Cryptography is the process of protecting information through the use of mathematical algorithms, so that only those for whom the information is intended can read and process it. Cryptography is closely related to the disciplines of cryptology and cryptanalysis. So, let us start with some definitions:

• Cryptology is the study of codes, both creating and solving them.
• Cryptography is the art of creating codes.
• Cryptanalysis is the study of cryptosystems in order to understand their hidden aspects with the aim of finding techniques for defeating them.
• Algorithms are procedures used for solving problems or performing computatiosn. Algorithms and related mathematic functions are the foundation of cryptology. Algorithms such as AES, 3DES or RSA are highly standardised and are subject of cryptology and related mathematics research. [1]
• Protocols apply algorithms to protect data transfer and are therefore the enabler of the commercial use of electronic communication. Security protocols include TLS, SSL or IPsec.
• Plaintext is original message, while Ciphertext is the coded message.
• Encryption(Enciphering) is the process of converting data from plaintext to ciphertext.
• Decryption(Deciphering) is the process of restoring the plaintext from the ciphertext.
• Ciphers are algorithms for transforming plaintext to ciphertext.
• Symmetric Encryption is a conventional encryption system that relies on a single Key.
• Asymmetric Encryption is a cryptosystem that uses two Keys; a Public one and a Private one.
• Key Management, a critical component of cryptography, is the process of managing encryption and decryption keys

Figure 4.1: Asymmetric Encryption

Hashing is a process that involves the use of a one-way mathematical function that is relatively easy to compute but significantly difficult to reverse. The input to the hash function is of arbitrary length but the output is always of fixed length. Values returned by a hash function are called Message Digest or simply hash values.

A Hash Function is computationally hard to reverse. That is why it is conisdered a one-way function. This property is called Pre-Image Resistance. Because of this property, Hashing is used for storing passwords. If an intruder was able to access password records, they will only see a hashed version of the password, not the clear text. The intruder won't be able to logon with the hash since it will be re-computed and will result in a completelty different digest. Moreover, the intruder won't be able to retrieve the cleartext version because of the Pre-Image Resistance property.

It is very hard to find two different inputs of any length that result in the same hash (i.e., message digest). This property is called Collision Resistance. Since a hash function is a compressing function with fixed hash length, it is impossible for a hash function not to have collisions. This property of collision resistance only confirms that these collisions should be hard to find. Because of this property, Hashing is used for checking the integrity data. Data integrity check is the most common application of the hash functions. The Hash Function is used to generate checksums on data files, and this provides assurance to the user about correctness of the data.

In the 2017 version of the OWASP Top 10 list, the Cryptographic Failures flaw was known as Sensitive Data Exposure, and was in the third place (i.e., it moved up a spot). Sensitive Data Exposure is more of a symptom rather than a root cause, and that is why OWASP shifted the focus to be on failures related to cryptography. Since cryptography is a measure used to protect data, failures in it lead to exposure [2].

• The use of cleartext protocols (e.g., HTTP, SMTP, and FTP)
• The use of old or weak cryptographic algorithms or protocols (e.g., MD5, RC4, DES, Blowfish, and SHA1)
• The use of default and/or weak crypto keys. A key is essentially just a random number – the longer and more random it is, the more difficult it is to crack. A weak key is a key that makes the cipher behave in some undesirable way. An example of recommended key lengths is RSA 2048 bits for asymmetric encryption
• Not enforcing encryption (e.g., in HTTP headers)
• Improper validation of server certificates and the trust chains
• The use of insecure modes of operations (e.g., ECB) and/or improper use of Initialization Vectors (IV). An IV, also called a nonce (number used once), is an arbitrary number used with a secret key for data encryption
• The use of deprecated cryptographic functions or padding methods (e.g., PKCS number 1 v1.5)

Figure 4.2: Cryptographic Key

• Classify data (Public, Private, Confidential, etc.) and protect accordingly
• Don't store sensitive data unnecessarily.
• When sensitive data must be stored, use best practices such as PCI Tokenization. Tokenization is a process by which data is replaced with a surrogate value called a "token."
• Encrypt sensitive data and ensure current and strong algorithms with strong keys and proper key management. This should include the use of appropriate IVs and randomness.
• Encrypt all data in transit with secure protocols such as TLS, with Forward Secrecy. Forward secrecy protects past sessions against future compromises of keys or passwords.
• Hash and salt all passwords when storing them. Salting is the process of adding a random string to the original password. This would make the final password hash very hard to guess.
• Use Authenticated Encryption (AE). The crucial difference between plain encryption and authenticated encryption (AE) is that AE additionally provides authenticity, while plain encryption provides only confidentiality. When ecnrypting, along with the cleartext and key, an authentication tag (Message Authentication Code, MAC) is used. To decrypt, you will need the key and the tag.

Scenario #1 -Application Logic: An application encrypts data when stored in the database. When data is retrieved, the application automatically decrypts it. An attacker can use a SQL injection attack to retrieve the data in clear text.

Scenario #2 -Weak Encryption: An application does not enforce TLS allowing an attacker to downgrade a connection from HTTPS to HTTP. The attacker then steals a session cookie and hijacks the user's session.

Scenario #3 -No Salting: An application stores passwords in the database without salting them. An attacker uses a file upload flaw to retrieve the passwords and with the help of a Rainbow Table, crack the passwords.