
What is Cryptography?
Cryptography is the science of securing communication. It ensures that information stays private, is not altered, and comes from a trusted source. In essence, cryptography is all about:
- Confidentiality – Keeping data secret.
- Integrity – Making sure data isn’t tampered with.
- Authentication – Confirming the identity of users or devices.
- Non-repudiation – Ensuring actions or communications can’t be denied later.
Key Components of Cryptography
1. Encryption and Decryption
- Encryption: The process of converting readable data (plaintext) into an unreadable format (ciphertext).
- Decryption: Turning ciphertext back into plaintext using a secret key.
For example:
- Plaintext: Hello
- Ciphertext: KHOOR (shifted letters using a Caesar cipher)
2. Keys
A cryptographic key is a secret value used to encrypt and decrypt data.
- Symmetric Keys: The same key is used for both encryption and decryption.
- Asymmetric Keys: A pair of keys (public and private) is used.
Types of Cryptography
1. Symmetric Cryptography
- How it works: One key encrypts and decrypts the message.
- Use case: Speed and simplicity, often used in bulk data encryption.
- Example Algorithm: AES (Advanced Encryption Standard).
Example:
Plaintext: "SECRET"
Key: "12345"
Ciphertext: "XOZPPU"
2. Asymmetric Cryptography
- How it works: Two keys are involved—a public key for encryption and a private key for decryption.
- Use case: Secure communications, digital signatures.
- Example Algorithm: RSA.
Example:
Public Key: Encrypts "HELLO"
Private Key: Decrypts to "HELLO"
3. Hashing
- How it works: Converts data into a fixed-size hash value.
- Use case: Password storage, data integrity checks.
- Example Algorithm: SHA-256.
Example:
Plaintext: "password123"
Hash: "ef92b778bae2f53c8f8c48aa91b2ee9e..."
Where Do We Use Cryptography?
1. Internet Security
- HTTPS: Websites use encryption (TLS/SSL) to secure data between your browser and servers.
- VPNs: Encrypt your internet traffic for privacy.
2. Messaging Apps
- Apps like WhatsApp and Signal use end-to-end encryption to ensure only the sender and recipient can read messages.
3. Secure Payments
- Credit card details are encrypted during online transactions.
4. Password Protection
- Systems store hashed passwords to prevent them from being stolen in plaintext form.
Real-Life Cryptography Tools
1. GPG (GNU Privacy Guard)
- Used for encrypting files and emails.
- Example:
gpg --encrypt --recipient <email@example.com> file.txt
2. OpenSSL
- A toolkit for encrypting data and securing communications.
- Example: Generate a hash of a file:
openssl dgst -sha256 file.txt
3. VeraCrypt
- A tool to encrypt entire hard drives or USB drives.
4. KeePass
- A password manager that encrypts and stores your passwords securely.
Common Cryptographic Attacks
1. Brute Force Attack
Trying every possible key combination to decrypt a message.
- Mitigation: Use strong, long keys.
2. Man-in-the-Middle Attack (MITM)
An attacker intercepts and possibly alters communication.
- Mitigation: Use end-to-end encryption (E2EE).
3. Replay Attack
An attacker captures data packets and resends them to create unauthorized actions.
- Mitigation: Use time-stamped tokens.
Simple Example of Cryptography
Let’s say you want to send a secret message to a friend:
- Encryption: You write “Meet at 5 PM” and use a symmetric key (e.g., shift each letter by 2).
- Plaintext: Meet at 5 PM
- Ciphertext: Oggv cv 5 RO
- Decryption: Your friend receives the message and uses the same key to shift letters back.
How to Get Started with Cryptography
- Understand the Basics: Learn about encryption, keys, and algorithms.
- Practice with Tools: Use GPG or OpenSSL to encrypt and decrypt files.
- Read About Protocols: Study SSL/TLS, HTTPS, and their roles in security.
- Stay Updated: Cryptography evolves rapidly—follow blogs and cybersecurity news.