Table of contents
1.
Introduction
2.
Cryptography
3.
Encryption And Decryption
4.
Strong Cryptography
5.
Principles Of Cryptography
5.1.
Integrity
5.2.
Confidentiality
5.3.
Authentication
5.4.
Non-Repudiation
6.
Types of cryptography
6.1.
Symmetric Key Cryptography
6.2.
Asymmetric Key Cryptography
6.3.
Hash Function
7.
Frequently Asked Questions
8.
Key Takeaways
Last Updated: Mar 27, 2024
Easy

What is Cryptography

Author Divyansh Jain
1 upvote

Introduction

Cryptography is a word used in computing to describe secured information systems that transform messages in difficult hard-to-decipher ways using mathematical concepts and a sequence of rule-based computations known as algorithms. These proposed approaches are used for encryption keys generation, digital signature, data privacy verification, online surfing, and private communications, including banking transactions and email.

 

Hacking Security Breach GIF by Matthew Butler

Source: Matthew Butler

Cryptography

Cryptography is the study of encrypting and decrypting data using mathematics. Cryptography allows you to store sensitive information or send it through insecure networks (such as the Internet). It is a means of using codes to secure the information and communications so that only those who are supposed to read and process it may do so.

For Example:

Let’s take an actual example to illustrate this basic concept: When Julius Caesar didn't trust his couriers while sending messages to his generals. As a result, he changed every A in his texts with a D, every B with an E, and so on. People who understood the "shift by 3" rule could only decipher such signals.

Encryption And Decryption

Plaintext or cleartext refers to data that can be read and comprehended without using any extra tools. Encryption is a means of hiding plaintext content by hiding its appearance. When plaintext is encrypted, the outcome is ciphertext, which is meaningless gibberish. We use encryption to keep information secret from anybody who isn't supposed to see it, even those who can see the encrypted data. Decryption is the process of returning a ciphertext to its original plaintext.

Now a question may arise, If an unauthorized individual knows the decryption algorithm, he or she would have used it on the ciphertext and converted it to plaintext. Good Question. Keys are used to handling data from hostile assaults.

The key enables the user to decrypt the message, ensuring that it can be read. The strength of an encryption's unpredictability is also investigated, making it more difficult for anybody to determine the algorithm's key or input. To improve our privacy, we may use cryptography to create more secure and resilient communications. Innovations in cryptography make it more challenging to break encryptions, limiting access to encrypted files, folders, and network connections to authorized users.

Strong Cryptography

Cryptography can be powerful or weak. The time and resources required to retrieve the plaintext are used to determine cryptographic strength. Strong Cryptography produces ciphertext that is extremely difficult to decode without the proper decoding software. It is impossible to decrypt the output of strong cryptography until the end of the universe, even with all of today's computing power and available time—even a billion computers performing a billion checks every second.

One would imagine that strong cryptography would withstand even the most determined cryptanalyst. Who are we to say? No one has shown that today's strongest encryption will stand up to tomorrow's computational power. On the other hand, PGP uses the most strong encryption currently available. On the other hand, Vigilance and conservatism will protect you better than claims of invulnerability.

Source: tenor

Now, let’s discuss the major principles of Cryptography: 

Principles Of Cryptography

The following are the key principles of modern cryptography:

  • Integrity
  • Confidentiality
  • Authentication
  • Non-repudiation

Let's take a look at each one individually.

Integrity

The correctness, validity, and consistency of information in a system are referred to as Integrity. Data integrity assures that a message hasn't been tampered with or mistakenly altered while it's conveyed, primarily through an untrustworthy channel like the internet. It ensures that data is consistent and accurate over its full life cycle.

Let's use military commands as an example. We're at war, and an army general wants to convey a retreat order across the water to his men. A hacker might intercept the communication, modify the sequence, and send it on its route if there was no assurance of data integrity. The army may be given orders to advance, only to walk directly into a trap that the commander was aware of.

Confidentiality

Defines a collection of rules that limit access or restrict certain information. Only individuals with access to important information, such as the decryption key, should be able to see the data.

Authentication

In cryptography, there are two types of authentication that are often employed.

  • Integrity authentication, such as a MAC or HMAC, confirms that data has not been altered.
  • An SSL certificate, for example, can be used to authenticate the identity of the person who generated the data. When you connect to a website via HTTPS, your browser checks the SSL certificate to make sure you're connected to the site you believe you're on.

Non-Repudiation

Non-repudiation is a legal phrase used in Cyber security that ensures that no one can deny the legitimacy of the data in question. Non-repudiation is often achieved by the use of a service that gives verification of the information's origin and integrity. It's virtually hard to properly deny who sent a message or where it originated from.

Although if we could guarantee that the evacuation order was never altered, non-repudiation would be a means to establish that the order was given by the general in the first place, rather than an enemy spy.

