Cryptography is the practice of securing and transmitting data and information in a form that only authorized parties can understand. Encryption processes encode the original message using crypto-mathematical concepts, and rule-based calculations called algorithms to protect against malware or cyber attacks.
The word comes from the Greek word "kryptos," meaning 'secret' or 'hidden.' The literal translation for cryptography is "secret writing." It comes from the study of cryptology, the art of breaking codes or ancient hieroglyphics and solving them.
Data encryption is one of the most important tools for building secure communications, networks, and system infrastructure. By following the pillars of information security, cryptography ensures that no unauthorized parties or threat actors can access confidential data. It's an extremely specialized field of cybersecurity that requires expert knowledge to implement. From web browsing to sending emails to credit card or cryptocurrency transactions, cryptography helps secure sensitive data in every aspect of our lives.
How Does Cryptography Work?
The best way to understand simple cryptography is to look at one of its earliest forms, the Caesar cipher. Julius Caesar used it to encrypt confidential correspondence between him and his officials.
Caesar encrypted his messages by changing the order of the alphabetical letters. In order to decrypt the message, the intended recipient would have to substitute the written letter for the corresponding letter in the original message to decode the encrypted message. This is called a substitution cipher.
We can break this description into two cryptographic elements: the algorithm and the key. The algorithm is simple and involves substituting a letter with another from later in the alphabet. The key is how many spots in the alphabet you must move to find the original letter or set of letters in a word to decrypt the message. The key was three in this version of Caesar cipher, in which case you would substitute the letter D for letter A, H for E, and so on.
Modern cryptography exists through the combination of advanced mathematics, computer science, communication, and engineering processes. Computers and operating systems use complex encryption methods to encode messages so only authorized parties can see them. The message, or plaintext, is converted into ciphertext using an encryption algorithm that generates an encryption key. In order to read the message, the recipient must use a decryption key, which turns the ciphertext back into plaintext.
Cryptographic algorithms (or ciphers) play a large role in data security because they are used to generate cryptographic keys and digital signatures, protect payment transaction protection, secure web browsing, and message authentication.
What are the Different Types of Cryptography?
Three main types of cryptography or cryptosystems can be used to protect data transmissions:
1. Symmetric Encryption
In symmetric cryptography, both the sender and receiver use the same private key to encrypt and decrypt the message simultaneously. Without the key, it is nearly impossible for hackers to intercept and decode the message. This method is also called secret-key or private-key cryptography because only a single key is used during the process.
There are two main types of symmetric key cryptography:
- Stream Cipher - A streaming algorithm encrypts plaintext bit-by-bit, a single bit at a time. The same plaintext bit will encrypt to a different bit with every successive encryption. Examples of stream cipher algorithms include BLOWFISH, A5, and RC4.
- Block Cipher - A block cipher applies a deterministic algorithm to encrypt a block of plaintext instead of encrypting it bit by bit. The system keeps the blocks in memory while waiting for complete data encryption. Some of the most important block cipher algorithms include Triple DES (Data Encryption Standard), AES (Advanced Encryption Standard), and Twofish.
However, one of the risks of symmetric key encryption is that if the shared private key is compromised, the whole system for securing data becomes compromised.
2. Asymmetric Encryption
Asymmetric cryptography helps eliminate the key sharing problem by generating two different keys — a private key and a public key. Also known as public-key encryption, this method uses a public key to encrypt the message, while the private key strictly decrypts the message.
To understand it better, think of the public key as the key to your mailbox. It opens the mailbox just wide enough to drop letters. You can share this key with anyone who sends you letters so they can drop the letters into your mailbox. Only you have the private key, which you use to get the letters out.
The sender of the message can use the recipient's public key to encrypt a message safely because the only corresponding private key that can decode the message is in the recipient's hands.
Examples of public-key cryptography or asymmetric-key cryptography include Diffie-Hellman key exchange, RSA (Rivest–Shamir–Adleman), DSA (Digital Signature Algorithm), ECC (elliptic curve cryptography), and post-quantum cryptography.
3. Hash Functions
Hash functions use a one-way encryption algorithm, known as a hash value, to encrypt plaintext into ciphertext. Once you convert plaintext to the hash, you cannot revert it to plaintext. For any given hash function, no two plaintexts will yield the same hash.
Hashing algorithms help ensure confidentiality and confirm data integrity. For example, if you received a message along with its hash, you can run the hashing algorithm on the message to verify if anyone interfered with the message during transit. If the hash differs from the one sent with the message, you can assume that someone has compromised the message.
Examples of commonly used hash functions include checksum functions, cryptographic hash functions, and cyclic redundancy checks.
Cryptography in Cybersecurity
Computers communicate with each other daily via direct connections, which creates the need for strong data security. Modern-day applications of cryptography are seen in e-commerce, banking systems, military communications, and basic user-to-user messaging.
Implementing data encryption and cryptographic processes achieve the following objectives of information assurance and information security:
- Confidentiality - Unintended recipients cannot decipher or understand the contents of a message.
- Integrity - Assurance that transmitted data was not altered during transit.
- Authentication - Validates the source or origin of the sender.
- Non-repudiation - Undeniable proof of the legitimacy and authenticity of a message.
Without cryptography, sending messages without threat actors stealing the information would be impossible. In theory, the strongest cryptographic schemes are impossible to break, even with the most powerful computers in the world with unlimited computing power.