The concept of confusion, as relates to cryptography, was defined in Shannon’s 1948 paper. Generally, this concept attempts to make the relationship between the statistical frequencies of the cipher text and the actual key as complex as possible. Put another way, the relationship between the plain text, cipher text, and …

Read More »## Digital Signature

An essential purpose of cryptography would be to ensure nonrepudiation of a delivered message. This is where the receiver of the message cannot deny that the message is genuine. A digital signature is a technique used to help demonstrate this authenticity and the integrity of the message. It is useful for …

Read More »## Hybrid Encryption with Integrity

In this article, we will build on the previous hybrid encryption example by adding message integrity. This will mean that, once the encrypted data block has been created, you can check whether or not it has been tampered with or corrupted while in transit to its recipient. Before looking at …

Read More »## Hybrid Encryption (RSA+AES)

With RSA you cannot encrypt data that is bigger than the length of the asymmetric key. If you want to encrypt a bigger block of information, what exactly would you do? Preferably, you’d wish to make use of symmetric encryption algorithm such as AES, but the issue you encounter is that …

Read More »## Asymmetric Encryption – RSA

The main problem with symmetric encryption is that of securely sharing keys. For a recipient to decrypt a message, they need the same key as the sender, and this exchange of keys can be very difficult to do securely. A good solution to this problem is to use asymmetric cryptography …

Read More »## Advanced Encryption Standard (AES)

The Advanced Encryption Standard (AES) is the latest encryption standard adopted by NIST in 2001 for the symmetric encryption of messages. The AES algorithm was selected as part of a contest to find a replacement for the Data Encryption Standard (DES). This algorithm was based on the Rijndael cipher developed …

Read More »## Data Encryption Standard (DES)

The Data Encryption Standard (DES) used to be the default standard for symmetric encryption of data. DES was based on an earlier design by Horst Feistel and developed by IBM in the early 1970s. DES was submitted to the National Bureau of Standards as part of a drive to propose …

Read More »## Symmetric Encryption

A symmetric encryption algorithm is a two-way encryption procedure that employs the same key for both encryption and decryption of the information. Theoretically, this seems straightforward as both the sender and receiver of the message should know the key, however in practice safely sharing a key is very hard to …

Read More »## Password Storage

Using Hashes to Store Passwords A common usage scenario for hashes is to encode passwords for storing in a database. With the rise of modern processors and graphical processing units (GPUs), it is not recommended you take this approach as hashes can be brute force attacked or attacked by using …

Read More »## Cryptographic Random Numbers

Random numbers are essential in cryptography as you need them for generating encryption keys for symmetric algorithms such as AES, as well as for adding entropy into hashing functions and key derivation functions. Usually in .NET, when you want to generate a random number or a pseudorandom number, you would make …

Read More »