Basics of Cryptography

From CryptoDox, The Online Encyclopedia on Cryptography and Information Security

Jump to: navigation, search

Cryptography is the science of writing in secret code and is an ancient art. The first documented use of cryptography dates back to 1900 B.C.

If you want to transmit some information securely from one computer to another, or to store it securely on your own computer, how would you achieve this?

Encryption is the answer to this. There are various algorithms that can achieve this; some more secure than others. An algorithm is a series of mathematical equations that turns the information we want to secure (plaintext) into the secure form called ciphertext.

Modern cryptographers try to build cryptography or security systems with these characteristics:

  • Privacy/confidentiality: No one should be able to read the message except the intended recipient.
  • Integrity: Ensuring that the message has not been altered during transmission or storage.
  • Authentication: Ensuring the person is who he/she claims to be; basically establishing the identity of the person.
  • Non-repudiation: A mechanism to prove that the sender really sent this message.

Many practical applications require some, but not all of these characteristics.

In particular, protocols for proving message integrity and authentication were apparently first developed by the Sumerians around 3,400 B.C. -- these protocols later led to the development of writing.[1]



The image below describes in simplistic terms about the process of encryption.



The reverse process of what is shown above is what we call decryption. Decryption converts the ciphertext back into plaintext.


A key is used to encrypt the data and to decrypt it.

Cryptography has evolved over the years. The mode of encryption used during Julius Caeser's time is very different from what we use today. Infact, its quite different from even what was used during World War II. More details about this evolution is captured at - History of Cryptography.

In the "classic" ciphers invented before 1883, each cipher had a limited number of keys -- a persistent adversary, if he knew exactly which cipher was used to create an encrypted message, could eventually work through all the possible "keys" for that cipher and decode the message. This led to the widespread misunderstanding[1] that "security through obscurity" -- keeping the cipher process a "trade secret" -- would improve secrecy.

Kerckhoff's Law (1883) states that "There is no secrecy in the algorithm - It is all in the key.".

External References

  1. "The Playdough Protocols: Commercial security at the birth of writing, arithmetic, and religion in ancient Sumer (modern Iraq)." by Nick Szabo 2002