Cryptography

Julius Caesar encrypted messages so that the messenger could not understand the cipher (Faqs.org, 2003). A “shift by 3” function was used i.e. he substituted A by D, Z by C etc. Only the recipient, who knew the key, three in this case, could decipher the message. A cipher system is a way of disguising messages such that only the recipients with the knowledge of the ‘key’ can decipher it. Cryptography is the art of using cipher/crypto systems. Cryptanalysis is the art of deciphering the encrypted message without prior knowledge of the key means other than the intended.

A strong cryptosystem has a large key space, it will certainly produce cipher text which appears random to all standard statistical tests and it will resist all known previous attacks (Faqs.org, 2003). Several types of cryptography and standards exist today. Public Key Cryptography Standards (PKCS) is an important security standard, it defines a binary format that can be used for storing certificates. Public key cryptography and shared key cryptography can also use message digests – this is a one-way has function.

DES, MD5 and SHA1 are obsolete. Ensure a migration asap to AES, SHA2.

Encryption in motion, and encryption at rest is an absolute for my system design. I do not want to have anything anywhere unencrypted. From that starting point, I am willing to have discussions about tradeoffs.

References

1. https://csrc.nist.gov/Projects/Cryptographic-Standards-and-Guidelines

2. https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197-upd1.pdf