What is cryptography?
Cryptography is the practice of making information unreadable to an unintended recipient.
A cryptographic algorithm is used to transform a readable message called ”plaintext” into “ciphertext,” which is unintelligible to an outside observer.
Cryptographic systems require a way for the intended recipient to understand the message, which usually involves transforming the ciphertext to plaintext.
The establishment of computer networks made cryptography relevant to everyday people. Computers were communicating over open networks, which created the need to protect sensitive content like financial information.
IBM pioneered the use of cryptography in the 1960s with an encryption method called “Lucifer.” The first Data Encryption Standard (DES) was codified by U.S. National Bureau of Standards.
It is necessary to keep developing more advanced cryptography techniques to ensure data security. Ciphers and algorithms used in the early days of cryptography have been deciphered, rendering them useless. Today’s algorithms can be deciphered, but it would take years – possibly decades – to decode a single message.
Table of Contents
How does cryptography work?
Modern cryptography is supported by two fundamental principles. The first is Kerckhoffs’s principle, named for 19th century Dutch cryptographer Auguste Kerckhoffs. He believed “a cryptographic scheme should be secure regardless of whether all details about it are public except the key.”
This was during an era when cryptography was almost exclusively used for military purposes. While it was nice to keep your cryptographic systems secret, the understanding was that your enemy was likely to decode them eventually. Claude Shannon was a World War II cryptographer, who would go on to become a pioneer of information theory. He said it simply: “the enemy knows the system.” Kerckhoffs and Shannon suggest an ideal algorithm doesn’t need to be a secret in order to successfully conceal information.
What is crucial to keep secret, is the cryptographic key. An important principle here is one-way functions – mathematical operations that are very difficult to reverse. A common example is multiplying two large prime numbers. The calculation isn’t difficult, but if you only had the final answer it would be difficult, if not impossible, to determine the original prime numbers in the equation.
What is cryptography used for?
Cryptography is well-known for keeping military secrets secure and protecting financial data. But its applications also include achieving broad cybersecurity goals. For example:
- Keeping the contents of data confidential
- Authenticating the sender and receiver of a message
- Ensuring the integrity of data, showing that it hasn’t been altered
- Verifying the alleged sender actually sent the message, which is known as non-repudiation
What is the difference between asymmetric abd symmetric cryptography?
Asymmetric cryptography, also known as public key cryptography, uses two different keys for encryption and . The sender and recipient need to have a shared key that is known to both. Key distribution can pose a problem which is why a sender and a recipient must already have a shared key that is known to both. Key distribution is a tricky problem and was the impetus for developing asymmetric cryptography.
One key is used for encryption and the other one can decrypt the message. Asymmetric cryptography is different in that if one key has been used to encrypt, it cannot decrypt the message. The other key must be used instead.
One key is kept private and is called “private key”, the other is open to all and can be used by everyone, so it’s known as “public key”. The mathematical relation between the keys means that the private key cannot come from the public, but the public can. The private key should be kept confidential and not distributed. The public key may be shared with any entity.
Examples:
- ECC
- Diffie-Hellman
- DSS
Hash functions can be irreversible and one-way functions. They protect the data but do not allow you to retrieve the original message. Hashing can be used to transform a string from one length into another. A good algorithm for hashing will produce unique outputs from each input. To crack a hash, you must try every input until you get the exact same result. A hash can also be used in certificates and password hashing.
How did cryptography get started?
Cryptography started with ciphers. The Caesar Cipher was the very first. While ciphers were simpler than modern cryptographic algorithms (which are much more complex), they still used plaintext and keys. Even though they were simple, the earliest forms for encryption were ciphers. The algorithms and cryptosystems of today are far more sophisticated. To ensure secure data storage and transit, they employ multiple rounds of encryption and ciphertext encryption. You can also use irreversible cryptography to keep the message secure forever.
More advanced cryptography techniques are necessary to ensure data security. Data protection is impossible for most of the ciphers or algorithms that were used in the early days cryptography. While today’s algorithms can be deciphered easily, it could take many years or even decades to determine the meaning of one message. This is why the race for better and more advanced cryptography continues.
What is the difference between symmetrical and asymmetric cryptography?
The same key can be used for encryption and decryption in symmetric cryptography. The sender and the recipient must both have a common key that can be used for encryption and decryption. Key distribution is a complicated problem, and this was the motivation for developing asymmetric encryption.
Two keys are required for encryption and decryption in asymmetric crypto. In an asymmetric cryptosystem, each user has both a public and private key. The private key must be kept secret, while the public key may freely be distributed.
Data encrypted using a public key cannot be decrypted without the corresponding private keys. John can only decrypt a message sent to him by encryption using his public key. John only has the private key to decrypt the message. Any data encrypted with a secret key can only be decrypted using the public key. Jane could digitally sign an email message with her private keys. Jane’s public keys could be used to decrypt the message and verify Jane sent it.
Symmetric is a fast method for encrypting large volumes of data, such as entire disk partitions and databases. Asymmetric can only encrypt small pieces of data smaller than the key size, which is typically 2048 bits or less. Asymmetric crypto can be used to decrypt symmetric encryption keys. These keys are then used to decrypt larger blocks. Asymmetric crypto is typically used for digital signatures. It encrypts the hashes of messages, rather than complete messages.
A cryptosystem is a system that manages cryptographic keys. It can be used for generation, storage and use as well as revocation and replacement.
Conclusion
Cryptography can be described as the process of turning plain text into unintelligible texts and vice versa. It is a method to store and transmit data in a certain format so that only those who have the right permission can read it and process it. Cryptography protects data against theft and alteration, but it can also be used to authenticate users.