# What is cryptography? How algorithms keep information secret and safe

May 24, 2022

## Cryptography definition

cryptography is the art of keeping data secure by transforming it into kind that unintended recipients can not understand. In cryptanalysis, an original human clear message, referred to as plaintext, is changed by means of an algorithm, or series of mathematical operations, into something that to an uninformed observer would look like gibberish ; this gibberish is called ciphertext. cryptanalytic systems require some method acting for the intend recipient role to be able to make use of the encrypted message—usually, though not always, by transforming the ciphertext back into plaintext.

## Cryptography vs. cryptology vs. encryption

Before we move into the meat of this article, let ‘s define a couple terms related to cryptography. The syllable crypt may make you think of tombs, but it comes from a greek give voice that means “ hidden ” or “ secret. ” Cryptography literally means “ unavowed spell. ” Cryptology, meanwhile, means something like “ cognition of privacy ” ; if cryptanalysis is the practice of writing unavowed messages, then cryptanalysis is the theory, although the two words are frequently used interchangeably. Encryption— ” making mystery ” —is what we call the process of turning plaintext into ciphertext Encryption is an crucial function of cryptanalysis, but does n’t encompass the stallion skill. Its reverse is decoding. One significant view of the encoding process is that it about always involves both an algorithm and a key. A key is just another patch of information, about always a count, that specifies how the algorithm is applied to the plaintext in order to encrypt it. In a guarantee cryptanalytic arrangement, even if you know the method acting by which some message is encrypted, it should be unmanageable or impossible to decrypt without that winder. Keep algorithm and keys in your mind, because they ‘ll be important as we move on.

## Principles of cryptography

Before we move on here to modern cryptanalysis, let ‘s pause to discuss two crucial principles that underlie it. The first is what ‘s come to be known as Kerckhoffs ’ randomness rationale, named after the nineteenth century Dutch cryptanalyst Auguste Kerckhoffs. Remember, as we said, any cryptanalytic system involves both an algorithm and a key. Kerckhoffs believed that “ a cryptanalytic organization should be secure even if everything about the system, except the cardinal, is public cognition. ” now, these were the days when cryptography had about wholly military applications. The estimate here is that, while it would be nice to keep your cryptanalytic system a hidden, your opposition will about surely finally figure it out. Claude Shannon, a World War II cryptanalyst who would go on to be a pioneer in information theory, put it more succinctly : “ The enemy knows the system. ” What Kerckhoffs and Shannon are getting at is that you want to design an algorithm that does n’t need to be a secret in order to successfully conceal information. That said, in today ‘s earth, the populace nature of cryptanalytic algorithm is seen as something good in and of itself, preferably than an ineluctable malefic. Standard cryptanalytic algorithms have been widely studied and stress-tested, and trying to come up with your own individual algorithm is doomed to failure as security through obscurity normally is. What you do need to keep secret is your cryptanalytic key. We ‘ll get to the mathematics of how that works in a moment, but for immediately, we ‘ll touch on another cryptanalytic rationale that makes that mathematics possible : a reliance on one-way functions, mathematical operations that are identical unmanageable to reverse. The classical model of a one-way serve is the generation of two very large prime numbers together. While that calculation is simpleton to do, if you only had the end leave, it would be identical difficult, verging on impossible, to figure out the original two prime numbers. The question of whether any function can sincerely be one-way is debated by mathematicians, but many are irreversible in practice at the limits of our current computing exponent, so we ‘ll leave that question aside as we move on.

## Cryptography in network security

It was the formation of the first calculator networks that started civilians thinking about the importance of cryptanalysis. Computers were talking to each other over the open network, not just via direct connections to one another ; that sort of network was transformative in many great ways, but besides made it trivially comfortable to snoop on data traveling across the network. And with fiscal services being an early use case for computer communication, it was necessary to find a way to keep information secret. IBM led the means in the late 1960s with an encoding method acting known as “ Lucifer ”, which was finally codified by the US National Bureau of Standards as the first Data Encryption Standard ( DES ). As the internet began to grow in importance, more and better encoding was needed, and today a significant part of data flying around the world is encrypted using varying techniques that we ‘ll discuss in more detail in a moment .

