What is Cryptography - A Comprehensive Guide

By Arthi

Last updated on Apr 4 2022

What is Cryptography - A Comprehensive Guide

Introduction to Cryptography

 

Cryptography is a technique of secure communications that allows a particular sender and intended recipient of a message to view its contents. The term is obtained from the Greek word “Kryptos”, which means “hidden, secret”. More generally, cryptography is about establishing and analyzing protocols that avert third parties or the public from reading personal messages.  Moreover, it works on the various aspects of information security such as data confidentiality, data integrity, authentication, and non-repudiation.

Advanced cryptography exists in the concurrency of disciplines such as mathematics, computer science, electrical engineering, communication science, and physics. Application of cryptography includes electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications. Cryptography is important and effectively interchangeable with encryption, and converting information from a readable state.

Encrypted messages are shared by the sender with decoding technique only with intended recipients to stop access from adversaries. Modern cryptography is based on mathematical theory and computer science. These algorithms are hard to decrypt in actual practice. Hence, possible to break into an ingenious system.

 

History of Cryptography

The first evidence of cryptography was found in an inscription carved around 1900 BC by the nobleman Khnumhottep II, in Egypt. The writer used weird hieroglyphic symbols in additional ordinary ones. The most purpose isn't to cover the message and maybe to vary its form in a way that will make it appear dignified. The inscription is not a form of secret writing, and it is interconnected with a variety of transformations of the original text and the known text.

Julius Caesar was known to use a form of encryption to convey hidden messages to his army general posted on the war front. In addition, the substitution cipher is also known as the Caesar cipher. Each character of the plain text in a substitution cipher has substituted the form of ciphertext by using another character.

In the 16th century, the first designed cipher is used an encryption key by Vigenere. One of his cipher's encryption keys was repeated multiple times spanning the entire message. Hence the message character of the ciphertext was produced by adding the key character modulo 26. Modulo is the expression of the mathematical calculation to remind of a division when one number is divided by another.

In the 19th century everything became electric, the electro-mechanical contraption was designed by Hebern and it was also called as Hebern rotor machine. It uses a single rotor to embed in a rotating disc with secret keys. German engineer Arthur Scherbius has invented the Engima machine at the end of the First World War. However, it was used by the German forces during the Second World War.

In 1970 “crypto group” form was introduced by Horst-Feistel to use for IBM customer encryption. In 1997, NIST (National Institute of Standards and Technology) requested a proposal for a new block cipher and it received 50 submissions. And in 2000 it was accepted by Rijndael and Christened AES (Advanced Encryption Standard)

 

Primary Key Functions of Cryptography

There are 4 important features of cryptography. They are Privacy/confidentiality, Integrity, Non-repudiation, Authentication, and Key Exchange.

 

Privacy/confidentiality- Ensuring that the information or the text message can be read-only by the intended receiver.

Integrity- Information is unmodified in storage or transition and the information cannot be detected in any addition of the sender and the intended receiver.

Non-repudiation - It's the mechanism to prove that the sender actually sent a message.

Authentication- It helps to identify the sender and receiver information is confirmed.

Key exchange- Crypto keys are shared between sender and receiver by using the key exchange method.

 

Cryptography starts with the unencrypted data as plaintext. Plain text is encrypted into ciphertext and that can be decrypted back into usable plaintext. The encryption and decryption are based on the cryptography scheme form of a key.  This process is sometimes written as:

C = Ek(P)

P = Dk(C)

 

P = plain text, C = cipher text, E = the encryption method, D = the decryption method,

And K = the key.  Cryptography is mostly associated with mathematical algorithms used to encrypt and decrypt messages.

 

Types of Cryptography

There are many ways of classifying cryptographic algorithms. The number of keys is employed for encryption and decryption defined by their application and use. The three types of algorithms are:

  • Secret Key Cryptography (SKC)
  • Public Key Cryptography (PKC)
  • Hash Functions

 

Secret Key Cryptography (SKC)

SKC uses a single key exchange for both encryption and decryption algorithms. It is also known as symmetric encryption and is essentially used for privacy and confidentiality.

