Securing Digital Information Using Cryptography Techniques to Enhance IT Security

In information technology (IT) security, defence in depth is considered the best practice. Protecting data at rest or in transit is a part of the defence in depth approach. Confidentiality, data integrity, authentication, and non-repudiation are four IT security paradigms that need to be achieved to protect data and enhance IT security. Every scientific organisation requires i) to maintain the confidentiality of information like novel research ideas, results, patents, indigenous developed techniques and designs, human resource personal data and remarks, etc. ii) to manage the integrity of Internet-based web resources, users' credentials, etc. and iii) to manage non-repudiation and integrity guarantee enabled implementation of various software systems. The Rivest-Shamir-Adleman (RSA) technique is used to achieve confidentiality of secret data during its storage and transmission over insecure channels. The elliptic curve cryptography (ECC) technique is used for key exchange with extremely constrained devices like wireless and wireless sensor networks. Data hashing is used for maintaining data integrity; digital certificates are employed to achieve non-repudiation. In order to enhance IT security, the application of these cryptographic algorithms has been studied in data security like workflow-based applications, video conferencing, Domain Name System (DNS), web security, and radio frequency identification (RFID) systems and presented in the paper. A novel scheme to ensure website integrity and to detect website attacks using time-stamped hash functions with timestamping is also demonstrated in the paper. The study revealed that symmetric key and asymmetric key algorithms provide confidentiality and authentication. Data integrity and authentication are achieved using digital signatures and message authentication codes. Non-repudiation is established with asymmetric key algorithms and digital signatures.