14th August 2019, Kathmandu
Cryptography is used by the information security to change the readable information into a secured form which ensures that it can only be accessed by the authorized user and no one else. The information thus transformed into encrypted can be transformed back into the original data only by the authorized person who holds the cryptographic key.
Information security uses cryptography to protect information from accidental or unauthorized disclosure while the data is in transit whether electronically or physically and why it is in storage.
It provides information security along with other useful applications and improved authentication methods, digital signatures, message digests, encrypted and non-repudiation network communications. Various
secure applications such as ssh that use encrypted network communications are slowly replacing older less secure applications such as ftp and telnet.
Wireless communications can be encrypted using protocols such as WPA/WPA2 or WEP which is older and less secure. Wired communications such as ITU‑T G.hn are secured using X.1035 for authentication and key exchange and AES for encryption. Software applications such as PGP or GnuPG can be used to encrypt Email and data files.
Security problems can be introduced by Cryptography when it is not implemented correctly. The length and strength of the key must be considered in cryptography. Weak encryption will be produced if the key is thin or too small.
The keys used for encryption and decryption must be protected with equal importance as any other confidential information. They must be protected from unauthorized destruction and disclosure, and they must be readily available when needed. Many of the problems that deal with crucial management are addressed by Public essential infrastructure (PKI) solutions