Cryptography is a method of storing and transmitting data in a particular form so

that only those for whom it is intended can read and process it.

cryptography is most often associated with scrambling plaintext(ordinary text,

sometimes referred to as cleartext) into ciphertext (a process called encryption), then
back again (known as decryption).
in cryptography, a key (or cryptographic key) is a piece of information that allows control over the
encryption or decryption process.
There are two basic types of cryptographic algorithms.

Symmetric algorithm: If there is just one key for encrypting and decrypting, the algorithm is
called symmetric.

Asymmetric algorithm: If there are two different keys, each of which can be used only to
encrypt data or only to decrypt it, the algorithm is called asymmetric. If an algorithm is
asymmetric, one person publishes a key and accepts messages encrypted with that key. Anyone
can encrypt a message, but only the person who owns the other key can decrypt it. This is how
online stores, banks, etc., work.

http://www.garykessler.net/library/crypto.html
There are two basic techniques for encrypting information: symmetric
encryption (also called secret key encryption) and asymmetric encryption (also
called public key encryption.)

https://support.microsoft.com/en-us/kb/246071
Generally asymmetric encryption schemes are more secure because they require both a
public and a private key. Certainly with symmetric encryption you have to worry about
secure key exchange but as far as I can tell there's no inherent reason why one must be
more secure than the other.
Especially given that the asymmetric part is often just used for the key exchange and then
the actual data is encrypted with a symmetric algorithm.

So, am I missing something or can a general statement like this really be made about which
is more secure.
There is no way to directly compare them. I would point out the only thing we can say is secure is one
time truly random pad based XOR stream cipher (which is symmetric), however key exchange is a major
problem. We can also say that we can, in theory, break RSA and El Gammel (the two main asymmetric)
algorithms) with quantum computing, we just haven't built the device to actually do it..
For the same key size typically the asymmetric encryption (especially RSA) is less secure. Of course in
practice you offset this by using larger keys.

Strength is independent of symmetric vs asymmetric. Symmetric cryptography and

asymmetric cryptography are two different kinds of cryptographic tool. Each one can be
either weak or strong, depending. There's no reason whatsoever why asymmetric
cryptography is necessarily stronger than symmetric cryptography.
http://security.stackexchange.com/questions/7219/asymmetric-vs-symmetric-encryption

.Public-key, or asymmetric, cryptography also emerged in the mid-1970s.Publickey ciphers use a pair of keys: the public key that gets shared with other
people, and a corresponding private key that is kept secret by its single owner.
For example, Alice can create a key pair and share the public key with Bob and
anyone else who might want to send her a secret message. Bob can encrypt a
message to Alice by using her public key, and Alice can decrypt it using her
private key.

Symmetric vs. asymmetric algorithms[change | change source]

Unlike symmetric algorithms, asymmetric key algorithms use a different key for encryption than for
decryption. Meaning, a user knowing the encryption key of an asymmetric algorithm can encrypt
messages, but cannot calculate the decryption key and cannot decrypt messages encrypted with
that key. A short comparison of these two types of algorithms is given below:

Speed[change | change source]

Symmetric-key algorithms are generally much less computationally intensive than asymmetric key
algorithms. In practice, asymmetric key algorithms are typically hundreds to thousands times slower
than symmetric key algorithms.

Key management[change | change source]

One disadvantage of symmetric-key algorithms is the requirement of a shared secret key, with both
parties holding the same copy at each end. In order to ensure secure communications between
everyone in a group of n people a total of n(n - 1)/2 keys are needed, which is the total number of
possible communication channels.[1] To limit the impact of a potential discovery by a cryptographic
attacker, they should be changed regularly and kept secure during distribution and in service. The
process of selecting, distributing and storing keys is known as key management, and is difficult to
achieve reliably and securely.

Hybrid cryptosystem[change | change source]

In modern cryptosystems designs, both asymmetric (public key) and symmetric algorithms are used
to take advantage of the best of both. Asymmetric algorithms are used to distribute symmetric-keys
at the start of a session. Once a symmetric key is known to all parties of the session, faster
symmetric-key algorithms using that key can be used to encrypt the remainder of the session. This
simplifies the key distribution problem, because asymmetric keys only have to be
distributedauthentically, while symmetric keys need to be distributed in both an authentic and
confidential manner.
Systems that use such a hybrid approach include SSL, PGP and GPG, etc.

