Do you need this or any other assignment done for you from scratch?
We have qualified writers to help you.
We assure you a quality paper that is 100% free from plagiarism and AI.
You can choose either format of your choice ( Apa, Mla, Havard, Chicago, or any other)
NB: We do not resell your papers. Upon ordering, we do an original paper exclusively for you.
NB: All your data is kept safe from the public.
Introduction
In today’s era of global exposure in various fields, especially internet, it has become vital to have some sort of security for the transactions that are carried out. Owing to its easy accessibility, internet has become a tool for communication for millions of people, ranging from individuals to governments and even armed forces. It is used extensively as a medium for conducting business, transferring information and sharing important data. There are several features and applications of internet security, such as protected transactions, passwords, and confidential communication (Kessler, 2014). Cryptography is a feature that provides safe and protected communications and transactions. However, an important thing to understand is that cryptography is not self-sufficient for such protection. It needs certain methods like PGP (Pretty Good Privacy) and GPG (GNU Privacy Guard) to achieve the desired results.
PGP
The initial PGP software, which was the brainchild of Phil Zimmermann & Associates, was owned by PGP Inc. After its release in 1991, the ownership of the software passed on to several companies and finally, Symantec Corp. acquired it in 2010 (Cheney, 2013).
OpenPGP
While PGP has some licensing issues, OpenPGP has no restrictions on its utilisation. This software was developed by Zimmerman in 1997 (Cheney, 2013).
GPG
Werner Koch developed an alternate to OpenPGP in 1997 and named it GPG. This software is free to be downloaded and enables exchange of information with PGP and OpenPGP files (Cheney, 2013).
Using Encryption to Provide Confidentiality for Network Communications
In the current internet system, users are required to prove their identity (via name and/or address) in order to get authentication; this might not prove to be effective. Preferably, only the intended person should be able to read a particular message. The sender and receiver should have surety that the sent message is not altered in any manner and the sender has actually sent it. Cryptography defends the transmitted data from any sort of change or pilferage.
The transmitted and/or stored messages (in PGP) are encrypted and as such, they are confidential. The three kinds of encryptions that are generally used for this purpose are secret key, public key, and hash function; the initial text is called ‘plaintext’, the encrypted text is called ‘ciphertext’, and the decrypted text is also called ‘plaintext’. Such confidentiality may be achieved by using algorithms such as CAST-128, IDEA and 3DES.
Key distribution is a vital aspect of the encryption process. The symmetric key is encrypted by PGP in order to make it confidential; a public key is sent along with the message and each key is used only once. Every new message has a new public key that consists of a random 128-bit number (Stallings, 2007). PGP uses algorithms such as X9.17 and CAST-128 for generating symmetric keys and encryption, respectively.
Use of PGP Package to Provide Authentication
PGP also provides authentication of the user with the help of a feature that allows the sender to sign his/her message. This message is then encrypted using the prescribed algorithms and a key is generated with the help of RSA. “RSA is an internet encryption and authentication system that uses an algorithm developed by Ron Rivest, Adi Shamir, and Leonard Adleman” (Rouse, 2014, p. 1).
The process of authentication involves a set procedure according to which, as a first step, the sender has to create a message. Once the message is complete and ready to be sent, PGP uses SHA-1 to generate a 160-bit code, which is then encoded by means of correspondent’s key. The original and digest messages are then combined and compressed. At this stage, confidentiality is provided with the help of a symmetric key that is further encoded by recipient’s public key.
At the receiver’s end, this key (receiver’s public key) is used to decrypt the symmetric key, which in turn is used for decrypting the message. The recipient employs RSA, along with the correspondent’s key, to decode and retrieve the hash code. Finally, the receiver generates a new hash code and tallies it with the received hash code from sender; if both the hash codes match, the message is considered to be authentic.
Use of PGP to Provide Integrity
PGP also provides integrity with the help of a hash function. While the use of RSA (to encrypt the output of hash function) authenticates the message, hash function offers integrity. The integrity process involves certain steps. A hash function (like SHA-1) generates a message assimilation that further develops an electronic signature by encrypting the correspondent’s key. The generated signature is then linked with the message to form a single string, which is then compressed. The compression process is carried out so that the uncompressed message may be stored (along with the signature) for future verification purpose. After this, if any changes are made to the original message, the receiver will not be able to decrypt it.
