You are viewing a free preview of this lesson.
Subscribe to unlock all 10 lessons in this course and every other course on LearningBro.
What is Cryptography
What is Cryptography
Cryptography is the science of securing communication and data through the use of codes, ciphers, and mathematical techniques. It ensures that only authorised parties can access information, even when it travels across untrusted networks.
Why Cryptography Matters
Cryptography underpins virtually every secure digital interaction:
- Online banking — encryption protects transactions and account credentials
- Messaging apps — end-to-end encryption ensures only sender and receiver can read messages
- E-commerce — TLS/HTTPS secures credit card details during checkout
- Government communications — classified information relies on strong cryptographic algorithms
- Blockchain and cryptocurrency — cryptographic hash functions and digital signatures power decentralised trust
Without cryptography, the internet as we know it would be fundamentally insecure.
Core Goals of Cryptography
Cryptography serves four fundamental security goals:
| Goal | Definition | Example |
|---|---|---|
| Confidentiality | Ensuring only authorised parties can read the data | Encrypting an email so only the recipient can decrypt it |
| Integrity | Detecting whether data has been altered | Using a hash function to verify a downloaded file has not been tampered with |
| Authentication | Verifying the identity of a sender or system | A digital certificate confirming a website is genuine |
| Non-repudiation | Preventing a party from denying a previous action | A digital signature proving who signed a document |
Remember: These four goals are often abbreviated as CIAN — Confidentiality, Integrity, Authentication, and Non-repudiation.
Key Terminology
| Term | Definition |
|---|---|
| Plaintext | The original, readable message or data |
| Ciphertext | The encrypted, unreadable output |
| Encryption | The process of converting plaintext into ciphertext |
| Decryption | The process of converting ciphertext back into plaintext |
| Key | A secret value used by an algorithm to encrypt or decrypt data |
| Algorithm (Cipher) | A mathematical procedure for encryption and decryption |
| Cryptanalysis | The study of breaking cryptographic systems |
| Cryptology | The combined study of cryptography and cryptanalysis |
The Encryption Process
Plaintext ──▶ [ Encryption Algorithm + Key ] ──▶ Ciphertext
Ciphertext ──▶ [ Decryption Algorithm + Key ] ──▶ Plaintext
A Brief History of Cryptography
Cryptography has been used for thousands of years:
| Era | Technique | Description |
|---|---|---|
| Ancient Egypt (~1900 BC) | Hieroglyph substitution | Scribes used non-standard hieroglyphs to obscure meaning |
| Sparta (~700 BC) | Scytale | A rod-based transposition cipher for military messages |
| Rome (~50 BC) | Caesar cipher | Julius Caesar shifted letters by 3 to encode messages |
| Medieval Arabia (~800 AD) | Frequency analysis | Al-Kindi described the first known technique for breaking substitution ciphers |
| World War II (1940s) | Enigma machine | Germany used electro-mechanical encryption; Alan Turing's team broke it at Bletchley Park |
| 1970s | DES (Data Encryption Standard) | The first widely adopted standardised encryption algorithm |
| 1976 | Diffie-Hellman key exchange | The birth of public-key cryptography |
| 1977 | RSA algorithm | Rivest, Shamir, and Adleman publish the first practical public-key encryption system |
| 2001 | AES (Advanced Encryption Standard) | Replaces DES as the gold standard for symmetric encryption |
Types of Cryptography
Modern cryptography is divided into three main categories:
1. Symmetric-Key Cryptography
- Uses a single shared key for both encryption and decryption
- Fast and efficient for large amounts of data
- Challenge: securely sharing the key between parties
- Examples: AES, DES, 3DES, ChaCha20
2. Asymmetric-Key (Public-Key) Cryptography
- Uses a key pair: a public key (shared openly) and a private key (kept secret)
- Solves the key distribution problem
- Slower than symmetric encryption
- Examples: RSA, ECC (Elliptic Curve Cryptography), Diffie-Hellman
3. Hash Functions
- Produce a fixed-length output (digest) from any input
- One-way: you cannot reverse a hash to recover the original data
- Used for integrity verification, password storage, and digital signatures
- Examples: SHA-256, SHA-3, bcrypt, Argon2
Symmetric: Same key encrypts and decrypts
Asymmetric: Public key encrypts, private key decrypts (or vice versa)
Hashing: One-way — input produces digest, no reversal possible
Kerckhoffs's Principle
A foundational rule in modern cryptography, stated by Auguste Kerckhoffs in 1883:
"A cryptographic system should be secure even if everything about the system, except the key, is public knowledge."
This means:
- Security depends on the key, not the secrecy of the algorithm
- Algorithms should be open and publicly reviewed (peer review strengthens security)
- Secret or proprietary algorithms are considered a weakness — this is called "security through obscurity"
- Modern standards like AES and RSA are fully public and have been extensively analysed
Cryptography vs Steganography
| Aspect | Cryptography | Steganography |
|---|---|---|
| Goal | Make data unreadable without the key | Hide the existence of the data entirely |
| Visibility | Ciphertext is visible but unintelligible | Hidden data is invisible to casual inspection |
| Example | Encrypted email | Hiding a message inside an image file |
| Strength | Strong mathematical foundations | Can be detected with forensic analysis |
In practice, the two can be combined — encrypt a message, then hide the ciphertext inside an image.
Where Cryptography is Used Today
| Application | Cryptographic Technique |
|---|---|
| HTTPS/TLS | Symmetric encryption (AES), asymmetric encryption (RSA/ECC), certificates |
| Email (PGP/S-MIME) | Public-key encryption and digital signatures |
| Password storage | Hashing with salt (bcrypt, Argon2) |
| VPNs | Symmetric encryption, key exchange (Diffie-Hellman, IKE) |
| Blockchain | Hash functions (SHA-256), digital signatures (ECDSA) |
| Disk encryption | AES (BitLocker, FileVault, LUKS) |
| Secure messaging | End-to-end encryption (Signal Protocol) |
| Digital signatures | RSA, ECDSA, EdDSA |
Tip: Cryptography is a tool, not a solution on its own. A perfectly encrypted system can still be compromised through weak key management, implementation bugs, or social engineering.
Summary
Cryptography is the foundation of digital security, providing confidentiality, integrity, authentication, and non-repudiation. From ancient substitution ciphers to modern AES and RSA, the field has evolved dramatically. Modern cryptography is divided into symmetric encryption, asymmetric encryption, and hash functions — each serving different purposes. Kerckhoffs's principle reminds us that security must rely on the key, not the secrecy of the algorithm. In the following lessons, we will explore each of these areas in depth.