Basic concepts of Cryptography

Cryptography is the practice of securing communication in the presence of third parties. It's a cornerstone of digital security, allowing us to protect sensitive information even when it's sent across insecure channels.

Whether you're sending an email, making an online payment, or accessing a secured server, cryptographic principles are silently working behind the scenes to protect your data.

This tutorial will walk you through the fundamental concepts and techniques in cryptography.

Why Cryptography Matters

At its core, cryptography ensures:

• Confidentiality: Information is only accessible to those authorized.
• Integrity: Data has not been altered or tampered with.
• Authentication: Verifies the identity of the sender or receiver.
• Non-repudiation: Prevents someone from denying their involvement in a communication or transaction.

Meet Alice, Bob, and Trudy

Cryptography scenarios often involve three fictional characters:

• Alice: The sender of a message.

• Bob: The intended recipient.

• Trudy (the intruder): The malicious third party trying to intercept, modify, or impersonate communications between Alice and Bob.

These characters help us visualize the roles and threats in a cryptographic system.

Basic Cryptographic Terminology

Here are some key terms you'll encounter:

Symmetric Key Cryptography (Secret Key Cryptography)

Symmetric encryption uses the same key for both encryption and decryption. How it Works

• Alice and Bob agree on a secret key
• Alice encrypts her message using this key
• Alice sends the ciphertext to Bob
• Bob decrypts the ciphertext using the same key

Lets consider an example

Alice wants to send the message "Hi Bob, I'm Alice" to Bob. Therefore the plain text is,

• They share a secret key: "SecretK3Y"
• Alice uses the key to encrypt: "Hi Bob, I'm Alice" → "3c6e0b8a9c1522"
• Alice sends "3c6e0b8a9c1522" to Bob
• Bob uses "SecretK3Y" to decrypt "3c6e0b8a9c1522" → "Hi Bob, I'm Alice"

If Trudy intercepts the message, she sees only "3c6e0b8a9c1522" which is meaningless without the key.

Advantages

• Fast and efficient for large amounts of data
• Relatively simple implementation

Disadvantages

• Key distribution problem: How do Alice and Bob securely share the initial key?
• Scalability issues: Need a unique key for each pair of communicating parties

Common Algorithms

• AES (Advanced Encryption Standard)
• DES (Data Encryption Standard) and 3DES
• Blowfish and Twofish

Asymmetric Key Cryptography (Public Key Cryptography)

Asymmetric encryption uses two mathematically related keys: a public key and a private key. How it Works

• Bob generates a key pair: public key and private key
• Bob shares his public key openly (even Trudy can have it)
• Bob keeps his private key secret
• Alice encrypts her message using Bob's public key
• Alice sends the ciphertext to Bob
• Only Bob's private key can decrypt the message

Example

• Bob generates key pair: Public key "BobPubK3y" and Private key "BobPvtK3y"
• Bob shares "BobPubK3y" with everyone, including Alice and Trudy
• Alice encrypts "Hi Bob, I'm Alice" using "BobPubK3y" → "caf8e34be07426ae7127c1b4829983c1"
• Alice sends "caf8e34be07426ae7127c1b4829983c1" to Bob
• Bob decrypts using his private key "BobPvtK3y" → "Hi Bob, I'm Alice"

Even if Trudy has Bob's public key, she cannot decrypt the message without Bob's private key. Advantages

Solves the key distribution problem Enables secure communication without prior secret sharing Enables digital signatures (discussed later)

Disadvantages

• Much slower than symmetric encryption
• Requires more computational resources

Common Algorithms

• RSA (Rivest–Shamir–Adleman)
• ECC (Elliptic Curve Cryptography)
• Diffie-Hellman key exchange

Hash Functions

Hashing is a one-way function that converts data of any size to a fixed-size string. Properties of Secure Hash Functions

• One-way function: Easy to compute the hash, but impossible to derive the original input from the hash
• Deterministic: The same input always produces the same hash
• Avalanche effect: Small changes in input create large changes in the hash
• Collision resistance: Difficult to find two different inputs that produce the same hash

Uses of Hashing

• Data integrity: Verify that data hasn't been altered
• Password storage: Store hash of passwords rather than actual passwords
• Digital signatures: Sign hash of a document rather than the entire document

Example Alice wants to ensure the integrity of a document she's sending to Bob:

• Alice calculates the hash of her document: "Important contract" → "5f4dcc3b5aa765d61d8327deb882cf99"
• Alice sends both the document and the hash to Bob
• Bob calculates the hash of the received document
• If Bob's calculated hash matches the hash Alice sent, the document is intact

If Trudy intercepts and modifies the document, the hash Bob calculates won't match the hash Alice sent.

Common Hash Algorithms

• SHA-256 (Secure Hash Algorithm)
• MD5 (Message Digest Algorithm) - now considered insecure
• BLAKE2
• Argon2 (designed for password hashing)

Public Key Infrastructure (PKI)

PKI addresses the trust problem: How does Alice know that the public key really belongs to Bob? Certificate Authorities (CAs) Trusted third parties that issue digital certificates verifying the ownership of public keys. How it Works

• Bob requests a certificate from a CA
• CA verifies Bob's identity
• CA issues a certificate binding Bob's identity to his public key
• CA signs the certificate with its private key
• When Alice receives Bob's certificate, she verifies it using the CA's public key
• If valid, Alice can trust that the public key belongs to Bob