Network Security - basics of cryptography

1. What is Cryptography?

Cryptography is the science of securing communication and data so that only the intended recipients can understand it. Its main goal is to protect confidentiality, integrity, and authenticity of information.

Think of it as locking a message in a safe before sending it and giving the key only to the person who is supposed to open it.

2. Key Concepts

  1. Plaintext – The original readable message (e.g., “Hello World”).

  2. Ciphertext – The encrypted, unreadable version of the message.

  3. Encryption – The process of converting plaintext into ciphertext using an algorithm and a key.

  4. Decryption – The process of converting ciphertext back to plaintext using a key.

  5. Key – A secret value used in encryption/decryption. Without the correct key, the message cannot be read.

3. Goals of Cryptography

  • Confidentiality – Ensure that only authorized parties can read the data.

  • Integrity – Ensure that the data has not been altered during transmission.

  • Authentication – Verify the identity of the sender or receiver.

  • Non-repudiation – Prevent the sender from denying that they sent the message.

4. Types of Cryptography

a) Symmetric Key Cryptography

  • Uses the same key for both encryption and decryption.

  • Fast and efficient for large amounts of data.

  • Examples: AES, DES, 3DES

  • Pros: Simple, fast

  • Cons: Key distribution problem – the sender and receiver must share the key securely

b) Asymmetric Key Cryptography (Public Key Cryptography)

  • Uses two keys: a public key (for encryption) and a private key (for decryption).

  • Examples: RSA, ECC

  • Pros: Solves key distribution problem

  • Cons: Slower than symmetric encryption

c) Hash Functions

  • Converts data into a fixed-size string (hash) that represents the original data.

  • Hashes are one-way, meaning they cannot be reversed to get the original data.

  • Examples: SHA-256, MD5

  • Uses: Password storage, digital signatures, data integrity verification

5. Digital Signatures

  • A way to verify authenticity and integrity of a message.

  • Uses asymmetric cryptography: the sender signs with their private key, and anyone can verify using the sender’s public key.

6. Real-World Analogy

  • Plaintext: Your message

  • Encryption: Locking it in a box

  • Ciphertext: Locked box

  • Key: The key to the box

  • Decryption: Unlocking the box to read the message