When you hear the word "cryptography," your brain probably jumps to someone sitting in a dark room staring at lines of code. You might also think of highly trained software engineers protecting endless amounts of data in digital infrastructure. Cryptography is all of that to some degree, but it's also a root methodology to modern coding. Let's try to understand some basic principles of cryptology to gain a greater understanding of this new technological workflow.
There are three key principles of cryptography: Encryption, Authentication, and Integrity.
Encryption is the process of converting data into an unreadable form in order to protect its privacy during data transfer, reception, and storage. Encrypted data has to be decrypted via a process called decryption.
Encryption and decryption require, in essence, a key of sorts to be used in the process so that while the data seems scrambled, it can still be read and understood by desired recipients.
Authentication is the process of ensuring that the sender claimed in a string of data is, in fact, the actual sender. This works by sending a computer or device performing some action that the receiver knows only the correct sender can do. When the receiver sees that action, it authenticates the message.
The actual process is much more complex, but this explanation summarizes the workflow.
Proper cryptography also ensures message integrity, which means that the messages are communicated accurately and not intercepted or altered on the communication path. Usually, this is done by hashing the data, which cryptographically maps out its path.
Taking these principles into actuality requires a wealth of technical skill using one of three techniques:
- Secret Key Cryptography
- Public Key Cryptography
- Hash Functions
Secret key cryptography
Secret key cryptography uses one key across both the sending encryption and the receiver's decryption. It's the simplest way of encrypting data, but its relatively low on security and distributing the single key can often be easier said than done.
Public key cryptography
Public Key Cryptography allows for the use of two keys, which are different for the sender and receiver. Both the sending party and the receiving party has a private and public key. The private key should be kept secret while the public key is known to any party looking to communicate with another. For instance, if one computer wanted to send data to another computer, it would use the receiver's public key to encrypt the data, and the receiver would use its secret private key to decrypt it.
The final basic technique of cryptology involves no keys, but rather it uses a set-length hash value that is presented as plain text. Hash functions are used to check the integrity of the transferred data. You can think of this technique as computers running data through an equation, and if it spits out the right answer, the computers can verify the accuracy of the messages.
Drawing back to the question at hand, what is cryptography, the answer is fairly simple. It's the science of taking data and securing it during transfer or storage. It's an essential aspect of modern data security and continues to push the definition of just what digital security means.