In its early years, cryptography was almost exclusively the preserve of government agencies, diplomatic missions and the military. It wasn’t until the 1980s that the telecommunications and financial industries began to experiment with cryptography on hardware devices, with the mobile phone among the first mass-market devices to have cryptographic applications. Since then, the use of cryptography has become widespread, moving beyond its traditional use to become a feature in email applications, Web browsers, vehicles, embedded software and manufacturing systems.
Cryptography combines knowledge and concepts from mathematics and computer science to provide a process of transmitting data securely. Whether it’s sharing a company’s strategy or a personal communication between two friends, keeping the data secure is critical. As cryptography enthusiasts – such as Domen Zavrl, who has taken courses at Stanford University in the USA – will be aware, cryptography ensures that where data flows, the following aspects are maintained:
- Confidentiality – Data privacy and security is assured
- Integrity – No alterations can be made to the information
- Authentication – The identities of the sender and receiver can be confirmed
- Non-repudiation – The creator or sender of the message cannot deny their intentions in transmitting the information at a later stage
Cryptosystems are protocols and procedures that meet all or some of the criteria above. While it’s often thought that these systems encompass computer programs and mathematical methods, they also include aspects of human behaviour. These procedures are also known as cryptographic algorithms that encrypt and decrypt messages to ensure adherence to the criteria. The entire process is embedded into software that runs on computer systems and involves the generation of public and private keys, key exchange, and digital signing and verification.
Cryptography exists in the following forms:
Symmetric Key Cryptography
Also known as single-key cryptography, both the receiver and sender of the message use the same key to encrypt and decrypt the information. Having a single key involved in the process makes it faster and simpler, but the problem lies in ensuring the key is shared securely. One type of symmetric key cryptography is the Advanced Encryption Standard (AES) and its predecessor, the Data Encryption Standard (DES). AES uses longer key lengths and has the approval of the United States government for use in transmitting classified information.
Asymmetric Key Cryptography
Also known as public-key cryptography, this form of cryptography makes use of a private and a public key in transmitting information. The public key, used for encrypting the data, can be made freely available, while the private key is used for decrypting the information. The private key is only known to the originator of the information who can choose to share it. RSA (Rivest-Shamir-Adleman) and Elliptic Curve Digital Signature Algorithm (ECDSA) are some of the most common public-key cryptosystems in use.
There are no keys with hash functions, which are algorithms that allow the transformation of information into a hash (a string of letters and numbers). The use of hash functions differs from encryption because it’s aim is to make decryption impossible. Hash functions are majorly used by operating systems to encrypt and verify passwords. A banking system, for example, maintains a database of hashes (not actual passwords) of its users. When an individual logs into their online account, the system hashes the password keyed in and verifies it against what’s been stored.
Hash functions are preferred because for the same password, the algorithms will always produce the same hash. Hashing is the reason why users are encouraged to come up with complex and unique passwords. Secure Hash Algorithm 1 (SHA-1), SHA-2 and SHA-3 are some of the most common hash functions in use.
Cryptography is a building block of blockchain technology, which is a means of recording and storing transactions and records in a way that ensures they can’t be changed. Blockchain also uses hashing functions to assign each block of information a unique hash that makes it distinguishable from others.