The first known evidence of the use of cryptography (in some form) was found in an inscription carved around 1900 BC, in the main chamber of the tomb of the nobleman Khnumhotep II, in Egypt and without asymmetric encryption, the Internet as we know it would not exist, period. Follow along and check 18 Most Common Cryptography Interview Questions You'll Be Asked On Your Next Developer and Cyber Security Engineer Interview.
Data encryption translates data into another form, or code, so that only people with access to a secret key (formally called a decryption key) or password can read it. Encrypted data is commonly referred to as ciphertext, while unencrypted data is called plaintext.
In cryptography a key is a piece of information used in combination with an algorithm (a cipher) to transform plaintext into ciphertext (encryption) and vice versa (decryption).
A cipher can be reciprocal if it is used for both encryption and decryption, or non-reciprocal if a transformation to the key is required when using it in reverse.
Hash Functions provide a mapping between an arbitrary length input, and a (usually) fixed length (or smaller length) output. A hash function could be considered the same as baking a loaf of bread. You start out with inputs (flour, water, yeast, etc...) and after applying the hash function (mixing + baking), you end up with an output: a loaf of bread.
Going the other way is extraordinarily difficult - you can't really separate the bread back into flour, water, yeast - some of that was lost during the baking process, and you can never tell exactly how much water or flour or yeast was used for a particular loaf, because that information was destroyed by the hashing function (aka the oven).
Many different variants of inputs will theoretically produce identical loaves (e.g. 2 cups of water and 1 tsbp of yeast produce exactly the same loaf as 2.1 cups of water and 0.9tsbp of yeast), but given one of those loaves, you can't tell exactly what combo of inputs produced it.
Encryption Functions provide a 1:1 mapping between an arbitrary length input and output. And they are always reversible. The important thing to note is that it's reversible using some method. And it's always 1:1 for a given key. Encryption could be viewed as a safe deposit box. Whatever you put in there comes back out, as long as you possess the key with which it was locked up in the first place. It's a symmetric operation. Given a key and some input, you get a certain output. Given that output, and the same key, you'll get back the original input. It's a 1:1 mapping.
Confusion means that each binary digit (bit) of the ciphertext should depend on several parts of the key, obscuring the connections between the two. The property of confusion hides the relationship between the ciphertext and the key. This property makes it difficult to find the key from the ciphertext and if a single bit in a key is changed, the calculation of the values of most or all of the bits in the ciphertext will be affected. Confusion increases the ambiguity of ciphertext and it is used by both block and stream ciphers.
Diffusion means that if we change a single bit of the plaintext, then (statistically) half of the bits in the ciphertext should change, and similarly, if we change one bit of the ciphertext, then approximately one half of the plaintext bits should change.2 Since a bit can have only two states, when they are all re-evaluated and changed from one seemingly random position to another, half of the bits will have changed state. The idea of diffusion is to hide the relationship between the ciphertext and the plain text. This will make it hard for an attacker who tries to find out the plain text and it increases the redundancy of plain text by spreading it across the rows and columns; it is achieved through transposition of algorithm and it is used by block ciphers only.
These two properties help to ensure that extracting the key from plaintext-ciphertext pairs is difficult or infeasible.
Symmetric Encryption is the simplest kind of encryption that involves only one secret key to cipher and decipher information. Symmetric encryption is an old and best-known technique. It uses a secret key that can either be a number, a word or a string of random letters. It is a blended with the plain text of a message to change the content in a particular way. The sender and the recipient should know the secret key that is used to encrypt and decrypt all the messages. Blowfish, AES, RC4, DES, RC5, and RC6 are examples of symmetric encryption. The most widely used symmetric algorithm is AES-128, AES-192, and AES-256.
The main disadvantage of the symmetric key encryption is that all parties involved have to exchange the key used to encrypt the data before they can decrypt it.
To use asymmetric encryption, there must be a way of discovering public keys. One typical technique is using digital certificates in a client-server model of communication. A certificate is a package of information that identifies a user and a server. It contains information such as an organization’s name, the organization that issued the certificate, the users’ email address and country, and users public key.
When a server and a client require a secure encrypted communication, they send a query over the network to the other party, which sends back a copy of the certificate. The other party’s public key can be extracted from the certificate. A certificate can also be used to uniquely identify the holder.
A simple Caesar cipher transforms each letter of a plaintext message by shifting it a set number of places in a set direction along the basic 26 character Latin alphabet. The encryption and decryption here is not reciprocal as the key must be transformed (-3 to +3) to alter the direction of the shift when moving between encryption and decryption.
