Cryptography
by Charles Iliya KrempeauxCryptography is about how to communicate securely — and how to do so even when there is a malicious person, people, organization(s), or other entities who are trying to stop you from doing so.
Cryptography is an important part of privacy.
Cryptography is also sometimes called cryptology.
Goals
Cryptography is generally used to try provide three different but related things:
- confidentiality,
- integrity, and
- authenticity.
These three goals form the foundation of the security that cryptography tries to provide.
- Confidentiality
-
Confidentiality is the goal that only the person, people, organization(s), or other entities you addressed the message to can read the message.
Confidentiality about how to hide information so that only the person, etc you want to read, listen to, or watch, etc a message can do so.
(In cryptography, things such as text, audio, and video all get called a "message".)
For example, if I record a video on my mobile phone and send it to my wife, confidentiality has it so that only my wife can watch the video, and no one else. Not even the people and organizations that provide the communication infrastructure that I use to send the video to my wife.
Confidentiality is important for privacy.
- Integrity
-
Integrity is the goal that a message’s contents cannot be tampered with.
For example, if I write this message to my wife —
Meet me at park by the kids' school at 3pm.
— integrity, for example, has it so someone else cannot change my message to:
Meet me at in the dark scary alley behind the grocery store at 2pm.
With integrity, the message my wife receives will be exactly what I sent her.
- Authenticity
-
Authenticity is the goal that if someone or something claims to be who someone or something, then you can tell if it is actually them.
This could be with someone logging into a system. Or it could be with who or what a message is claimed to be from.
For example, if my wife receives a message, she can tell if the message is actually from me or not.
Jargon
Like many specialties, cryptography has its own jargon — special words and special phrases that have special meanings in the specialty.
Sometimes jargon is comprised of new words and new phrases. But sometimes jargon is comprised of existing words and existing phrases, which are given new meanings! (This latter form of jargon can not only confuse, but also mislead people who don't understand the jargon of the specialty.)
Some of the basic jargon, in cryptography, includes the following words in phrases: cipher, cipher-text, decrypt, decryption, digest, encrypt, encryption, hash, message, party, and plain-text.
Some of the more advanced jargon, in cryptography, includes the following words in phrases: avalanche-effect, bcrypt, brute-force-attack, collision-attack, decryption algorithm, Ed25519, EdDSA, encryption algorithm, GPG, finger-print, key, MD5, pass-phrase, pass-word, pepper, PGP, proof-of-work, rainbow-table, ROT-13, RSA, running key cipher, salt, scrypt, scytale, SHA-1, SHA-2, SHA-3, shift-cipher, sponge-function, signature, substitution cipher, TLS, transposition cipher, web-of-trust, etc etc etc. (There are a lot more advanced jargon than what we listed.)
Learning cryptography's jargon will help you understand cryptography — as specialists in cryptography will very very likely be using cryptography's jargon.
Let's first focus on defining the basic jargon in cryptography.
(These definitions won't be in alphabetical order. But instead will be in an order that I think will make them easier to understand. Some jargon is easier to understand once you understand other jargon.)
Plain-Text, Cipher-Text, Encryption, Decryption
What plain-text and cipher-text as well as encryption and decryption are is probably most easily understood with some examples.
Example №1
If I write this message to my wife —
COULD YOU PICK UP THE KIDS FROM SCHOOL TODAY AT 2PM, PLEASE?
— that is plain-text.
I might not want anyone else to be able to read that message (other than my wife). So I can hide that message from others by turning that plain-text message into a cipher-text message to try to accomplish that.
The process of turning a plain-text message into a cipher-text message is called encryption.
What would a cipher-text message for that plain-text message look like‽ — well, it depends on what encryption algorithm we use.
For a very very simple example, if we were using the ROT-13 encryption algorithm, then the cipher-text would be:
PBHYQ LBH CVPX HC GUR XVQF SEBZ FPUBBY GBQNL NG 2CZ, CYRNFR?
(We will look closer at ROT-13 later.)
For my wife to read my message, she would have to turn that cipher-text back into plain-text.
The process of turning a cipher-text message into a plain-text message is called decryption.
Example №2
Let's look at another example. We will use the same plain-text —
I.e. again I will write this message to my wife —
COULD YOU PICK UP THE KIDS FROM SCHOOL TODAY AT 2PM, PLEASE?
— and again that will be the plain-text.
And again, I will not want anyone else to be able to read that message (other than my wife). So I will hide that message from others by turning that plain-text message into a cipher-text message to try to accomplish that.
But this time we will use a different encryption algorithm.
With this example, we will use another very very simple encryption algorithm — we will use a substitution cipher. To use a substitution cipher as your encryption algorithm you need to pick a substitution-alphabet. The substitution-alphabet we will use is —
| normal English alphabet | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| cipher alphabet | Q | K | T | N | H | F | P | R | M | S | U | J | W | C | B | D | Z | G | X | I | V | Y | O | E | A | L |
(We will look closer at substitution ciphers later. Don't worry if, for example, what a substitution-alphabet is doesn't make sense yet.)
With this, if we encrypt our plain-text, our cipher-text would be:
TBVJN ABV DMTU VD IRH UMNX FGBW XTRBBJ IBNQA QI 2DW, DJHQXH?
And again, for my wife to be able to read my message, she would need to have to decrypt the cipher-text back into the plain-text to get:
COULD YOU PICK UP THE KIDS FROM SCHOOL TODAY AT 2PM, PLEASE?
So, now that you have seen those examples, let's define those terms.
- Plain-Text
-
Plain-Text is the original message.
In cryptography, text, audio, and video all get called a "plain-text". Which can be a bit confusing and even misleading as, in regular language, the word "text" tends not to include audio and video. But in cryptography it does.
Usually when cryptography specialists talk about plain-text, they are doing so in relation to cipher-text.
- Cipher-Text
-
To make a plain-text message confidential, we turn it into a cipher-text.
We turn a plain-text message into a cipher-text message to hide the message so that only the person, etc you want to read, listen to, or watch, etc the message can do so.
- Encryption
-
Encryption is the process of turning plain-text into a cipher-text.
What the cipher-text ends up being depends on what encryption algorithm you end up using.
- Decryption
-
Decryption is the process of turning cipher-text back into plain-text.