As is shown in Figure 1: a sender uses the key to encrypt the plaintext and sends the ciphertext to the indent receiver. The receiver uses the same keys to decrypt the message and recover the plaintext. Hence a single key is used for both functions. The form of the cryptography key might be known to both the sender and the receiver. The biggest disadvantage of this approach is the key distribution.

Stream ciphers or block ciphers are generally categorized by the secret key cryptography schemes. The stream ciphers operate on a single byte at the time of implementation. In this forming process, the feedback mechanism changes the key constantly. They come in several flavors and two are worth mentioning.

In figure 2:  Each byte in the keystream is calculated in self-synchronizing stream ciphers. It also calculates the function of the previous n bit in the keystream. Hence it's termed “self-synchronizing” of the decryption process which will remain synchronized with the encryption simply. Synchronous stream ciphers initiate the keystream independent of the message stream and use the same keystream function for a sender and receiver. Stream ciphers are unable to communicate with transmission errors during the process. It is their nature and the keystream would repeat eventually.

A block cipher scheme encrypts with one fixed-size block of data at a time. A plaintext block encrypts the same ciphertext by using the same key, and the same plaintext would encrypt a different ciphertext in a stream cipher.

 

Block ciphers can operate by using one of several modes, and the followings are;

  • Electronic Codebook(ECB)
  • Cipher Block Chaining(CBC)
  • Cipher Feedback(CFB)
  • Output Feedback(OFB)
  • Counter(CTR)

 

Electronic Codebook (ECB) - ECB is a simple application that uses the secret key to encrypt the plaintext block to cipher block form. Two identical plaintext blocks are the same ciphertext blocks.

Cipher Block Chaining (CBC) - CBC is the mechanism mode to add the encryption scheme. CBC protects against many brute-force, deletion, and insertion attacks. A single-byte error within the ciphertext submits a whole block error within the decrypted plaintext blocks that might encrypt differently.

Cipher Feedback (CFB) - CFB is a mode of block cipher implementation and it works as a self-synchronizing stream cipher. It allows the data to encrypt in the block size in units to become smaller.

Output Feedback (OFB) - OFB is a mode of block implementation and works similarly to a synchronous stream cipher. Output feedback prevents the plaintext by using an internal feedback mechanism and generates the same ciphertext block.

Counter (CTR) - CTR is a modern addition to blocking ciphers. CFB, OFB, and CTR modes operate on the block as in a stream cipher. In addition, ECB and CRT modes operate the block independently. ECB and CTR use different key inputs to different blocks of the plaintext and receive the result in the plaintext.

 

Public Key Cryptography

Public key cryptography is the most significant development in cryptography in the last 300-400 years. The first modern public-key cryptography was published by Stanford University professors Martin Hellman and Whitefield Diffie in 1976. PKC depends on one-way functions or mathematical functions. They are easy to compute with an inverse function that is relatively difficult to compute.

 

Two examples of public-key cryptography:

 

  1. i) Multiplications vs. Factorization: let’s take an example of two prime numbers of 3 and 7 that need to be calculated for a product. It does not take calculation for the value is 21. Instead, a number that is a product of two primes, 21 needs to determine the prime factors for the number. There is a solution to calculate the product that takes a millisecond. If the factor number is longer, the problem becomes harder. If the prime number is 300 then the product would have 600 digits.

 

  1. ii) Exponentiation vs. logarithms: if the number is 2 to 4th power again it is easy to calculate 36 = 729. If the numbers start with 729 and need to determine the two integers x and y. The logx 729 = y. It would take a longer time to calculate the two values.

 

To encrypt and decrypt the message, an asymmetric key uses the same key for both. Although a group of messages or a message might have a different key than others. The disadvantage of a symmetric cipher should use the key management securely. Each decided pair of communicating parties might share the various keys and every ciphertext exchange the keys also. Additionally, it requires complex key management schemes to stay consistent and secret.

