Table of Contents
    Home / Definitions / Cryptography
    Definitions 11 min read

    Not all information is meant to be shared. In fact, many types of interaction need privacy in order to take place. For example, would you want a third party intercepting your emails? Or a stranger seeing your bank details when you make an online purchase? 

    If the answer is no, keep reading. In this article we’ll discuss cryptography, from its origins to incredibly complex modern iterations like AES. This essential technology is employed across thousands of use-cases to protect your browsing data, credit card information and corporate information. 

    What is cryptography?

    Cryptography is the use of ciphers (codes) to encrypt information, ensuring it can only be read by the person it was intended for. It is a cornerstone of digital security, found in a multitude of digital industries including banking, telecoms, cybersecurity and the trustless blockchain ecosystem.

    Cryptography, sometimes called cryptology, uses complex algorithms and ciphers to encrypt and decrypt data. Modern examples, such as AES, are considered unbreakable. They would take even a sophisticated computer thousands of years to crack.

    Cryptography systems can be broadly classified into symmetric-key systems that use a single key that both the sender and recipient have, and public-key systems that use two keys, a public key known to everyone and a private key that only the recipient of messages uses.

    Origins of cryptography

    While modern cryptology is firmly rooted in computer science, mathematics and engineering principles, the practice of encoding information is ancient. 

    Ancient Greeks used scytale devices

    As far back as 600BC, Greek leaders used scytale devices (early encryption tools) to send private messages during battle.

    The Roman Empire used ciphers

    Around 50 BC, Julius Caesar developed his own cipher, in which each letter of the Alphabet advanced by three places. In other words, A became D, B became E and so on. This proved to be an effective method of encryption for the times.

    WW11 saw the first secure electronic communication

    During WW11, actress Hedy Lamarr co-developed a type of radio communication that evaded enemy detection, technology that became the precursor for Wifi and Bluetooth.

    1970s saw mass adoption of cryptography

    By the 1970’s, the digital sector was booming and cryptography was being taken seriously by big industry. IBM formed a “crypto group” tasked with developing a block cipher to protect IBM customer data. The solution, the Data Encryption Standard (DES) was adopted as a national data security standard.

    Meanwhile, researchers Whitfield Diffie and Martin Hellman developed a secure method for cryptographic key exchange. This would allow the key for decrypting encoded messages to be shared safely between parties, without being intercepted.

    Present day encryption standards

    Today, the prevailing cryptographic standard is AES, or advanced encryption standard. This relies on each party having both a public and private key, which are linked. This enables data to be decoded without either party sharing their own encryption key, preventing man in the middle attacks. To date, this is considered the gold standard of encryption.

    How does cryptography work exactly?

    Encryption uses ciphers and algorithms to “scramble” sensitive information until it can no longer be read. The scrambled data is known as ciphertext. Different levels of sophistication lead to different degrees of encryption. 

    For example, AES-256 bit encryption (considered to be unbreakable) takes a plaintext message and breaks it into 128 bits of data. In this 128 bit ciphertext, some elements are substituted, and some are permutated (or moved around), introducing enough confusion and randomness to the text that it becomes unrecognizable. 

    After these processes have taken place, only the unique key used to encrypt the original text can be used to decrypt it.

    Why is cryptography important?

    Privacy has always been important to human beings. But with more communications than ever happening online, finding ways to keep digital exchanges private is essential.

    How could you make a purchase online, send a message on WhatsApp or access your internet banking if there was a possibility you were being monitored? 

    And of course, the entire cryptocurrency industry is based on public and private key technology. This is what facilitates trustless transactions between users.

    Here are a few reasons why cryptography is so important.

    Privacy and confidentiality

    An encrypted message carries the assurance that it can only be read by the intended recipient. Without the related key, nobody else can access the information. 

    For example, every time you enter data into a secure webpage, encryption ensures that third parties can’t intercept that data.

    Cybersecurity

    More or less any company that uses digital processes needs to secure its data against hackers. For example, encryption is used to shield companies from brute force and ransomware attacks.

    Attribution and accountability

    Once a message has been encrypted and sent, it carries the sender’s digital signature. This means the sender cannot deny it later on, or claim it to be fraudulent – it is attributed immutably to them.

    Different types of cryptography

    Under the banner of cryptography there are two main subcategories, each with a different approach to encryption keys.

    Symmetric encryption

    The first type is symmetric encryption, sometimes known as secret key encryption. This approach uses just one cipher key for both encrypting and decrypting messages between parties.

    The key is shared securely by the parties in advance of the conversation, generally using the Diffie Hellman algorithmic key exchange method. This enables both sides to encrypt outgoing messages and decrypt incoming ones. The advantage of asymmetric encryption is that it doesn’t require excessive computing power, making it a good option for messaging apps like WhatsApp.

    There are two types of cipher used in symmetric encryption:

    Stream ciphers

    Stream cipher models use their key to encrypt messages bit by bit. In other words, if the plaintext is 50 bits long, the final ciphertext will also be 50 bits long, with each individual bit encrypted by the key. RC4 and Salsa20 are both examples of stream ciphers.