Usefulness of Cryptosystems in a Banking System
Banking is a vital part of the global business scenario. In today’s era, bank customers have the facility of transacting online business. This saves a lot of time and money. It is very important to have such software that can guarantee confidentiality, authenticity and integrity; PGP is such software.
PGP is viewed as the best option when the prime concern is security. Keeping in mind the end goal to provide a safe correspondence between two banks, computers create a key pair for a single session. The focal point of utilising PGP as a part of any bank’s transaction is that the key lapses after a solitary session, which makes the likelihood of decrypting the key unfeasible.
The banks, all over the world, have to protect vital information of their customers and for this purpose they rely on PGP, which ultimately helps them in securing important data pertaining to their customers and brokers. An example of a bank where PGP has been put into practice for secure transmission is the Bank of England where email transmissions and their attachments are secured during transmission. In the Bank of England, PGP provides two solutions. The first one is PGP internet messenger that provides a secure internet browser for sending and receiving emails (with and without attachment). The second one facilitates secure exchange of keys within banks.
The users do not have to purchase or install any software in order to use the messenger. The system proposes to be utilised as a protected method to transmit vital information through email. It provides the users with storage of 50mb in their mail inbox (secured). A drawback in this system is that all the stored data that is more than two months old is automatically deleted and as such, it is necessary for the users to save the data at some other location.
How Secure is RSA in Practice
The choice of cryptographic algorithms depends on the kind of application that is needed (Xie, Zhou, & Bhuyan, 2000). RSA security peculiarities are focused around the problem of factorising the huge prime numbers. Notwithstanding, RSA execution in PGP may have a few shortcomings. PGP and GPG rely on Fermat hypothesis to identify the two huge prime numbers, which can be considered to be dependable to some extent only.
Case in point, there are some peculiar cases, which are denoted as ‘Carmichael Numbers’. Carmichael Numbers, for example 561 and 1105, are not prime numbers yet they do fulfil the Fermat hypothesis. Despite the fact that the error of percentage in Carmichael Numbers is so little, it is viewed as one of the shortcomings in RSA execution. While PGP is free to use, any commercial usage requires a license.
Also, severe assault is conceivable in PGP and GPG. In any case, this system may take years to decipher the key so as to unscramble the messages. Nothing is distinct and resilient in cryptography. At the point when RSA public key encryption was of 426 bits in length, it was expected to be resilient and unfeasible to crack; nonetheless, it was cracked in 1994 that resulted in severe damage to thousands of computers. Thus, security of RSA relies on the key length used to encode the message to reinforce it and make it difficult for the attackers to crack.
Conclusion
Cryptography has proved to be a boon for communication and online transactions; it has provided much required online security. In addition, it has also provided confidentiality to online monetary and other business transactions. It is very difficult to ascertain the identity of people whom we do not know but there are circumstances when it becomes necessary to communicate and deal with such people. Also, the banking sector acts as a backbone for domestic and global business and as such, it very vital to ascertain the security, authenticity and integrity of customers. Cryptography provides solutions to all such requirements and problems.
References
Calloway, D. (2008). Literature review on cryptography and network security. Web.
Cheney, D. (2013). OpenPGP, PGP and GPG: What is the difference?. Web.
Figg, B. (n.d.). Cryptography & network security. Web.
Johnson, M. P. (2014). Where to get PGP and GPG. Web.
Kaushik, S., & Singhal, A. (2012). Network security using cryptographic techniques. International Journal of Advanced Research in Computer Science and Software Engineering, 2(12), 105-107.
Kessler, C. G. (2014). An overview of cryptography. Web.
Reagan, A. (2008). Cryptography. Web.
Rouse, M. (2014). Cryptography. Web.
Stallings, W. (2007). Network security essentials: Applications and standards. London: Prentice Hall.
Stallings, W. (2011). Cryptography and network security: Principles and practice. London: Prentice Hall.
Ström, S. (2003). Importance of cryptography in network security 2D1441 seminars in theoretical computer science. Web.
Xie, H., Zhou, L., & Bhuyan, L. (2000). Architectural analysis of cryptographic applications for network processors. Web.
Do you need this or any other assignment done for you from scratch?
We have qualified writers to help you.
We assure you a quality paper that is 100% free from plagiarism and AI.
You can choose either format of your choice ( Apa, Mla, Havard, Chicago, or any other)
NB: We do not resell your papers. Upon ordering, we do an original paper exclusively for you.
NB: All your data is kept safe from the public.