Modern cryptography concerns itself with the following four objectives:

1) Confidentiality (the information cannot be understood by anyone for whom it
was unintended)
2) Integrity (the information cannot be altered in storage or transit between
sender and intended receiver without the alteration being detected)
3) Non-repudiation (the creator/sender of the information cannot deny at a later
stage his or her intentions in the creation or transmission of the information)
4) Authentication (the sender and receiver can confirm each other?s identity
and the origin/destination of the information)
http://searchsecurity.techtarget.com/Understanding-encryption-and-cryptographybasics

About the author

Rick Smith Ph.D., CISSP, is a writer, lecturer and consultant on information
security. He is the author of Authentication: From Passwords to Public Keys
(Addison-Wesley, 2002) and Internet Cryptography (Addison-Wesley, 1997).

2 para
Cloud computing is a term for the delivery of hosted services over the Internet.
The cloud in cloud computing was the symbol network engineers used to
illustrate unknown domains and large networks of servers located elsewhere.
Using the power of other computers somewhere on the Internet thats what
cloud computing is all about.
Cloud computing is just hosted computer services, said Pascal Schuback, a
program coordinator for the King County, Wash., Office of Emergency
Management. It is simply using the power of other computers on the Internet.
Emergency managers use a cloud every day without thinking twice to: check
email, collaborate with applications like SharePoint, access social and
professional networks, watch videos on YouTube, or use almost anything from
Google.
Cloud computing is not new. What is new is how its being applied. What it can
do for emergency management is make the job a lot easier.
Like everything else, there are pros and cons to delivering services via cloud
computing.
One big advantage is the cost. The individual user needs only a
terminal/monitor/modem with some limited local storage and access to the
Internet. Commercial software packages vanish in favor of subscriptions to the
programs or services needed. The agency doesnt need a room full of servers,
and IT departments shrink because the data center doesnt exist.

The end-user experience is certainly less complicated. Compatibility problems

decrease, because software updates are always current. Dependability increases
because services are maintained and available remotely 24/7, no more waiting
for desktop support. Profiles remain consistent across all devices, and
intelligent assistants (think Siri) can customize needed information.

Now the Downside

As idyllic as it all sounds, there are concerns about migrating to cloud computing, like bandwidth.
Think of bandwidth as the Interstate Highway System. The roadway is the network; the wider the
roadway, the more cars (or data) can travel along it; more roadways (networks) mean more options
for cars (and data) to get from one place to another. We have the interstate; we dont have the city
streets. The downside is that public infrastructure physical or virtual isnt a high priority in the
U.S. these days.
Another concern is maintaining connections to a cloud. If the link is severed because of a power
outage, software crash, or an earthquake or hurricane taking out the local infrastructure, and the
Internet cant be accessed, neither can the data or applications stored there. Case in point being the
Microsoft Azure cloud service failure on Feb. 29 that left customers worldwide without access for
several hours to several days. This problem is easier to solve: The answer is collaborating clouds.
Just like there are failover procedures in data centers, there will be failover clouds.

http://www.emergencymgmt.com/disaster/How-Cloud-Computing-Can-BenefitDisaster-Response.html

Homomorphic encryption is the conversion of data into ciphertext that can be

analyzed and worked with as if it were still in its original form.
Homomorphic encryptions allow complex mathematical operations to be
performed on encrypted data without compromising the encryption. In
mathematics, homomorphic describes the transformation of one data set into
another while preserving relationships between elements in both sets. The term
is derived from the Greek words for "same structure." Because the data in a
homomorphic encryption scheme retains the same structure, identical