Types of cryptography

Cryptography could be divided into three categories:

  1. Symmetric key cryptography
  2. Asymmetric key cryptography
  3. Hash functions

Symmetric Key Cryptography

This is also known as private key cryptography or secret-key cryptography. To encrypt and decrypt the communication, both the information receiver and the transmitter require the same key. AES(Advanced Encryption System) is the most common type of cryptography applied in this technique. The methods used in this type are entirely simplified and faster as well. Symmetric key systems are quicker and more efficient to use, but they make it harder to share keys.

Note: How would you deliver the key to the receiver if you needed to communicate through an unsecured channel in the first place?

Ans - The answer is that you should probably use asymmetric encryption for communication with another party, which we'll go over below shortly. When it comes to encrypting data at rest, symmetric encryption shines. Your password manager, for example, encrypts your passwords but does not send them to anybody. Because you're the only one who uses it, you just need one key.

There are a few different forms of symmetric key cryptography.

  • Block
  • Block cipher
  • RC2
  • DES (Data Encryption System)
  • Stream cipher
  • Blowfish
  • IDEA

Asymmetric Key Cryptography

This type of cryptography is referred to as Public-key cryptography. It uses a number of different and secure methods to transmit data. Both the sender and the receiver go through encryption and decryption operations using a pair of keys. Different keys are used for encryption and decryption in asymmetric encryption. To encrypt and decrypt information, a pair of cryptographically linked keys is required. Encryption is done using a public key, while decryption is done with a private key. RSA is the most common kind of encryption applied in this technique.

Time for an example: 

I'd transmit my public key to my wife if I wanted to receive a message from her. The public key is actually public. It's not an issue if the key is stolen, because they won't be able to decrypt anything with it.

My wife would then encrypt a message for me using my public key. I'll be able to decode that message once I receive it since I'm the only one who has the associated private key.

The use of a public key is more secure than using a private key. The following are some examples of asymmetric key cryptography:

  • Elliptic curve techniques
  • DSA
  • RSA
  • PKCs

Hash Function

A hash function is an algorithm that takes an arbitrary length of the message as input and returns a set length of the output. It's also known as a mathematical equation since it uses numerical data as input to generate the hash message. This approach does not require a key because it operates in a one-way scenario. There are several rounds of hashing operations, each of which treats the input as an array of the most recent block and outputs the previous round's activity. 

As the same plaintext hashes to the same output every time, it can also be used to compare passwords without ever saving them. The following are some of the hash functions:

  • SHA (Secure hash Algorithm)
  • Message Digest 5 (MD5)
  • Whirlpool
  • RIPEMD

 

Source: tenor

Frequently Asked Questions

  1. What is the history of cryptography?
    The origins of cryptography can be traced back to Egypt about 4000 years ago. To communicate with one another, the Egyptians developed hieroglyphics, the first cryptographic technology. Later, about 500 BC, the process was refined by substituting the characters with alphabets according to a secret system known only to a few. 
    Later, in the 15th century, more advanced techniques such as the Vigenere cipher and coding devices such as the Enigma rotor machine were developed. Cryptography was born years later!
     
  2. What is Cryptanalysis?
    Cryptanalysis is indeed the inverse of cryptography. It is the study of how to decipher secret codes rather than how to create them. However, knowing your opponent and having a thorough grasp of cryptanalysis is essential in cryptography.
     
  3. Illustrate the AES algorithm in short.
    This is the most often used algorithm approach by many other businesses. 192 and 256 bits are primarily employed for large encryption operations, despite the fact that 128-bit encryption works well. The AES approach is widely praised for encrypting information in the private domain since it is impenetrable to all hacking systems.
     
  4. What do we mean by Digital Signature in Cryptography?
    A digital signature is the electronic counterpart of a handwritten signature. It is an electronic confirmation of the sender's identity. For software distribution and financial operations, digital signatures are widely employed.
     
  5. Specify some Cryptography tools used frequently in today’s age.
    Signature confirmation, code signing, and other cryptography operations need the usage of cryptography tools. The following are some of the most widely used cryptography tools - Security Token, JCA, SignTool.exe, CertMgr.exe, Docker.
     
  6. Specify the Key differences between Symmetric Key and Asymmetric Key encryption.

Parameters

Symmetric

Asymmetric

Speed

Quicker, efficient and simple Slower and more complex

Keys

There is only a single private key. Both private and public keys are used.

Principles

Confidentiality Confidentiality, non-repudiation, authentication

Use cases

It is employed when a huge volume of data needs to be sent. It's used to transmit and receive a little amount of data.

Key Takeaways

So, to summarize the article, we discussed very briefly the concept of cryptography and how does encryption and decryption work. We also talked about the principles of cryptography along with the major three types of cryptography which gave you a very brief overview of sending and receiving without any interference and with confidentiality. 

For more learning, refer to these articles - Cryptography Digital Signature, Security Goals, Threats of Information Security, and many more. 

You can also check out Difference between Public Key and Private Key

Hope you learned something. But the sea of knowledge never stops until you do, so keep grinding and keep hustling Ninja!

Happy Learning!

Live masterclass