The use of cryptography in everyday life
-
Viral Armor
The main task, key of a virus writer is to create a program that would take the maximum amount of time to identify and destroy, and ideally an infinite amount. Writing a virus is not much different from writing a regular application: the creator tries to implement the most sophisticated technologies that improve the program’s performance, increase fault tolerance and distribution. After receiving a sample of a virus, an antivirus analyst examines how it works and the consequences of infection.
Accordingly, he develops an “antidote.” It turns out that both the author of the virus and the analyst get the same idea of the virus. Cryptovirology is trying to break this symmetrical state of affairs – hackers encrypt their viruses, manufacturers of anti-virus databases – signature databases. Two models of crypto viruses are prevalent today.
For note, the matrix is widely in use in cryptography. Using an online matrix multiplication calculator, you can easily make calculations. And more to add, use an online determinant calculator to find the determinant of the matrix.
-
The model with a public key
The virus writer creates two keys. One places in the body of the virus, the other remains with the author. Once on the user’s computer, the virus spreads and encrypts user data using the public key. You can only decrypt using the private key. The attacker then demands a ransom from the user in exchange for the private key.
Sometimes, in order for the hacker’s victim to be unable to publish the private key, the virus writer demands to send the data encoded by the virus in order to return the decoded version to the user. However, if a virus has encoded some secret data, then the user will more likely choose to destroy it, and not send it to the attacker for decoding.
-
Hybrid model
The author creates public and private keys, the open one is placed in the body of the virus, the private one remains with the virus writer. The virus spreads, creates a secret key, encrypts data with it, after which the secret key is encrypted with a public key. A secret key is needed to decrypt such data. The hacker offers it in exchange for a ransom.
Fortunately for ordinary users, both of these methods of fraud remain too risky for the hacker himself, since the question of anonymity remains open – how to get money and no one catches you? And cryptography is not an assistant here. However, blackmail is far from the only way of online fraud. And in all other ways, cryptology only plays into the hands of the villains.
Using polymorphism, the virus creates a new encryption mechanism and a new key every time it copies itself. However, polymorphism has a significant drawback – decryption always occurs using the same code, which makes it easier to detect a virus.
Metamorphism corrects the situation. This technology changes the entire source code of the virus when it copied. As a result, one can only imagine what problems antivirus lab analysts face these days. Nevertheless, they cope. Those who want to protect their information do this no less effective than those who seek to gain unauthorized access to it.
-
Round Defense
Protecting information is a vital necessity, and above all for companies. It is unlikely that today there is a structure that would not store confidential data on one or more corporate servers. This is better than storing information on the computers of individual users. Since the level of data, confidentiality requires, on the one hand, reliable encryption of documents. On the other hand, convenient access to it by employees who need this information to work. Therefore, in corporations, as a rule, the principle of transparent encryption is in use.
When using this principle, the information stores on the server is always in an encrypted state and is in decryption form only at the user’s request. There are two methods for transparent encryption. In the first, the basis is the so-called container file. This is a special format file in which all protected information stored.
With the help of a special driver included in the cryptographic product, it can connect to the system as a virtual removable disk. On the user’s desktop, the container file is displayed as a logical partition on the hard drive. The advantages here are obvious: any information can be stored on a virtual disk. In addition, it is mobile – the container file can be easily transferred to any other computer.
The disadvantage is that there is a possibility of damage to the file container (one wrong byte resulting from a failure or physical damage, and the information cannot be decoded. So in this case, creating backups is a primary need). As well as low speed of work with simultaneous connecting a large number of users (even for medium-sized companies this is unacceptable).
The essence of the second method is to encrypt a partition or several partitions of the hard drive, but not the entire disk. The principle of operation is the same – information decodes only when it gets access.
-
Human Factor
No matter how well the information is secure, there is always a high probability that a human-induced leak will occur. In this case, modern cryptographic security systems provide several solutions. Cybercriminals often try to gain access to classified information by blackmailing the responsible employee and trying to steal the key from him.
In this case, there is a function of “duress entry”, when the employee does not transfer the real key to the criminals, but a special, authentication one. When using it, the system, for example, simulates a failure and destroys the encryption key.
To protect against insiders who can transfer information to third parties for money, a key quorum is usual in practice. When several parts of the key need to access an encrypted disk. The human factor becomes especially important when it becomes necessary to encrypt information, not on the server. But, for example, on the user’s laptop, which today. As you know, can be lost or stolen at the most inopportune and unexpected moment.
-
Third Side
However, summing up all of the above. It cannot say that there is an ideal way to protect information from intruders. There is no such way, except perhaps for the complete destruction of data. Nevertheless, people still trust each other and, based on trusting relationships, integrate cryptography into modern life.
The only globally widespread and relatively efficient system today presupposes the presence of some kind of intermediary who all parties and who trusr. As an arbiter, determines the authenticity of the keys and certifies them.
According to this scheme, for example, licensed software is in distribution (the system of Internet updates Windows Vista functions this way). Transactions with electronic currency (like WebMoney) carried out. Online systems for authenticating business documents work in a similar way. In some countries, at the legislative level, they are equal in rights with paper documents. The “notary” in this case is either a private company or a government agency.
At the same time, all modern cryptography built on several mathematical statements that are dubious due to their lack of proof. The problem of decomposing an arbitrary number into prime factors in a reasonable time is unsolvable – one of them. Since the time of Euclid, mathematicians have been struggling to solve this problem.
And if a genius suddenly appears (as it happens, albeit rarely). Who manages to quickly solve this problem, the entire modern economy will collapse like a house of cards. Experts, of course, reassure that this will not happen before the spread of quantum computers, that is, not yet soon.
