If you’ve started to get into the world of VPNs, or you’re worried about the surveillance state, there’s a good chance that cryptography has appeared on your radar. But what is cryptography, and why is it so important? This quick guide to cryptography for beginners will lay the groundwork for a full understanding of this essential security tool.
A quick history on what is cryptography
Let’s start with a definition.
Cryptography is a) the scientific study of ways to transmit information in forms that are not susceptible to interception and decoding or b) the study of ways to break encrypted codes. Encryption is the most common modern form of cryptographic tool, and it’s widely used to protect corporate data, secure web pages, and create VPN tunnels.
However, cryptographic practices are much, much older. Scribes in Ancient Egypt are known to have used ciphers to “encrypt” papyrus scrolls, ensuring that the knowledge contained within them remained known only to elite scholars.
In the medieval Arab world, cryptography really took off. Scholars like Al-Kindi published seminal works about how to create and crack ciphers. Methods like frequency analysis which he pioneered remain key parts of the cryptographic toolkit.
After 1800, European military organizations started to develop cryptographic techniques to run vast armies and navies. In World War I, nations competed to perfect code-breaking techniques, culminating in the famous Enigma code-breaking effort during World War II.
Dramatized in the 2014 movie “The Imitation Game,” this path-breaking research effort sought successfully to break the Germans’ seemingly unbreakable Enigma cipher. By developing primitive computers and adopting new forms of analysis that had never before been implemented, cryptographers laid the basis for today’s massive crypto-industry.
Since then, algorithms have become all-important, and the “keys” used to construct codes have become longer (and hence harder to crack). As we’ll see, this has huge implications for personal security and the wider economy.
Cryptography 101: how are ciphers constructed?
Ciphers are the tools used to turn ordinary text into encrypted, secure text. As such, understanding how they work is crucial to learning cryptography for beginners. So let’s look at them in more detail.
In their simplest form, ciphers simply involve exchanging the letters in a message for an alternative, where the choice of letters is governed by a cryptographic table.
For instance, the message “I AM HERE” could become “K CO JGTG.” In this case, the cipher has merely moved the letters two notches forward along the alphabet. That’s a very, very weak form of encryption, but even the most complex modern ciphers use related techniques or “cryptographic primitives.”
The difference is that modern encryption uses what are known as “keys” to encode information.
Understanding the difference between asymmetric and symmetric cryptography
The keys used in modern ciphers tend to fall into two categories: asymmetric and symmetric.
- Symmetric – often thought of as the simpler of the two types. In symmetric encryption, both the sender and the recipient of encrypted messages will possess the same key. When this key is applied to the encrypted text via a certain algorithm, it unscrambles the text, restoring the original meaning. If you regularly use VPNs, you’ll have come across forms of symmetric encryption such as AES-128 and AES-256.
- Asymmetric – also known a “public key” cryptography. In asymmetric encryption, two different keys are required. One of these is distributed to all users of an encrypted network (hence it’s called the “public key”). The other is specific to individual users and is known as the “private key.”
Both asymmetric and symmetric encryption have their uses. In fact, the internet could hardly exist without them. While symmetric cryptography remains a common solution for data encryption, asymmetric ciphers are routinely used to encrypt the private keys used in symmetric encryption. They are also used to secure HTTPS:// domains, so you’ll almost certainly have used them.
Are there other forms of cryptography to know about?
Asymmetric and symmetric ciphers aren’t the only forms of digital cryptography for beginners to understand. Hashing is another term that you may have come across, and it’s becoming increasingly important to online security.
In hashing, cryptography isn’t used to prevent people from reading confidential documents. It’s usually employed as an authentication device, especially for files being bought and downloaded from commercial repositories.
In this type of encryption, a “hash” (encoded message) will be included with the software. Unless this matches with a hash provided by the software publisher when you boot it up, access will be denied. A similar mechanism is used to authenticate Bitcoin transactions, ensuring that only legitimate transactions appear on the Blockchain.
Why is cryptography so important to the modern internet?
Cryptography is a fundamental aspect of almost everything we do online. Even if you aren’t aware of it, you’ve probably used a variety of encrypted tools and read encrypted data before arriving at this guide to cryptography for beginners.
For example, we’ve already seen that hashes are a key tool for copyright holders who need to ensure that only legitimate buyers of their products can use them.
But encryption is also part of an even more important authentication function: SSL. SSL (Secure Sockets Layer) is the system which protects traffic as it passes around the World Wide Web. Using secure hashing algorithms, it authenticates web users, so computers know what data should be exchanged, and where it should be sent. Without it, criminals would find it incredibly easy to interpose themselves and steal data as it passes over the net.
Businesses also use encryption to prove that customers have taken certain actions. This helps them resolve disputes, and claim revenues at a later date. For instance, in banking, this is known as “nonrepudiation,” where each transaction is authenticated by a unique key.
How encryption keeps everyone safe online
However, the most important aspect of encryption isn’t as a way to ensure that big banks make billions. It lies in the way that encryption protects ordinary people as they use the web.
One way this happens is integrity checks. By applying a secure hash, users can ensure that any message or file they send via the web hasn’t been interfered with by hackers or surveillance agencies.
More fundamentally, encryption plays a key role in online privacy. Email accounts can be encrypted, allowing only authenticated contacts to read your messages. And VPNs (Virtual Private Networks) rely on AES encryption to shield everything users do online – keeping their activity totally private.
Can encryption be decoded?
Finally, you’ll probably want to know about the flip-side to encryption: deciphering, or cracking cryptographic codes. No code is infallible (as the Nazis eventually discovered), and that includes the asymmetric or symmetric ciphers we rely on online.
If people want to hack these codes, they can “brute force” them. This essentially involves using huge amounts of processing power to try vast permutations of possible keys. As AES-256 has a number of possible combinations which stretches to 78 digits – that’s a huge amount of processing.
Older ciphers have been hacked in this way, but AES-256 and its relatives haven’t yet been decoded. It will happen when computers become fast enough. And then we’ll have a problem. But right now as far as cryptography for beginners is concerned, we’ve reached a point where, if you use cutting-edge encryption, your communications are secure.