What is cryptography?
Modern cryptography is a process used to keep digital communications secure, ensuring that only the intended senders and receivers of data can view the information.
This is achieved by using cryptographic algorithms and keys, and includes a few key steps:
- The user’s original information – known as plaintext – is encrypted into something called ciphertext, which will be indecipherable to anyone except the message’s intended recipients.
- The encrypted message is then sent to the receiver. Even in the event of interception by an unintended recipient, the cryptographic algorithms will safeguard and protect data.
- Once received, a key is used for decryption, enabling the receiver to access the original message.
Why cryptography is important
It’s clear that cryptography provides vital data security, and this has become increasingly important in today’s interconnected world where data flows non-stop across devices and networks, and the confidentiality, integrity, and authenticity of information has become paramount.
“Cryptography is one of the most important tools businesses use to secure the systems that hold their most important data assets,” writes Forbes in a 2021 article about cryptography. “Vulnerabilities resulting from an absence of cryptography or having noncompliant crypto and unmanaged public key infrastructure (PKI) lead to business disruptions, data breaches and brand erosion. The average cost of a breach in the U.S. is $8.6 million, according to IBM and the Ponemon Institute, and mega-breaches can surpass a whopping $1 billion.”
Understanding the difference between cryptography and encryption
Cryptography and encryption are closely related terms, but they refer to distinct concepts. Cryptography has a broader scope, including the entire field of techniques and methods for securing information. Encryption, on the other hand, is a specific method used within cryptography to transform data into an unreadable format for unauthorised users.
Types of cryptography
- Symmetric cryptography. In symmetric cryptography, the same secret key – shared by the sender and the recipient – is used to encrypt and decrypt. The single key method is efficient for securing data, but securely exchanging the secret key between parties can present a security challenge.
- Asymmetric cryptography. Asymmetric cryptography, or public key cryptography, uses two different keys. The first is a public key, which is accessible to anyone, and the second is a private key, which is kept secret by its owner. Asymmetric cryptography and public key encryption eliminate the need to exchange secret keys, but are more computationally intensive than symmetric cryptography.
- Hash functions. Hashing algorithms that don’t require a key. For example, they’re used for verifying passwords.
How is cryptography used in digital security?
Cryptosystems have several key applications, including:
- Safeguarding sensitive information. Cryptography is used to encrypt sensitive data, such as credit card details and digital currencies and cryptocurrency, during transmission and storage.
- Enabling authentication systems. Cryptographic techniques ensure the authenticity of messages and the identity of the sender. This helps in verifying the legitimacy of the sender and detecting any tampering with the message. Cryptography also prevents non-repudiation, ensuring that the sender of a message cannot deny their involvement in sending it, because digital signatures provide evidence that the message was indeed sent by the claimed sender.
- Protecting data integrity. Cryptography ensures that data remains unchanged during transit by generating what’s known as a hash value, which is a fixed-size string derived from the original data. Any alteration to the data will result in a different hash value, alerting the recipient to potential tampering.
- Securing communications. Cryptography provides secure communications, particularly on websites. For example, SSL (secure sockets layer) and TLS (transport layer security) ensure that data exchanged between a user and a server remains confidential.
Cryptography: examples
Common examples of cryptography algorithms and systems include:
- Advanced Encryption Standard (AES). AES, a symmetric encryption algorithm, is widely used to secure sensitive information. It’s employed in various ways, from securing banking transactions to protecting classified government documents.
- RSA (Rivest-Shamir-Adleman). A prominent asymmetric encryption algorithm, RSA is often used for secure key exchanges and digital signatures on the internet.
- Diffie-Hellman Key Exchange. The Diffie-Hellman method enables the secure exchange of cryptographic keys over an insecure channel.
- Data Encryption Standard (DES). DES is a symmetric key cryptography algorithm that encrypts chunks of data in what’s known as a block cipher.
- Digital Signature Algorithm (DSA). DSA algorithms are used to generate and authenticate digital signatures.
- Elliptic Curve Cryptography (ECC). ECC can create asymmetric keys more efficiently than RSA algorithms.
The future of cryptography
The future of cryptography is in quantum cryptography, with the hope it provides unhackable data encryption. But while quantum computing can be used in aid of cryptography, it’s can also be used against it:
“Quantum computers use a different computing architecture that can solve certain types of problems much faster than classical computers, including the mathematical problems used in some encryption methods,” explains Forbes. “As such, quantum computers have the potential to render current encryption methods vulnerable to attack, compromising the security of sensitive data. Thus, the threat becomes real when more powerful quantum computers are developed in the future, which could defeat commonly used encryption systems.”
Experts believe that some cyber criminals are already storing encrypted data now in the hopes of decrypting it once they have access to more powerful quantum computers in the years to come:
“It’s becoming increasingly common for data thieves to steal and store data until more powerful computers can decrypt it and present opportunities for espionage, blackmail or sale in the future.”
Build secure cryptosystems with a career in cybersecurity
Develop your expertise in cryptography with the 100% online MSc Computer Science with Cyber Security from the University of York. This flexible Masters degree is aimed at working professionals and graduates from other disciplines who want to build a career in computer science and cyber security.
In addition to cryptography, you will explore a range of other cyber concepts and solutions such as memory and resource management, password protection, and denial of service attacks (DoS). You’ll also learn about programming techniques, computer and network security infrastructure and protocols, security risks and security engineering.