What is Password Encryption and Decryption?

Password Encryption and Decryption

Probably in every modern applications need to encrypt their users' passwords to maintain privacy and security. We could say that, from the moment that an application has clients, and clients sign in using a password, these passwords have to be stored in an encrypted format.

Question: - What is Encryption and Decryption?

Answer: - Encryption is the process of converting plain text or encoding messages (or sensitive information) in such a way that only authorized person can read that message and others (like hackers) cannot read it. Encryption techniques or algorithms are using mathematical transformations to encrypt the message and turning it into an unreadable text. Encryption key is the primary thing which helps to encode the messages and which specifies how the message is to be encoded. Encryption is also used to protect data in transit. Encryption provides security to encoded messages.

Decryption is the reverse process of getting back the original data from the encoded messages or cipher-text using a decryption key. 

Question: - What is cryptography?

Answer: - Cryptography is the science which tells about the techniques for secure communication in the presence of unauthorized users or hackers. It is more about construction of protocols which is related to information security.

Cryptography is having below four objectives:-

• Confidentiality: - the information can be understood only by that person for whom it was intended.

• Data integrity: - the information cannot be changed or altered in transit between sender and intended receiver.

• Authentication: - the sender and receiver can confirm each other by providing proper access key.

• Non-repudiation:- the sender of the message can’t deny at a later stage his intentions in the transmission of the information.

Types of cryptography:-

Symmetric-key cryptography

It’s a kind of encryption system in which the sender and receiver of a message exchange a single, common key which is used to encrypt and decrypt the message. Symmetric-key systems are simpler and faster and also easier to implement, but their main drawback/disadvantage is that the two parties must somehow exchange the key in a secure way. Symmetric-key cryptography is sometimes known as secret-key cryptography. Symmetric key cryptography is also known as shared key cryptography. The most popular symmetric-key system is the Data Encryption Standard (DES).

 

Public-key encryption

Public key cryptography was introduced by Whitfield Diffie and Martin Hellman in 1976. So, it is known as Diffie-Hellman encryption. It is also known as asymmetric encryption because it uses two keys instead of one key.

It’s a kind of a cryptographic system that uses two keys - a public key known to everyone and a private or secret key known only to the message recipient.

In public key cryptographic system, the public and private keys are related in such a way that only the public key can be used to encrypt messages and their corresponding private key can be used to decrypt those messages.

Public-key cryptographic systems are becoming renowned for transmitting information via the Internet. They are extremely secure and relatively simple to use. The problem with public-key cryptographic systems is that we have to know the recipient's public key to encrypt the received message.

Questions: - Which types of cryptography are used on the web to secure information?

Answer: - Both types of cryptography are used today to get secure information from the Web. Using public key cryptography, our browser will actually create a shared session key with the website. And then our browser will communicate with the website through symmetric key cryptography in order to actually obtain the private information.

Examples of Symmetric Key Algorithms

DES (Data Encryption Standard):- In the earlier stage, it was very renowned algorithm for encryption of electronic data developed in the early 1970’s at IBM and based on an earlier design by Horst Feistel. DES uses a 56-bit key and uses the block cipher method, which breaks text into 64-bit blocks and then encrypts them.

3DES or Triple DES: - It is derived from DES, a mode of the DES encryption algorithm that encrypts data three times. Three 64-bit keys are used, instead of one, for an overall key length of 192 bits (the first encryption is encrypted with second key, and the resulting cipher text is again encrypted with a third key). This is slow

AES (Advanced Encryption Standard)

• It was developed by Belgian cryptographers Joan Daemen and Vincent Rijmen.

• AES is based on a design principle known as a substitution-permutation network, and is fast in both software and hardware.

• It is based on the Rijndael cipher.

• Rijndael uses a key schedule to expand a short key into a number of separate round keys. This is known as the Rijndael key schedule.

• AES has three fixed 128-bit block ciphers with cryptographic key sizes of 128, 192 and 256-bits. Key size is unlimited, whereas the maximum block size is 256-bits.

Examples of Asymmetric Key Algorithms or Public-key encryption algorithms:-

RSA: - It is derived as on the name of inventors Rivest, Shamir & Adleman. It’s a very common asymmetric encryption system. The RSA algorithm is the most commonly used encryption and authentication algorithm and is included as part of the Web browsers from Microsoft and Netscape. It's also part of Lotus Notes.