• Islington College

• CC 5004

1. Introduction to Cryptographic Systems 1.1. Introduction to Security Security, in information technology (IT), is the defense of digital information and IT assets against internal and external, malicious and accidental threats. This defense includes detection, presentation and response to threats through the use of security policies, software tools and IT services. (Rouse, 2000/2020) 1.2. Introduction to Information Security Information security is not all about securing information from unauthorized access. Information Security is basically the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information. Information can be physical or electrical one. The CIA (Confidentiality, Integrity, and Availability) triad of information security is an information security benchmark model used to evaluate the information security of an organization. The CIA triad of information security implements security using three key areas related to information systems including Confidentiality, integrity, and availability. Figure 1 CIA Triad Model The CIA triad of information security was created to provide a baseline standard for evaluating and implementing information security regardless of the underlying system and/or organization. The three core goals have distinct requirements and processes within each other.  Confidentiality: Ensures that data or an information system is accessed by only an authorized person. User Id’s and Passwords, access control lists (ACL) and policy based security are some of the methods through which confidentiality is achieved.  Integrity: Integrity assures that the data or information system can be trusted. Ensures that it is edited by only authorized persons and remains in its original state when at rest. Data encryption and hashing algorithms are key processes in providing integrity.  Availability: Data and information systems are available when required. Hardware maintenance, software patching/upgrading and network optimization ensures availability. 1 18030115 Security of Computing 1.3. Introduction to Cryptography The art and science of keeping message secure is cryptography. Cryptography is the science of using mathematics to encrypt and decrypt data. Cryptography is associated with the process of converting ordinary plaintext (sometimes called clear text) into unintelligible text and vice-versa. It is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. Cryptography not only protects data from theft or alteration, but can also be used for user authentication. Figure 2 fig of Cryptography process Earlier cryptography was effectively synonymous with encryption but nowadays cryptography is mainly based on mathematical theory and computer science practice. (economictime, 2013) The earliest from of cryptography was the simple writing of massage, as most people could not read. In fact, the very word cryptography comes from the Greek words kryptos and graphein, which mean hidden and writing, respectively. The key terminologies used in cryptography are  Plain Text Un-encrypted text or message in its original human readable-form. Plain text is the input of an encryption process, and the output of a decryption process. Also called clear text, it is the opposite of cypher text