    Block ciphers

    Conversely, block ciphers start by breaking the original plaintext into information “blocks” of a set size. The cipher then encrypts each full block of information. This type of encryption is slower than stream ciphers, but more secure because they can add greater levels of confusion and diffusion to the encrypted text. This makes it more complicated for an attacker to link the encrypted text back to the original plaintext. AES is a good example of encryption using the block ciphers method

    Risks of symmetric encryption

    But of course, it comes with some risk too.

    By relying on one single key, secret key encryption has a single point of failure. If you store your key insecurely, anyone who intercepts it can read the private exchange. They can also insert encrypted messages of their own into the conversation, undetected. 

    Key exchange protocol

    In symmetric encryption, both parties have the secret key in advance. So ensuring the key is exchanged securely is incredibly important.

    Researchers Diffie Hellman developed a protocol for key sharing in symmetric encryption. This algorithm ensures the key itself remains inaccessable to third parties, even as it’s being shared.

    Asymmetric encryption

    As the name suggests, asymmetric encryption (sometimes called public key encryption) is different on either side. The sender and receiver use two different keys for their respective parts of the transaction; one public, the other private.

    The sender uses a public key to locate the receiver and direct the message to them. Meanwhile, the receiver uses a mathematically linked private key to decipher the message once it arrives. 

    In this system, the public key serves as the “address”, while the private key (held only by the receiver) serves as the key to the mailbox. This ensures anyone can send messages over an insecure network, and only the true recipient can read them.  The asymmetric system uses the Rivest-Shamis-Adlemen (RSA) algorithm.

    Is asymmetric encryption secure?

    There is a security advantage to an asymmetric system, because it never requires an individual to share their private key. This minimises the risk of a third party being able to intercept the cipher. 

    Blockchain is a great demonstration of asymmetric encryption in action. Owners receive funds to their blockchain address via their public key. However, they can only access the funds via the private key, which they store securely in a crypto wallet. 

    This system enables value to be sent over an internet connection in complete security.

    Hash functions

    Hash functions are another subcategory of cryptography. However, unlike encrypted information, you cannot decrypt hashed data afterwards. Instead, the point of hashing is to provide stamp of assurance. It garantees the integrity of transmitted data. 

    A hash function can be thought off as a seal on a package or envelope. Its purpose is to show you, the recipient, that the package has not been tampered with. If your hash value doesn’t match the hash on the data, the message must have been intercepted or changed by a third party.

    Each hash value is completely unique, and is the product of the data set it represents. If one single detail in the data set changes, so does the hash. However, the data set cannot be worked out from the hash. 

    So when a message and its hash are sent, the receiver can generate the hash for themselves to check the data hasn’t been tampered with. In this way, the has function can be used to check the integrity of received information.

    What is cryptanalysis?

    Cryptanalysis describes the analysis and decryption codes, ciphers and encrypted information without using the cipher key. The objective of cryptanalysis is to reveal the underlying plaintext of an encryption by applying advanced mathematics and coding knowledge.

    Types of cryptographic risks

    Keeping your cryptographic keys secure is a pivotal question for anyone using encryption to safeguard their information. 

    Weak keys

    A cryptographic key determines the relationship between the plaintext and the final ciphertext. The more remote the relationship – the more diffusion and confusion it contains – the more secure the encryption is. This is because it’s more difficult to calculate the original text from the ciphertext.

    Insecure transfer of keys

    Any time you move your key between different systems, you can protect your cryptographic key by splitting it into shards. These shards cannot be read alone, or used to backward engineer your key. This enables you to transfer your key between systems without the risk of it being exposed.

    Insecurely stored keys

    If you’re using ecnryption to protect your information, your security rests on how you manage your cryptographic keys . Keeping your key private is essential.

    An insecurely stored key enables third parties to access encrypted data. For example, an insecurely stored crypto private key would enable an attacker to access a blockchain address and the data stored there. 

    Your cryptographic key is a single point of failure, so storage needs to be completely secure.

    How to manage the risks of cryptography

    Since cryptography relies on keys, any organization using this technology needs to implement a failsafe key management system. This means utilizing a hardware security module (HSM). A HSM system generates cryptographic keys in a secure environment, and enables only authorized users to access them. This prevents any third party from accessing them, and compromising the security of the whole system.

    Cryptography FAQs

    What different types of cryptography are there?

    The two main categories of cryptography are symmetric and asymmetric encryption. These are alternatively known as secret key and public key encryption.

    What’s an example of cryptography in use?

    Banking applications use AES and RSA encryption to convert transaction data into a scrambled format. This means even if a third party intercepts the information, it will be unreadable.

    What is cryptology?

    Cryptography and cryptology are sometimes used interchangeably. Cryptology is the professional field in which cryptography principles are applied for research and development.

    What is a cryptographer?

    A cryptographer works in the professional field of cryptology. A cryptographer has advanced mathematical, engineering and computer coding knowledge. They apply these disciplines to create new cryptographic ciphers, and crack existing ones.