Page 1 of 3
Sure, your password protects your e-mail or online bank account, but what is it that protects your password? How is it that a few letters and numbers strung together allow you the luxury of transacting business worth thousands, without stepping into your bank. Read on to learn more about the encryption wizards that keep attackers at bay.
'Egzzcpgqf' may look like gibberish to you-if you investigate further, you will realise that the word actually is 'gibberish', after it has been 'encrypted' using letter-substitution. Transpose the letters of the English alphabet such that 'a' corresponds to 'y', 'b' to 'z', 'c' to 'a', and so on, and the word 'gibberish' is rendered as 'egzzcpgqf'.
The process of transforming meaningful information (referred to as plaintext) to meaningless gibberish (referred to as ciphertext) is called encryption. The reverse process of transforming the gibberish into meaningful information is called decryption.
In simple terms, cryptography is the science or study of encryption and decryption of data. The formula used to encrypt and decrypt data is called an algorithm or a cipher. The algorithm used in our example is straightforward, and can be guessed by people who are used to solving word puzzles. Algorithms used in modern cryptography, however, are complex mathematical constructs that are used to protect sensitive and confidential data.
Cryptography is everywhere
Every time you withdraw cash from your bank's ATM, use your credit card to pay for a meal, buy air tickets online, or perform any other electronic transaction, you are likely to be using products that have some level of cryptography built into them. In the last couple of decades, our lives have become so dependent on computers and electronically-stored information that the security of data is of the utmost importance.
Cryptography provides us with a way to protect the data; without cryptography, it would be easy for a malicious person to steal sensitive data and wreak havoc on people's lives. Because data communication between applications takes place over networks, modern cryptography also deals with issues like user authentication, message integrity, and so on.
Cryptographic algorithms can be broadly classified as:
1.Secret key cryptography: A single, secret key is used for the encryption and the decryption. (Secret key cryptography is sometimes called symmetric key cryptography.) Examples include the DES (Data Encryption Standard) and the newer AES (Advanced Encryption Standard).
2. Public key cryptography: Two keys are used--one for encryption and the other for decryption. Examples include the Diffie-Hellman-Merkle key exchange and RSA (Rivest, Shamir, and Adleman).
3. Hash functions: Hash functions use special mathematical properties to convert inputs of variable length to a fixed-length output. Examples include MD5 (Message Digest 5) and SHA-1 (Secure Hash Algorithm 1).
Modern cryptography uses a combination of these algorithms, each suited for a different purpose, to ensure the security of our data and transactions. In addition, there are standards like the OpenPGP protocol, the 802.11i protocol, etc, which are used for specific purposes. We spoke to researchers in cryptography to find out about the vulnerabilities in some of these algorithms and protocols.