Introduction

We are starting a series of Cryptography related blogs and this is our first blog, focusing on basics. Let’s get started.

The digital mediums through which data is transmitted and stored is highly unsafe. Whether it is about sending an email through an email service provider or a text message, there is a very high chance that the message that we send or receive can be stolen or monitored by third parties. This might happen if the channels aren’t protected and secured using robust security methods.

With the rise in cyberattacks and data theft, there is a need to have a robust security protocol that protects data confidentiality and integrity. Cryptography is a technique that keeps the communication safe from an adversary. Cryptography algorithms secure the information transferred between two entities by encrypting it. The message is encrypted so that no other party can intercept the connection and read it during transit.

Encryption is a key component of cryptography, and different cryptography algorithms can transform the original data into undecipherable code. If third parties try to access the message, they will only see jumbled letters instead of the actual text. Using the same algorithm and decryption key, the original message is restored, and the authorized receiver can easily read it.

Now, all this might look simple from the surface; however, a lot goes on behind the scenes. Let’s look at some Cryptography basics.

Understanding Cryptography

Cryptography relies on mathematical concepts to encrypt and decrypt information. It makes the communication system more secure and encrypts original data to prevent malicious third parties (or adversaries) from accessing and reading it.

Cryptography uses an encryption key to transform plaintext into an encrypted format (ciphertext). These algorithms are usually considered safe, and it is not easy for an attacker to interpret or “crack” encrypted messages without a key.

Cryptography can be used to protect the following data:

• Data at rest (data stored in databases etc.,)
• Data in transit (data movement between client and server etc.,)

Below are some fundamental requirements of a Secure Network

• Authentication – Authentication is the process of verifying one’s identity to prove that they are who they say they are.

• Confidentiality – Ensures no one can read the messages except the intended receiver and helps to keep information private and secure, even if it travels through an insecure medium.

• Data Integrity – Ensures that the message received by the receiver has not been altered in any way from the original.

• Non-Repudiation – Non-repudiation is a mechanism to prove that the sender was really the one who has sent the message.

How Does Cryptography Work?

Cryptography is a crucial aspect of modern data security systems that enables secure transmission and storage between two willing entities. It ensures the right recipient can decrypt and get the correct data. Let’s understand how it works:

Encryption refers to transforming the original message (cleartext or plaintext) into a scrambled (unreadable) format by applying the encryption algorithm. It provides data privacy and prevents messages from being comprehended by third parties if they are intercepted. This unreadable format is created using mathematical calculations, usually called Ciphers.

Decryption works opposite to the encryption. This means decryption decodes the scrambled information into the cleartext/plaintext so that the receiver can read it. To do this, a Cryptography key is usually used, which first converts plain text to scramble format and then again decrypts this scrambled data to a readable format. However, this may vary based on which type of cryptography is used. In simple words, Cryptographic key is the core element for both the encryption and decryption of data. There are two most common types of Cryptography algorithms – Symmetric and Asymmetric.

Symmetric Cryptography

Symmetric cryptography is a type of encryption that uses the same cryptographic keys to encrypt and decrypt messages. It implies that both the sender and receiver share one secret key. For instance, a sender transforms plaintext to Cipher text using an encryption key, and later this same key is used by the receiver to decrypt the Cipher text to a readable format.

Some of the popular symmetric encryption algorithms are:

• Serpent
• Camellia
• RC4
• DES (Data Encryption Standard) – 56 bit
• 3DES – 56 bit – 3 keys
• Blowfish – Good on Time/Memory
• TwoFish
• AES (Advanced Encryption Standard) – Different key lengths – 128, 192, 256

One downside of symmetric-key encryption is that you have to share a secret key with the person you’re communicating with. This method works well if you want to communicate with a limited number of people, but becomes impractical to exchange keys with large number of people. Also, this key must be transmitted securely to the intended person, so no-one in between is able to get this key.

