--Originally published at The Hitchhiker's Guide to information security… according to me!
Cryptography, the thing we all want to learn how to do and crack because it sounds cool, doesn’t it? As cool as it sounds, cryptography means the study of techniques to secure communication. Please don’t confuse with encryption which is the actual process of coding the message so only the authorized party could read it.
Truth is, cryptography is a very important process in the communication between users, systems, applications, etc. We don’t want everyone knowing about our credit card number, our passwords, our client’s information, at what time there’s nobody in our house, our dirty conversations, the location of the secret place where we store our chocolate cookies, etc. If it wasn’t for cryptography we wouldn’t be able to trust any communication device (we shouldn’t, but this will be more obvious) and we would be bind to only to transmit a message or a piece of information in person, and that wouldn’t be practical would it.
Since ancient times people have been studying ways of exchanging communication without a fear of a third party finding out. One example of ancient practices of cryptography is the Caesar Cipher encryption method, which shifts the letter of the alphabet by a certain number. For example if you wanted to write an A, then shifting it 3 spaces you would write a D, and so on with the other letters. So if I were to write “I am cool” with a shift of 3 it would read as following:
Plaintext: I am cool
Cybertext: L dp frro
Nowadays there exist more complicated ways of encryption that can guarantee the safe exchange of information. Some encryption algorithms use in modern days are the following:
- DES
- RSA
- HASH
- MD5
- AES
- SHA-1
- HMAC
Also there exist two fields of study and types of encryption which are
Symmetric key cryptography: means that both sender and receiver have the same key for decrypting the message. The key is a random string of elements that enables you to decrypt or encrypt a message. In symmetric key cryptography the same key is use to encrypt and decrypt. The key needs to be changed with frequency to suppress the risk of a hacker stealing the key enabling him to decrypt al the messages from the sender.
Public asymmetric key cryptography: means that the encryption method uses a key pair. Both keys belong to the receiver, one key is used for encryption and it’s a public key that anyone can use for encrypting messages directed to the receiver, the other key is private and it’s used for decrypting the message. This key is only possessed by the receiver assuring that communications will be secured.
So the morale of the history is: encryption is cool. If you are the administrator of a system be sure you are using encryption to secure your communications or secure your data because as we’ve been saying from the start the world is full of evil dudes out there, and the only thing good guys can do is secure their systems.
Cool video coming next
