Understanding Cryptography

“ $%^*^* Nh%&gfg  K97@#”. Well, I’m 100% sure that you did not understand what I meant to say through these words. This is what cryptography is all about. Nah, don’t think that if you are unable to read what was written, it becomes an implementation of cryptography. When you convert plain text (readable text) into something that cannot be read (deciphered) often called ciphertext, it is known as cryptography.

Why would you want to convert something which is readable into gibberish? From time immemorial, human beings have kept secrets to protect themselves and their countries. For this very reason, information must be protected and this assurance can be further provided by encrypting the data, ie. the process of converting plain text into cipher text. Remember, the three pillars of information security – CIA. Cryptography helps implement the confidentiality principle.

The formal definition is as follows:

Cryptography is a method of storing and transmitting data in a form that only those it is intended for can read and process. It is considered a science of protecting information by encoding it into an unreadable format.

Now it’s time to learn new terms :

Encryption is a method of transforming readable data, called plaintext, into a form that appears to be random and unreadable, which is called ciphertext. Plaintext is in a form that can be understood either by a person (a document) or by a computer (executable code).

Once it is transformed into ciphertext, neither human nor machine can properly process it until it is decrypted. This enables the transmission of confidential information over insecure channels without unauthorized disclosure.

The algorithm is the set of rules also known as the cipher, dictates how enciphering (encryption) and deciphering (decryption) takes place. The secret ingredient that makes this algorithm so hard to break is the KEY.

If you are confused, don’t be. We need to understand all of this through an example.

In cryptography, you need to make friends with Alice & Bob. They are the 2 most famous people in the world of cryptography. Now Alice wants to send a message to Bob. The message is “I passed my CISSP exam and Mayur helped me a lot in it”. This is what is plain text as you were able to read it. Bob, however, doesn’t want the world to know this. So Bob converts this message to “@#$% B$CG &*()&%VBNJIJJM” which is unreadable. He converts it to a ciphertext which you and I can’t read. How does he do that? He uses an algorithm and encrypts it. In order to do so, he uses a KEY, similar to a password or passcode which can change it back. It’s like using a lock and only the correct KEY combination can open the lock.

In encryption, the key (crypto variable) is a value that comprises a large sequence of random bits. Is it just any random number of bits crammed together? Not really. An algorithm contains a keyspace, which is a range of values that can be used to construct a key. When the algorithm needs to generate a new key, it uses random values from this keyspace. The larger the keyspace, the more available values can be used to represent different keys—and the more random the keys are, the harder it is for intruders to figure them out. For example, if an algorithm allows a key length of 2 bits, the keyspace for that algorithm would be 4, which indicates the total number of different keys that would be possible.

All this makes up a cryptosystem which contains all the hardware and software that is required to implement this.

In a nutshell, cryptography helps you protect your information by utilizing rules which are driven by a key.

What are your thoughts on this?


You may also like to read...

Access Control Models - DAC, MAC, RBAC , Rule Based & ABAC

Understanding Security Modes - Dedicated , System high, Compartmented , Multilevel

Identification, Authentication, Authorization, and Accountability

How to Pass SSCP Exam in the First Attempt

Quick Tips for SSCP Exam