DEV Community

Cover image for Cryptography and Ciphers explained
Hargunbeer Singh
Hargunbeer Singh

Posted on

Cryptography and Ciphers explained

Preface

Do you know what is used in emails, messages and video chats for privacy? Do you know what is used as the underlying structure of the blockchain which is powering cryptocurrency? It is Cryptography.

Introduction

A cipher is an algorithm that can encode plaintext into unreadable text, and to decode the unreadable text back into readable text. For a specific text, you will have to use the same cipher for encoding and decoding of the text. They are used for safe information transfers.

Table of Contents

History

Ciphers were used long before the information age, like the substitution cipher, whose decoding was done by substituting letters following a certain pattern. The pattern was chosen by the encoder. Transposition cipher was also used before the information age, to decode a string encoded with transposition cipher, one had to shift the positions of letters. None of the old ciphers were cryptographically secure except for the one-time pad(now called One Time Password) cipher. It is a single-use pre-shared key used to decode the messages, it is nowadays used in authentication(see CRA)

Types of Cryptography

There are two types of cryptography - symmetric key cryptography and asymmetric key cryptography.

Symmetric Key cryptography

Symmetric-key algorithms are algorithms for cryptography that use the same encryption keys for both the encryption of plaintext and the decryption of corresponding ciphertext. Symmetric-key algorithms use stream ciphers or block ciphers.

Uses

  • Used in HTTPS protocol
  • Payment/Banking Applications to authenticate transactions
  • used in data centres and servers to encrypt the data which is at rest

Advantages

  • Faster than asymmetric-key cryptography because there is only one key in play
  • Better performance because of less calculations being performed.
  • As they are quicker, they are optimized for handling large amounts of data.
  • Easier to set-up and implement.

Block Ciphers

They are encryption algorithms that take an input message and a key to generate a new encrypted cipher text, and then it uses the cipher text and the same key to decrypt the message. It encrypts blocks of data of fixed size at a time. The size of the block depends on the size of the key. The data to be encrypted is divided into blocks of equal size.


The encryption and the decryption algorithm accept two inputs - an input of size n bits and a key of size k bits; and returns a n-bit output. The decryption algorithm is the inverse function to encryption: decryption = encryption^(-1). Block cipher encryptions are just permuntations of the plain text by the key. Eac key selects one permutation from the set of 2^k permutations. There are infinite number of permutations/keys.


We do not encrypt the data using 100s of keys because that is very expensive and time-consuming. Block Ciphers are very safe for secure data transfers, they are also used in cryptographic protocols. Popular block ciphers are AES, DES and 3DES. Block ciphers are slower but they are more secure and are the industry standard. The process of encryption using block ciphers is as follows:

each block --> corresponding encryption key --> corresponding encryption block --> combined binary text --> decimal or hexadecimal cipher
Enter fullscreen mode Exit fullscreen mode

Stream Cipher

Stream cipher is a type of cipher that encrypts one bit at a time. It is a quicker format of encryption considering that it does not have to encrypt large blocks at a time. In stream ciphers, data is converted to binary digits and encrypted sequentially, each binary digit is encrypted one after other. Popular stream cipher algorithms include RC4 and Salsa20. The process of encrypting data using stream cipher is as follows:

plain text --> binary data --> algorithmic function(f(x)) using random encryption key --> decimal or hexadecimal data(ciphertext)
Enter fullscreen mode Exit fullscreen mode

Asymmetric Key Cryptography

Asymmetric-key algorithms are algorithms for cryptography that use different keys for encryption and decryption of data. It follows the concept of public keys(known to everyone) and private keys(known to nobody except the owner).


Using this type of cryptography, the sender first encrypts the original text using a public key, and then sends the encrypted text to the receiver. The receiver decrypts the cipher using his private key. The public key can be shared with anyone who wants to send you a message, whereas the private key should not be shared with anybody.


In asymmetric-key cryptography, unlike symmetric-key cryptography, the sender does not need to send the key to the receiver. Asymmetric-key cryptography resolves the risk of key sharing in a dangerous network in which the third party can intercept the key.


It is impossible to create duplicate keys as the private and public keys are mathematically connected.
Popular assymetric-key cryptography algorithms include RSA and DSA

Uses

  • Used in SSH protocol
  • Used in mailing protocols like iMap
  • Used in blockchain
  • Used in digital signatures to maintain the authenticity of documents
  • Used for sharing keys for symmetric key cryptography

RSA

It is the most widely used Assymetric algorithm. It is named after its founders - Ron Rivest, Adi Shamir and Leonard Adleman. It uses block ciphers to obsure the data. It is used on the web by VPNs, emails and GitHub.

Example

Emails use Assymetric-key cryptography, our email address is the public key, which is available publicly to everybody, whereas the credentials to log into our email are private, using which only the owner of the mail can read the mails.

Advantages

  • No need of any reliable key sharing channel, it was a risk in symmetric key cryptography
  • Longer keys which increase the security, like 2048 bit keys and 4096 bit keys
  • Used for proof of authenticity of the owner as he only possesses the private key.
  • If a third party modifies the ciphertext generated by the public key, the private key would not be able to decrypt the text and even if it does, it would be easy to identify the discrepancy.

Top comments (0)