What is Cryptography?
Cryptography is the practice and study of techniques for secure communication in the presence of third parties called adversaries. It involves creating and analyzing protocols that prevent unauthorized parties from reading private messages.
📜 Historical Note
The earliest forms of cryptography date back to ancient Egypt, where hieroglyphs were used to conceal messages. Julius Caesar used a substitution cipher now known as the Caesar cipher to protect military communications.
Basic Cryptographic Concepts
Encryption and Decryption
Encryption is the process of converting plaintext (readable data) into ciphertext (unreadable data). Decryption is the reverse process of converting ciphertext back to plaintext.
The original, readable message or data
The encrypted, unreadable version of the plaintext
A piece of information that determines the output of a cryptographic algorithm
The mathematical process used for encryption and decryption
Plaintext: HELLO WORLD
Key: Shift by 3 positions
Ciphertext: KHOOR ZRUOG
Types of Cryptography
Symmetric Cryptography
Uses the same key for both encryption and decryption. Both parties must have the same secret key.
Asymmetric Cryptography
Uses a pair of keys: a public key for encryption and a private key for decryption. Also known as public-key cryptography.
Symmetric Cryptography Details
Fast, efficient for large amounts of data
Key distribution problem, doesn't provide non-repudiation
AES, DES, 3DES, Blowfish
Asymmetric Cryptography Details
Solves key distribution problem, provides non-repudiation
Slower than symmetric cryptography, computationally intensive
RSA, ECC, Diffie-Hellman, DSA
Key Difference
Symmetric: One key for both encryption and decryption
Asymmetric: Two different keys (public and private)
Cryptographic Hash Functions
Hash functions take input data of any size and produce a fixed-size output (hash value). They are one-way functions, meaning it's computationally infeasible to reverse the process.
Deterministic, fast to compute, pre-image resistant, collision resistant
Password storage, data integrity verification, digital signatures
SHA-256, MD5, SHA-3, Bcrypt
Input: "Hello World"
SHA-256 Hash: a591a6d40bf420404a011733...
# Even a small change creates completely different hash
Input: "hello world"
SHA-256 Hash: b94d27b9934d3e08a52e52d7...
Digital Signatures
Digital signatures provide authentication, integrity, and non-repudiation. They use asymmetric cryptography to verify that a message was created by a known sender and wasn't altered in transit.
Sender signs with private key, receiver verifies with sender's public key
Authentication, integrity, non-repudiation
RSA-PSS, ECDSA, DSA
Common Applications
SSL/TLS (Secure Sockets Layer/Transport Layer Security)
Protocols that provide communications security over a computer network. Used for secure web browsing (HTTPS), email, and other applications.
VPN (Virtual Private Network)
Extends a private network across a public network, enabling users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.
Password Storage
Websites store password hashes instead of plaintext passwords. When you log in, they hash your input and compare it to the stored hash.
Digital Certificates
Electronic documents that use digital signatures to bind a public key with an identity. Used in public key infrastructure (PKI).
Best Practices
Security Recommendations
- Use strong, modern algorithms (AES-256, RSA-2048+)
- Never roll your own cryptography
- Use established libraries and frameworks
- Protect cryptographic keys properly
- Keep up with cryptographic advancements
- Use salt with password hashing
Important Warning
Cryptography is complex and constantly evolving. Always use well-tested, established cryptographic libraries rather than implementing your own solutions. Weak cryptography can be worse than no cryptography at all.