knowledge

Is cryptography and CIA Triad are two sides of the same coin?

Cryptography is a technique of ancient writing. Cryptography can be defined as the science of secret writing in the form art. Cryptography was first documented back in 1900 B.C. Some researchers say that cryptography is the form of ancient writing invented by the Egyptians. While some researchers say that cryptography came sometime after writing was invented. Now in modern time’s new forms of cryptography came into existence with the rise of computers. In recent times cryptography is a necessary tool in communication in an untrusted medium like the internet.

Cryptography in simple language can be defined as the process of converting a simple text into unintelligible text or vice versa. It is the method of storing data in such a way that only members who has the authorization to the particular data can access and see it. Modern cryptography consists of five main functions:

  • Authentication
  • Privacy/ confidentiality
  • Non repudiation
  • Integrity
  • Key exchange

In cryptography unencrypted data known as the plaintext is encrypted into cipher text. Now after some time it decrypted into plain text again. The description and encryption is based on some form key being applied to cryptography. Cryptography in mathematical terms can be defined as cipher text which is equal to encryption method and plain text or C=E x P where C= cryptography, E=encryption and P=plain text

 

Working of cryptography algorithm

Crypto algorithms are a security measures that are used in banking, e commerce and computer passwords. Cryptography algorithm works in three basic function which are secret key function, public key function and hash function

Secret key function

In this type of function both the receiver and the sender shares a single key. The sender with the help of this secret key encrypts plain text to cipher text and sends it to the receiver. On the other side the receiver decrypt the cipher text to the plain text

   Fig 1: shows the function of secret key function

Public key function

This function is most revolutionary function in for the last 300-400 years. In this case the cryptography is related with two keys. The keys are public and private key. Public can be of easy access since it can be freely distributed. However when it is paired with the private one then it can be used for added security. A public key is used for encryption and the private key is used for decryption. Public key cryptography are depended on the one way functions which is difficult to compute. For example imagine a product of two numbers is too be calculated such as 3 and 7. Since this is easy an induvial can calcite this mathematical expression in about no time. Now in case of these numbers it is replaced by 400 and 800. This is the time when public key function comes to rescue. It makes huge calculation easier by calculation in no time.

Hash function

In this function no key is used. In this case a fixed length is considered and its computed as plain text. Now since the text has no key so it becomes impossible to decrypt the plain text. These are used to in system to secure passwords. This algorithms works on one way encryption and message digests. In this function a digital fingerprint is used to secure a files contents. The digital finger print ensures that the file has not been compromised with some virus or an attack. These only used in daily transactions of an organization. The use of digital signature during transactions ensures that the money transfer is safe and secure.

The CIA triad is often regarded as the fundamental concept in security. Ensuring the protection of Facets of the CIA Triad is an effort in designing a proper security system. However, in terms of IT technology, other models are also considered for the security of the system known as Parkerian hexad. This model is used in the scenarios like non-repudiation. The core elements of CIA triad are

Confidentiality

When an IT professional talks about confidentiality then the individual talks about the protection of the private information. The private information is protected from the unauthorized parties. Now a day’s confidentiality is of high value. Bank details, social security number, government documents seek utmost importance and intensive care. The care can be provided with the help of encryption. Hence encryption tends to be a very important part of the information security. The key highlight of using encryption is that it gives the access to right people. This encryption ensures that only a specific amount of individual have the right to read the information. Over the time encryption have been widespread and can be found in every major protocol.

Integrity

Integrity is the process by which information is protected by restricting the permission of the third parties. Integrity is a crucial element is CIA triad since it restricts the authorized parties to modify an information. Since confidentiality is connected with encryption, similarly integrity is connected with cryptography. Data integrity involves comparison. The comparison is based on hashing of the data that IT professionals receive the original message. This means that original hash of data is available to the IT professional. In order to secure it, the individual would use methods of data integrity like the GPG to the sign the data.

Availability

Availability is the process by which authorized parties can access the information whenever they need. Since information only holds a value when the people can access the information at the right time. These information has been compromised with the use of DDoS attacks. Tracing the hackers and analyzing the configuration of the network can be very costly. So availability is directly connected with backup. Regular backup can minimize the damage of the software caused by the attackers. Furthermore, if the information is highly critical then redundancy is a highly appropriate choice. An offsite location should be ready at all times. The offsite location will be helpful in restoring service if the primary data is in trouble. This will reduce the downtime of the company if primary data is being attacked in the first place.

Real world example

Imagine a person from abroad is trying to send 10,000 dollars to the members of the family. Now if this information compromised then it would lead to disaster. The members of the family would get only 10 dollars instead of 10,000 dollars. This can be prevented cryptography and the sharing of the information like the bank statements and private accounts can be prevented with the help encryption. With the help of CIA triad, the person needs not worry about the international transactions. Sine money will only get transferred with the help of the digital sign.

 

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Close