mathematical operations -- whether they are performed on encrypted or

decrypted data -- will yield equivalent results.
Homomorphic encryption is expected to play an important part in cloud
computing, allowing companies to store encrypted data in a public cloud and take
advantage of the cloud providers analytic services.
5. Homomorphic Encryption Applied to Cloud Computing Security When the data transferred to
the Cloud we use standard encryption methods to secure the operations and the storage of the
data. Our basic concept was to encrypt the data before send it to the Cloud provider. But the last
one needs to decrypt data at every operation. The client will need to provide the private key to
the server (Cloud provider) to decrypt data before execute the calculations required, which might
affect the confidentiality and privacy of data stored in the Cloud. In this paper we are proposing
an application of a method to execute operations on encrypted data without decrypting them,
which will provide the same results after calculations as if we have worked directly on the raw
data. Homomorphic Encryption systems are used to perform operations on encrypted data
without knowing the private key (without decryption), the client is the only holder of the secret
key. When we decrypt the result of any operation

Conventional Encryption involves transforming plaintext messages into ciphertext messages that are to be
decrypted only by the intended receiver. Both sender and receiver agree upon a secrete key to be used in
encrypting and decrypting. Usually the secrete key is transmitted via public key encryption methods.

Conventional encryption ciphers rely on a single key for both encryption and decryption. Modern
protocols will use a private key for encryption and a different public key for decryption. These two
keys are mathematically related in a fashion that allows them to encrypt/decrypt the same data
successfully.

Deduplication copies bring a lot of benefits for cloud computing, we have a one more major
issue which is security. Security issues should be eliminated or high security standards must be
followed when data is being handled in cloud environment. Normally, we follow the basic
encryption-decryption algorithm to encrypt the data while transferring and decrypting the data
while receiving. The drawback in this technique is that different users may form different
encryption keys through which deduplication are not efficiently possible. So, we propose a new
technique called
Hybrid Cloud: This model comprised both the private and public cloud models where
organization might run non - core application in a public cloud, while maintaining core
applications and sensitive data in- house in a private cloud.
Complexity of Security Aspects
When we think about security of organizations core IT infrastructure there is need to provide
security at network level, host level, application level and when we talk about data security two
aspects are included data transmission security and data storage security.
The cloud security issues deals with all the challenges associated with securing an organizations
core IT infrastructure at the network, host, and application levels as well as the vulnerabilities
and attacks related to the data security including: Data-in-transit, Data-at-rest, Processing of data
including multitenancy, Data lineage, Data provenance, Data lock-in, .
USE OF CRYPTOGRAPHY IN CLOUD COMPUTING
In cloud computing the users can upload their information to the centralized large data centers
where management of data and services are not trustworthy because information is uploaded by
the users into cloud data centers not encrypted hence that is accessed by everyone For better
security of cloud data centers the information is encrypted by the users by using cryptography
techniques before uploading into the cloud data centers. The cryptography is the art and science
of achieving security by encoding messages to make them non- readable. The original plain text
message is in simple English language that can be understood by everyone. The codified
message by cryptographic techniques is called as ciphertext message

cloud computing is such a technology with the help of which you can store your data not
only in your computer but on an online network as well. It is just like if you have
connected to the internet and you are uploading some files on a data sharing websites.
These websites are the best example of cloud computing. If you will save your date only
in your hard drive then you will lose all your data when your hard drive will suddenly
stop working. Something like this may not happen with you but it happens with many
people. If you want to keep your data save even when your hard drive is out of order
then you must use cloud computing.
The biggest benefit of using this technology is that, you are not only storing your data in
your computer but you are also storing it at such place from where you can access it at
any time. There are certain software programs that can help you to do this. All you will
have to do is toinstall cloud computing software in your computer and store all your
important data with the help of that software. Once you will store your data in that
software, it will be automatically uploaded on the internet and stored in a cloud
computing network. Now, whenever you need to use that data again, you can get
access to it with the help of internet.
If you are traveling and you forgot to take your PC with your then you will be afraid
about using the data that you had saved in your PC. However, if you will be using cloud
computing then you will not have to worry about data being lost because you

can download that data from the cloud network very easily. you will just need another
computer and an internet connection to retrieve all your data and do your work.
Author Bio:- Crystal J. Briscoe is from Self Test Engine. Looking for 642-993 exam
help? Lets take advantage of Self Test Engine 642-994 training and pass your IT
exams on first try.