciphertext into plaintext is called decryption of data.
As per Forouzan & Mukhopadhyay (2011), there are two primary reasons which show
the requirement of information security in modern corporations. The first reason is the
popularity of computers which completely changes the process of data storage. Traditionally,
organisations store data in physical files and documents where the sensitive data can be
secured by locking in the cabinets. But, with the introduction of computers, the requirement
of automated devices for data protection has become mandatory. The second key reason,
which increases the requirement of information security, is the introduction of distributed
systems and the implementation of network and communication services. Organisations use
network facilities to transfer and communicate the data between different terminal users.
While communicating or transferring the data, network security is to require protecting the
data from leaking. Cryptography uses logic and complex mathematics principles to encrypt
any data, corporations, and individuals can transfer the data without worrying of leakage or
cloning (Al-Hazaimeh 2013).
There is three common type of cryptography used by organisations which includes a
secret key, public key, and hash functions. Koblitz (2012) provided that in Secret-key

CRYPTOGRAPHY 5
cryptography, both the sender and receiver of the message have a secret key which can be
used by them to decrypt the message. This method is effective if the communication is
conducted between few people, in case of large networks, organisations cannot implement
this strategy securely. In Public key cryptography, the key for encryption and decryption are
different from one another and the key work in pairs. If the sender and receiver of such
messages do not have a public key, then they can freely distribute the private key. In this
method, various digital signatures are used such as RSA, digital signature algorithm, and
various other standards. In Hash functions, a mathematical algorithm is used by the parties
for permanent encryption of data. This is used by operating systems for document protection
and encrypting the passwords. In this method, various other security measures are used such
as digital signature, secure hash algorithm, message digest, and RIPEMD (Kaur & Kaur
2012).
The benefits of using cryptography by organisation and governments include
protection of data and services from leaking or cloning by cybercriminals. As per Lydersen et
al. (2010), organisations can encrypt the information of their services for securing the
transactions, for example, every single call made by users, every ATM card transaction,
credit card usage or message send by people are encrypted by companies. Without a
systematic encryption, the security of online and electronic transactions cannot be achieved
by the corporations. The primary benefit of cryptography is complete data protection from
breach or cloning by cybercriminals. By implementing correct encryption solutions, a
corporation can protect the data even after the breach of their security framework. There are
several ways through which hackers can collect the data of an organisation, but through
encryption, accessing the data became considerably difficult for cybercriminals.
As per Kahate (2013), another benefit of cryptography is that it provides security
through multiple devices for users. The popularity of smartphones and computer has risen
significantly in past few decades; more than 2.32 billion people use smartphones in 2017.
Due to their popularity, smartphones are preferred target for cybercriminals. Smartphones
contain sensitive and personal information of its user which can be used by hackers to gain an
unfair advantage. Many corporations face difficulty in maintaining the security of data while
storing and transmitting the information through these devices. Carlet (2010) provided that by
encrypting the data, a corporation can ensure the security of their information in various
devices. With the popularity of the internet and network-based services, transmitting data
securely through these channels has been difficult for the organisation. The security of data

CRYPTOGRAPHY 6
became most vulnerable during the transmission procedure which makes it the perfect time
for cybercriminals to attack. Cryptography ensures the security of data when it is being
transmitted through various channels. Files or information that is shared or uploaded by
individuals or organisations over cloud systems can be protected through cryptography.
Cryptography is used by governments of various nations due to its various benefits; it
assists government and corporations in maintaining the integrity of data while transmitting it
through different channels. As per Jonsson et al. (2016), although data theft is one of the key
problems, many hackers knowingly alter the data for conducting fraud. Cryptography ensures
that the cybercriminals are not able to alter or tamper with the important data. Due to the high
risk of data theft, IT corporations are required to fulfill certain compliances for ensuring the
data security. Cryptography is one of the safest methods of transferring or storing the data
which help the organisation in complying with various requirements such as FIPS, HIPAA,
FISMA and Gramm-Leach Bliley (Ramsey & Shankar 2017). Basis data protection is one of
the most crucial requirements for every corporation and cryptography provides such security
to companies. Encryption is one of the best methods of protecting the data of corporations,
for example, it provides security from leakage and cloning, secure the data across all devices,
provide security while transmitting, ensure integrity and fulfillment of compliance.
There are several benefits of using cryptography for security but there are numerous
disadvantages as well. For example, a legitimate receiver may find it difficult to access the
data at a particular time if such data is authentic, digitally signed and strongly encrypted by
the sender. According to Buchmann (2013), the basis of encryption depends upon the secret
key if the corporation's losses such key or if cybercriminals gain access to such key than they
can easily gain access to such data. In case of individuals, many people forgot their
passwords which make it impossible for them to gain access to their data. The security of
encryption is almost always vulnerable to ‘brute force attack’ that is a method of finding the
key for encrypting by the hackers.
Another disadvantage of cryptography is that it does not provide security against the
vulnerabilities and risks that arise due to poor design of systems. As per Van Dijk & Juels
(2010), one encryption system cannot apply to all systems, corporations are required to
analyse their system and use encryption according to their requirements. Cryptography also
requires a high expenditure of money and time, encrypting and decrypting a data every time
can waste the time of corporations and the software of encryption and decryption is also

