Cryptography is the art of securing information and communication by employing codes, ensuring that only intended recipients can comprehend and handle the data.
This safeguards against unauthorized access.
The term "crypt" signifies "hidden," and "graphy" denotes "writing." In cryptography, methods derived from mathematical principles and algorithms—sets of rule-based calculations—are used to transform messages in manners that hinder easy decoding.
These algorithms are applied in various tasks like generating cryptographic keys, digital signatures, and verification.
They serve to uphold data privacy, enable secure internet browsing, and safeguard sensitive transactions like credit and debit card dealings.
Contemporary cryptography revolves around four primary goals:
1.Confidentiality: Ensuring that information remains incomprehensible to anyone other than its intended recipients.
2.Integrity: Guaranteeing that information cannot be modified during storage or transmission without being noticed by the intended receiver.
3.Non-repudiation: Preventing the originator/sender of information from disowning their involvement in creating or sending the information at a later point.
Authentication: Enabling both the sender and receiver to verify each other's identities and the source/destination of the information.
At its core, cryptography comprises two essential phases:
Encryption and Decryption.
During Encryption, a cipher is applied to the plaintext, converting it into ciphertext. Decryption, on the other hand, involves using the same cipher to reverse the process, converting the ciphertext back into plaintext.
The primary application of cryptography in electronic data transmission is the encryption and decryption of emails and other plaintext messages. The most straightforward technique is the "secret key" or symmetric approach.
In this method, a secret key is employed to encrypt the data, and upon decryption, the secret key and the encoded message are shared with the recipient. However, a significant problem arises from this process. If intercepted, a third party could use the shared key to decipher and analyze the message.
To address this issue, cryptographers developed the asymmetric or "public key" approach. In this scheme, each user possesses two keys: a private key and a public key. Before sending a message, the sender obtains the recipient's public key and uses it to encrypt the message. Since only the recipient has access to their corresponding private key, they can decrypt the message.
This asymmetric approach resolves the security vulnerability of the secret key approach, ensuring that even if the communication is intercepted, only the intended recipient possessing the private key can decipher the message.
Plain Text: Plain text is the original, unencrypted message or data that you want to protect or transmit securely. It's the human-readable form of the information that you can easily understand. For example, if you have a message like "Hello, this is a secret message," that would be the plain text.
Ciphertext refers to the transformed and encrypted form of data that has undergone encryption using cryptographic techniques. It is the result of applying an encryption algorithm to plaintext (original, readable data) in order to secure it during transmission or storage. Ciphertext appears as a seemingly random and unreadable sequence of characters, making it unintelligible without the appropriate decryption key or algorithm. The primary purpose of ciphertext is to protect sensitive information from unauthorized access, ensuring its confidentiality and integrity.
For instance, let's employ the Caesar Cipher to encrypt a sentence. With a key of 7, the letter ‘a’ shifts to ‘h’.
Original Sentence: This is a plaintext.
Encrypted Sentence(Ciphertext): Aopz pz h wshpualea.
Purpose of cryptography
The purpose of cryptography is to secure communication and data by converting information into a format that is unintelligible to unauthorized individuals.
This safeguards sensitive information during transmission and storage, preventing unauthorized access, eavesdropping, and tampering.
Cryptography also enables the verification of data authenticity and the authentication of users or entities in digital transactions.
Overall, cryptography plays a vital role in ensuring privacy, data integrity, and secure interactions in various digital environments
Cryptographic algorithms
Cryptographic algorithms, also referred to as ciphers, are essential components of cryptosystems that ensure secure communication between computer systems, devices, and applications.
A cipher suite encompasses various algorithms: one for encryption, another for message authentication, and yet another for key exchange. These processes are integrated into protocols and implemented through software operating on operating systems and interconnected computer networks. This involves:
- Generating public and private keys for encrypting and decrypting data.
- Performing digital signatures and verification for authenticating messages.
- Executing key exchange mechanisms to establish secure communication channels.
Symmetric key cryptography involves a method where both the sender and recipient utilize a common shared key for both encrypting and decrypting messages.
Asymmetric key cryptography, also known as public-key cryptography, employs a pair of keys: a public key and a private key. The sender uses the recipient's public key to encrypt the message, and the recipient utilizes their private key to decrypt it. Conversely, the sender can sign a message with their private key, and the recipient can verify the signature using the sender's public key. This approach eliminates the need for a shared secret key and simplifies the key exchange process. Asymmetric key cryptography provides enhanced security but is generally slower than symmetric key cryptography.
A hash function is a mathematical algorithm that takes an input (or "message") and produces a fixed-size string of characters, which is usually a hexadecimal number.
The output, often referred to as the "hash value" or "hash code," is unique to the specific input data.
Hash functions are designed to be fast to compute and irreversible, meaning it's practically impossible to go from the hash value back to the original input data
Some of the most famous hashing algorithms are-
Several well-known hashing algorithms are widely used for various cryptographic and data integrity purposes. Some of the most famous ones include:
MD5 (Message Digest Algorithm 5): MD5 produces a 128-bit hash value. However, it is considered weak and insecure due to vulnerabilities that allow collision attacks.
SHA-1 (Secure Hash Algorithm 1): SHA-1 produces a 160-bit hash value. Like MD5, it's considered weak due to vulnerabilities. It's no longer recommended for security-sensitive applications.
SHA-256 (Secure Hash Algorithm 256): A member of the SHA-2 family, SHA-256 produces a 256-bit hash value. It's widely used for digital signatures and certificates and is considered secure.
SHA-3 (Secure Hash Algorithm 3): The latest member of the SHA family, SHA-3 was designed to provide a new level of security and resistance to various attacks.
Blake2: A high-speed cryptographic hash function that's an improvement over SHA-3 in terms of speed and security.
Whirlpool: A cryptographic hash function that produces a 512-bit hash value. It's used in various security applications and is known for its strong security properties.
RIPEMD (RACE Integrity Primitives Evaluation Message Digest): RIPEMD comes in several versions, including RIPEMD-160. It was designed as an alternative to MD5 and SHA-1.
HMAC (Hash-based Message Authentication Code): While not a hash function itself, HMAC uses a cryptographic hash function (like SHA-256) along with a secret key to create a message authentication code. It's used to verify the integrity and authenticity of messages.