Asymmetric Cryptography

Asymmetric cryptography is also commonly known as “public-key cryptography.” This type of cryptography uses two different cryptographic keys (public and private) – One key is for the sender to encrypt a message, and another key is for the receiver to decrypt the message. Here, the public key can be freely distributed without compromising the private key, which must be kept secret by it’s owner.

In the above picture, we can see that Jana uses Amy’s public key to encrypt and Amy then uses her private key to decrypt the data sent by Jana.

Some examples of asymmetric (or public key) encryption algorithms are:

• RSA
• Diffie-Hellman
• ElGamal
• Elliptic-curve
• Cramer
• YAK

Difference Between Symmetric and Asymmetric Encryption

Hashing Function

Cryptographic hash functions (CHF) is a special kind of hash function, which translate messages/data of various lengths into a fixed-size numerical string called the hash. Since CHFs have a single direction of work, it is not possible to reverse the order to get some information from them. We can think of it as a one way encryption.

It takes any input and converts it to a unique fixed-length hash value (fingerprint). Any minor change in the input would produce a completely different fingerprint and no two inputs would produce the same fingerprint hash value as well (collision free).

This has several applications like password storage (storing hash values instead of password), data integrity checks, digital signatures etc.

These are some of the most common hashing algorithms:

• MD5 – 128 bit
• SHA1 – 160 bit
• SHA2 – SHA256/SHA512
• SHA3 – KECCAK – 256/512 – Different Structure

Salting

Salting is a cryptography technique that adds random data to the input data prior to hashing. It provides additional protection from attacks like rainbow table lookup, which is also a password cracking method in which the attacker compares the hashes of a password with precomputed hashes in the table to decipher the password.

The additional value is called salt. The idea is to alter the password to hide its original hash value. Even the slightest change in the password being hashed will result in a different and unique hash value. However, the key here is that the salt for each password should be different. Otherwise, it becomes easy for the attacker to interpret the password by adding a common salt value to the precomputed hash value. Also, the salt value should be longer, so it becomes difficult to decipher it.

Let’s assume that below are the passwords for the two users.

In the below table, notice that each user has different salt value. The hashed password values are totally different for the same passwords, and it is because the salt values added are different.

Role of Cryptography in Cybersecurity

Cryptography plays a significant role in cybersecurity; some of the ways are:

1. 1. Safeguarding the Data

One of cryptography’s most important roles is ensuring the confidentiality of sensitive data. Cryptography encrypts data into an unreadable format that can’t be decrypted without the encryption key. This feature can be crucial for safeguarding users’ personal data, financial transactions, and official secrets from unauthorized access.

2. 2. Maintaining the Data Consistency

Another benefit of cryptography is data consistency and integrity. A hash function is the best way to ensure this; it ensures that the senders’ data should remain unchanged during transmission or storage. If someone changes the data, the hash value will alter, too, letting the system know if someone tried to modify the data.

3. 3. Ensuring the Message is sent by the Authorized Person

Cryptography also ensures the authenticity of users, devices, or entities in digital settings. For instance, digital signatures verify the origin and integrity of data and confirm the identity of the sender.

4. 4. Securing the Communication Lines, Channels, and Protocols.

In this age of globalization, a secure communication system is a must-have option to protect against data hacking. Protocols like TLS/SSL leverage cryptography to create stable channels for transferring sensitive data across the Internet. They will ensure a secure online banking system, eCommerce transactions, business communication, and even defence purposes.

The Bottom Line

Cryptography plays a crucial role in many fields, like computer security, banking, digital currencies, cybersecurity, and more. In essence, Cryptography gives its users a seamless communication experience by converting plaintext into ciphertext using algorithm keys, helping protect sensitive data. It has the basic four principles, such as confidentiality, integrity, authenticity, and non-repudiation, which ensure protection against unauthorized access by third parties.

This blog focused on the basics of Cryptography and in future blogs, we’ll look at other relevant concepts in Cryptography.