## What is cryptography used for?

We ‘ve already discussed some of the specific applications of cryptanalysis, from keeping military secrets to transmitting fiscal data safely across the internet. In the bigger visualize, though, there are some broad cybersecurity goals that we use cryptanalysis to help us achieve, as cybersecurity adviser Gary Kessler explains. Using cryptanalytic techniques, security system pros can :

• Keep the contents of data confidential
• Authenticate the identity of a message’s sender and receiver
• Ensure the integrity of the data, showing that it hasn’t been altered
• Demonstrate that the supposed sender really sent this message, a principle known as non-repudiation

You may recognize some of these principles from variations of the CIA trio. The foremost of these uses is the obvious one—you can keep data confidential by encrypting it. The others take a bit of explanation, which we ‘ll get into as we describe the different types of cryptanalysis .

## What are the types of cryptography?

There are numerous cryptanalytic algorithm in manipulation, but in general they can be broken into three categories : symmetrical cryptography, asymmetrical cryptography, and hash functions. Each has its own role to play within the cryptanalytic landscape. Symmetric cryptography. The Caesar cipher we discussed above is a great case of symmetrical cryptography. In the case we used, if encrypted messages were being exchanged between Caesar and one of his centurions, both parties would have to know the key—in this case, how many letters forward or backwards in the alphabet you need to move to transform plaintext to ciphertext or frailty versa. That ‘s what makes it symmetrical. But the key needs to stay a secret between the two of them, which is why this is sometimes besides called mysterious key cryptanalysis. You could n’t send the key along with the message, for exemplify, because if both fell into enemy hands the message would be easily for them to decipher, defeating the unharmed determination of encrypting it in the beginning position. Caesar and his centurion would presumably have to discuss the key when they saw each other in person, though obviously this is less than ideal when wars are being fought over long distances. symmetrical cryptography is widely used to keep data confidential. It can be very useful for keeping a local hard drive private, for example ; since the same user is by and large encrypting and decrypting the protected datum, sharing the mysterious key is not an topic. symmetrical cryptanalysis can besides be used to keep messages transmitted across the internet confidential ; however, to successfully make this find, you need to deploy our following form of cryptography in tandem with it. Asymmetric cryptography. Caesar may have been able to confer with his centurions in person, but you do n’t want to go into your bank and talk to the narrator just to learn what the private winder is for encrypting your electronic communication with the bank—that would defeat the purpose of on-line bank. In general, in order to function securely, the internet needs a way for communicating parties to establish a batten communications channel while only talking to each other across an inherently insecure network. The way this works is via asymmetrical cryptanalysis, which is sometimes called public key cryptography.

In asymmetrical cryptography, each participant has two keys. One is public and is sent to anyone the party wishes to communicate with. That ‘s the key used to encrypt messages. But the other key is individual, shared with cipher, and it ‘s necessity to decrypt those messages. To use a metaphor : think of the public winder as opening a slot on a postbox precisely wide enough to drop a letter in. You give that key to anyone who you think might send you a letter so they can open the time slot and deliver the envelope. The individual key is what you use to open the postbox so you can get the letters out. The mathematics of how you can use one keystone to encrypt a message and another to decrypt it are where the idea of one-way functions that we discussed above come into play : the two keys should be related to each other mathematically such that it ‘s easy to derive the public key from the individual key but not vice versa. For case, the private key might be those two very big prime numbers, which you ‘d multiply together to get the public key. The Infosec Institute has a deep dive if you ‘re interest. The computations needed for asymmetrical cryptography are much more complex and resource intensive that those behind symmetrical infrastructure. fortunately, you do n’t need to use it to protect every message you send on-line. alternatively, what normally happens is that one party will use symmetrical cryptanalysis to encrypt a message containing yet another cryptanalytic samara. This identify, having been safely transmitted across the insecure internet, will then become the private key that encodes a much longer communications seance encrypted via symmetrical encoding .