 

In public-key cryptography, the “digital signature” scheme is used for implementation. A digital signature is known as the recollect of an ordinary signature. It helps the user produce and use both the characters easily. Digital signatures can be used permanently in the content of the message being signed. The signature cannot be moved from one document to another, for any attempt would be detectable.

 

There are two important algorithms used in the digital signature scheme.

  1. i) Signing - it is a secret key used to process the message
  2. ii) Verification - it enables the public key to use the message to check the validity of the signature.

 

 The most common encryption data method used is the public key.

Advanced Encryption Standard (AES) is a symmetric encryption algorithm that encrypts fixed blocks of data at a time

Rivest-Shamir-Adleman (RSA)

Triple DES (Data Encryption Standard)

Twofish.

 

These 4 types of encryption are used in public-key encryption.

 

 

Hash functions

Hash functions use cryptographic algorithms to generate and utilize a specific key to encrypt data for symmetric or asymmetric encryption. A digital signature has used a message of any length as input, and output of short, that's fixed in hash functions. For any good hash function, an attacker might not find two messages that produce the same hash.

 

Example for Hash functions:

 

Hash string 1: The quick brown fox jumps over the lazy dog

Hash string 2: The quick brown fox jumps over the lazy dog.

 

MD5 [hash string 1] = 37c4b87edffc5d198ff5a185cee7ee09

MD5 [hash string 2] = 0d7006cd055e94cf614587e1d2ae0c8e

 

SHA1 [hash string 1] = be417768b5c3c5c1d9bcb2e7c119196dd76b5570

SHA1 [hash string 2] = 9c04cd6372077e9b11f70ca111c9807dc7137e4b

 

RIPEMD160 [hash string 1] = ee061f0400729d0095695da9e2c95168326610ff

RIPEMD160 [hash string 2] = 99b90925a0116c302984211dbe25b5343be9059e

 

A common algorithm for Hash in today’s use:

 

Message Digest (MD) algorithm: It is a byte-oriented algorithm that produces a 128-bit value from an arbitrary-length message.

MD2 Algorithms: To contain a limited memory the smart cards are designed and used in historical status.

MD4 algorithms: The message digest is developed by Rivest and is similar to MD2.  It is specifically designed for fast processing in software.

MD5 algorithms: It is also developed by Rivest, after finding the weaknesses in MD4. The MD5 is similar to MD4 and works slower because more manipulation is made to the original data.

 

CISSP Certification

 

 

Conclusion

Each scheme should be optimized for some specific cryptographic application. For example, secret key cryptography is suited to encrypt the message and provide privacy and confidentiality. The sender initiates the session key of a message to encrypt the message. Hence, the receiver receives the same key to decrypt the message. Public-key cryptography is the key application to exchange the key. Asymmetric schemes are used for non-repudiation and user authentication; if the receiver receives the session key encrypted with the sender’s private key. Hash functions are well-suited for data integrity and any changes made to the content of a message. The result of calculating a different hash value might be placed in the transmission by the sender.

 

Explore cyber security certification courses from Sprintzeal.

 

Some articles which might be useful to you

LIST OF TOP SECURITY CERTIFICATIONS 2022

TOP CYBERSECURITY SOFTWARE TOOLS IN 2022

CYBER SECURITY ANALYST - HOW TO BECOME, JOB DEMAND, AND TOP CERTIFICATIONS

 

 

 

About the Author

Sprintzeal   Arthi

Arthi is a content writer at Sprintzeal. She is fond of creating informative content for readers in the Education Domain. Her work is focused on professionals aiming to upskill in their careers.

Recommended Resources

Top 20 Reasons You Should Get a CISSP Certification

Top 20 Reasons You Should Get a CISSP Certification

Article


Kickstart your project management career with PMP certification

Kickstart your project management career with PMP certification

Article


CSM vs CSPO: Which Certification is Right for You?

CSM vs CSPO: Which Certification is Right for You?

Article


TRENDING NOW