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

CRYPTOGRAPHY 7
expensive. It also requires the cooperation of two individuals for an encryption to work
properly. Both parties must have access to secret key and mistake of one company can cause
damage to both organisations’ data (Van Tilborg & Jajodia 2014).
Encryption cannot guarantee that complete data will be protected from leakage or
cloning while communicating or transferring it between two sources. Every organisation
requires analysing their requirement and adopts an encryption strategy according to such
requirements. According to Kranakis (2013), one of the primary mistakes that corporations
made is considering that encryption as a solution to every online security threat. Encryption
can protect the data of organisations but it is not a single solution for every security
requirements. For example, encryption can protect the data while it is in transit, but other than
that cybercriminals can use various other methods to gain unauthorised access to
corporation’s data. Another example is that if the secret key for decrypting the data is
compromised or the hackers create a similar key to decrypt the data then encryption cannot
protect the data of organisation.
In modern times, the Data Encryption Standard (DES) is globally acceptable by
corporations with few expectations. As per Maurer & Renner (2011), most of the
government’s communications, banking facilities, satellite communications and computer
systems are based upon DES for security. In the future, the requirement and usage of
cryptography will be increased due to the requirement of information’s security.
Cryptography has been around for centuries and it has been updated through time. As per the
future threats, the technology of cryptography will adapt according to it. For example,
“Quantum Cryptography” is the future of encryption which ensures the security of data.
Instead of storing data in binary form, that is ‘1’ and ‘0’; the quantum computer will store the
data in ‘quantum bits’ or ‘qubits’. According to Bennett & Brassard (2014), to encrypt such
data which will be magnitude faster than today’s standard, the requirement of ‘Quantum
Cryptography’ will increase. Quantum encryption will protect the data of future computers
from cyber threats and hackers and it will be faster than today’s encryption procedure.

CRYPTOGRAPHY 8
Conclusion
In conclusion, the risk of cyber-attacks and data breaches has grown significantly in
past decade which shows the requirement of information security. Cryptography can be
considered as the cornerstone of information security which protects data through encryption,
after encryption only the person with the secret key can access such information. Modern
organisations, government, and individuals are protecting their data from cyber criminals by
using cryptography. There are several benefits of cryptography such as data protection,
secure transaction, data integrity and security over multiple devices. There are some
drawbacks of cryptography as well, such as poor planning can lead to unsuccessful
encryption, it is a time and cost expensive procedure and it is ineffective if the secret key is
compromised. Therefore, companies are requiring analysing their requirement to implement
an effective encryption system. The drawbacks of cryptography can be overcome by proper
implementation of encryption procedure. In the future, the relevancy of cryptography will be
increased as per the advancement in technology, such as Quantum Cryptography. Therefore,
cryptography can be considered as cornerstone which can solve various problems of
information security.

CRYPTOGRAPHY 9
References
Al-Hazaimeh, O. M. A. (2013). A new approach for complex encrypting and decrypting
data. International Journal of Computer Networks & Communications, 5(2), 95.
Bennett, C. H., & Brassard, G. (2014). Quantum cryptography: Public key distribution and
coin tossing. Theoretical computer science, 560, 7-11.
Buchmann, J. (2013). Introduction to cryptography. Springer Science & Business Media.
Carlet, C. (2010). Boolean functions for cryptography and error correcting codes. Boolean
models and methods in mathematics, computer science, and engineering, 2, 257-397.
Forouzan, B. A., & Mukhopadhyay, D. (2011). Cryptography And Network Security (Sie).
McGraw-Hill Education.
Jonsson, J., Moriarty, K., Kaliski, B., & Rusch, A. (2016). PKCS# 1: RSA Cryptography
Specifications Version 2.2.
Joyner, D. (Ed.). (2012). Coding theory and cryptography: from Enigma and
Geheimschreiber to quantum theory. Springer Science & Business Media.
Kahate, A. (2013). Cryptography and network security. Tata McGraw-Hill Education.
Katz, J., & Lindell, Y. (2014). Introduction to modern cryptography. CRC press.
Kaur, R., & Kaur, A. (2012, September). Digital signature. In Computing Sciences (ICCS),
2012 International Conference on(pp. 295-301). IEEE.
Kharif, O. (2017). 2016 Was a Record Year for Data Breaches. Bloomberg Technology.
Retrieved from < https://www.bloomberg.com/news/articles/2017-01-19/data-breaches-
hit-record-in-2016-as-dnc-wendy-s-co-hacked >
Koblitz, N. (2012). Algebraic aspects of cryptography (Vol. 3). Springer Science & Business
Media.
Kranakis, E. (2013). Primality and cryptography. Springer-Verlag.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

CRYPTOGRAPHY 10
Ling, A. P. A., & Masao, M. (2011). Grid Information Security Functional Requirement-
Fulfilling Information Security of a Smart Grid System. arXiv preprint
arXiv:1108.0267.
Lydersen, L., Wiechers, C., Wittmann, C., Elser, D., Skaar, J., & Makarov, V. (2010).
Hacking commercial quantum cryptography systems by tailored bright
illumination. Nature photonics, 4(10), 686-689.
Maurer, U., & Renner, R. (2011). Abstract cryptography. In In Innovations in Computer
Science.
Morgan, L. (2016). List of data breaches and cyber-attacks in 2016 – 3.1 billion records
leaked. IT Governance. Retrieved from < https://www.itgovernance.co.uk/blog/list-of-
data-breaches-and-cyber-attacks-in-2016-1-6-billion-records-leaked/ >
Ramsey, S., & Shankar, A. (2017). HIPAA and FISMA: Computing with Regulated Data (A
CCoE Webinar Presentation).
Stallings, W., & Tahiliani, M. P. (2014). Cryptography and network security: principles and
practice (Vol. 6). London: Pearson.
Vacca, J. R. (2012). Computer and information security handbook. Newnes.
Van Dijk, M., & Juels, A. (2010). On the impossibility of cryptography alone for privacy-
preserving cloud computing. HotSec, 10, 1-8.
Van Tilborg, H. C., & Jajodia, S. (Eds.). (2014). Encyclopedia of cryptography and security.
Springer Science & Business Media.