Cryptography
Cryptography is the science and practice of altering data to make it unintelligible to unauthorized parties.
- literally means “secret writing”
- does not matter if third parties know of the existence and location of the secret
- can never understand what it is without the means to decode it
- opposite of security through obscurity
- means keeping something a secret by hiding it
- considered impossible (or at least high risk) on a computer system
Terminology
- Cryptography refers specifically to the use and practice of cryptographic techniques.
- Cryptanalysis refers to the study of vulnerabilities (theoretical or practical) in cryptographic algorithms and systems and the use of exploits against those vulnerabilities to break such systems
- Cryptology refers to the combined study of cryptography (secret writing) and cryptanalysis.
- Cryptolinguistics refers to translating between human languages to produce useful information, insight, or actionable intelligence (has little to do with cryptography)
- Plaintext is unencrypted message/data.
- aka cleartext
- Ciphertext is encrypted message/data.
- Algorithm is the operations performed to encrypt and decrypt data.
- aka cipher
Types
- two types of cryptographic cipher or algorithm:
- Encryption
- converts a human-readable plaintext into ciphertext
- further broken down into symmetric and asymmetric encryption
- Cryptographic Hash
- converts a variable length string into a fixed-length hash
- cannot be converted back to plaintext
- can prove integrity of data
- Encryption
Uses
- different cryptographic solutions are used to protect each data state
Discussing Cryptographic Examples
- it is customary to use a cast of characters to describe different actors involved in the process of an attack against encryption systems:
- Alice
- sender of a genuine message
- Bob
- intended recipient of the message
- Mallory
- a malicious attack attempting to subvert the message
- Alice