Assalamualaikum..
=)
Today i would like to share some knowleges about authentication and encryption..
sounds interesting,huh?
hehe~~
What is authentication?
---------------------------
Based on httpd://apache.org , authentication is any process by which you verify that someone is who they claim they are. In other word, authentication is verification of identity of someone who generated some data.
Identity verification can be classified by:
* something known, e.g: password
* something possessed, e.g: passport
* by physical character, e.g: finger,retina, voice.
We need to make sure that the message comes from apparent or known sources or author, and the content have not been altered at all.
Okay, now let's talk about password. I think most of you are familiar with password, right?
Usually, before we want to log in to other websites such as blogger.com, myspace, facebook or others, we need to insert username and password for security.
That is the most important purpose of password which provide protection to our data. Thus, do not ever keep your password to anybody!
To get a good protection, we need to have a good password which it is hard to guess but easy to remember.
Characteristics of good password:
* not shorter than six character.
* not patterns from the keyboard.
If we have a good password, it is hard for other persons to crack our password.
Do you want to know about time taken to crack password?
If number of characters is One, the total combination of character should be 36 and time taken by human to crack the password is 3 minutes.
If number of characters is four, the total combination of character should be 1700000 and the time taken by human to crack the password is 3 month.
and what about if the number of character is 10 or 12..? count yourself..hehe~~
That is the reason why the password should be in six character and you are encourage to have a combination between number and character in one password so that it will be more secure.
Do You Know?
-----------------
Keylogger allows you to find out what other users do on your computer in your absence. It is designed for the hidden computer monitoring and the monitoring of the computer activity. Keylogger is capable of catching all keystrokes, capturing the screen, logging the programs being run and closed, monitoring the clipboard contents.
Strategies To Select Password
------------------------------------
* User education
* Computer-generated passwords
* Reactive password checking ( occur when user generate a password, then the system will check whether the password exist or not)
* Proactive password checking ( the system will check how strong the password that has been generated.)
Cryptography
----------------
Cryptography is, traditionally, the study of ways to convert information from its normal, comprehensible form into an obscured guise, unreadable without special knowledge.
Encrypted document does not prevent unauthorized people gaining access to it but rather ensures that they cannot understand what they see.
Here, we use idea of cipher system which disguise information in such a way that its meaning is unintelligible to an unauthorized person.
In encryption, we need to be familiar with some terminologies such as plain text, ciphertext, cipher, key, encipher and decipher.
plaintext = original message
ciphertext = coded message
Cryptoghraphy Algorithms
Do you know about this kind of operation?
Cryptography algorithms is a type of operations used for transforming plaintext ( original message) to ciphertext (coded message).
The number of keys used is symmetric (single key or private-key encryption) and asymmetric (two-keys, or public-key encryption).This is the way in which the plaintext is processed.
Methods use in Cryptography Algorithm
Substitution
There are two types:
** Monoalphabetic substitution.
It formed by shifting the letters of the original alphabet.
**Polyalphabetic substitution
Extension of monoalphabetic substitution system which use Vigenere Tableau.
Transposition
This method also has two types:
** Unkeyed transposition
Rearrange letters by using matrix
**Keyed transposition
Rearrange letters by using matrix where the size of matrix is determined by the length of the key used.
Caesar Ciphers
In this cipher each of the letters A to W is encrypted by being represented by the letter that occurs three places after it in the alphabet. Although Caesar used a ‘shift’ of 3, a similar effect could have been achieve using any number from 1 to 25.
The encryption key and decryption key are both determined by a shift but the encryption and decryption rules are different.
For example: : Encryption with shift 8 is the same as decryption with shift 26 - 8 =18.
This enable us to use the same rule for encryption and decryption with the decryption key 18 corresponding to the encryption key 8.
Let's Play!
Find The message behind this cipher text:
YMJ KPJQ UWNHJ BNQQ NSHWJFXJ YT WH KTZW GD SJCY BJJP
=)
-------------------------------------------------------------------------------------------------Simple Substitution Ciphers
For a Simple Substitution Ciphers (or monoalphabetic ciphers), we write the alphabet in a randomly chosen.
The encryption and decryption keys are equal.
The encryption rule is ‘replace each letter by the one beneath it’ while the decryption rule is the opposite procedure. For example:
A B C D E F G H I J K L M
D I Q M T B Z S Y K V O F
N O P Q R S T U V W X Y Z
E R J A U W P X H L C N G
The number of keys for a Simple Substitution Cipher is equal to the number of ways in which the 26 letters of the alphabet can be arranged.
Vigenere Cipher
The Vigenere Cipher (the best known of the manual polyalphabetic cipher) uses a Vigenere Square to perform encryption.
The left-hand (key) column of this square contains the English alphabet and for each letter, the row determined by that letter contains a rotation of the alphabet with that letter as the leading character.
So each letter in the left-hand column gives a Caesar Cipher whose shift is determined by that letter.
Example: the letter g gives the Caesar Cipher with shift 6.
Figure 1: Vigenere Table - Vigenere Tableau
No comments:
Post a Comment