ROT13 (rotate 13) is a specific implementation of the Caesar cipher where the shift is 13 places. Due to the basic Latin alphabet being 26 characters long this means that the direction of the shift does not matter, the result is the same in either direction. They key (13) can be used without transformation.
The advantage of Asymmetric encryption is that it does not force the user to share (secret) keys as symmetric encryption does, therefore removing the necessity of key distribution and 3-rd party/communication channel risk. Asymmetric encryption supports digital signing (via Digital Certificates) which authenticates the recipient identity and make sure that message is not tampered in transit.
The cons of Asymmetric encryption are that it is time-intensive and it requires considerably more effort. Furthermore, you can send encrypted message only if the other person has created key pairs which means the other person must be knowledgeable. Finally, if you lose your private key – you will lose it forever. The private key is irrecoverable which could create a whole series of new problems to deal with.
The important part is what they do and how they do it:
MD5 and SHA are hash functions (SHA is actually a family of hash functions) - they take a piece of data, compact it and create a suitably unique output that is very hard to emulate with a different piece of data. They don't encrypt anything - you can't take MD5 or SHA output and "unhash" it to get back to your starting point. The difference between the two lies in what algorithm they use to create the hash. Also note that MD5 is now broken as a way was discovered to easily generate collisions and should not be used nor trusted anymore.
RSA is an assymetric encryption algorithm. You have two keys (private and public) and you can perform a function with one key (encrypt or decrypt) and reverse with the other key. Which key you use depends on whether you are trying to do a digital signature or an encryption.
Asymmetric encryption is also known as public key cryptography, which is a relatively new method, compared to symmetric encryption. Asymmetric encryption uses two keys to encrypt a plain text.
The public key and the private key are not the same thing but they are related. You create your message then encrypt it with the recipient’s public key. After that, if the recipient wants to decrypt your message he/she would have to do it with his/her private key.
Asymmetric encryption is mostly used in day-to-day communication channels, especially over the Internet. Popular asymmetric key encryption algorithm includes EIGamal, RSA, DSA, Elliptic curve techniques, PKCS.
Block Cipher and Stream Cipher are the methods used for converting the plain text into cipher text directly and belong to the family of symmetric key ciphers.
The major difference between a block cipher and a stream cipher is that the block cipher encrypts and decrypts a block of the text at a time. On the other hand, stream cipher encrypts and decrypts the text by taking the one byte of the text at a time.
Ok, most of us communicate most of the time with people we already know. Let's say, Alice and Bob probably have physical contact, too. Symmetric encryption therefore is appropriate and simpler than asymmetric – one key instead of four for Alice and Bob. But how do you share the secret key? You tell them in person, read it over the phone, use a One Time Secret or Diffie-Hellman. Why not to use symmetric encryption? Have I missed something?
Arguments to mention:
It's 21 century. You talk to machines more often than you talk to persons. In particular every time you visit an "https://" Web site. How would you, precisely, read a key over the phone with a server to keep it secret from 3-rd party? Public key will help in that case.
Let's imagine you have 1000 friends. If you talk to 1000 persons and use pre-shared symmetric keys, then you have to remember 1000 secret keys. Secret key storage can be hard. With asymmetric encryption you just have to remember only public keys, and that is easy because public keys are public, so they can be "remembered" by being published somewhere, where everybody can see them.
Another example. Suppose you have a symmetric key K. Alice, Bob, and Eve share this key K so that they can all trade encrypted messages. However, Eve gives a copy of K to Mallory (who has malicious intent) without telling anyone. Now the entire network has been compromised, and Mallory can send and read messages as any other member.
If instead, Alice, Bob, and Eve each had their own private keys A, B and E respectively (with public keys A+, B+ and E+), then when Mallory gets ahold of E, all she can do is read messages intended for Eve, and send messages that it looks like Eve encrypted. We go from a situation in which Eve has compromised the entire network, to a situation where Eve's poor choice only affects messages to/from her.
Even if Alice and Bob could have key K1, Bob and Eve could have key K2, Alice and Eve can have key K3. Then if Mallory gets K3, she can still only intercept Alice/Eve communication, nothing else. Group messages can be handled by sending copies encrypted separately. However, then you have to keep track of n private keys instead of (n-1) public keys and 1 private.
Rust has been Stack Overflow’s most loved language for four years in a row and emerged as a compelling language choice for both backend and system developers, offering a unique combination of memory safety, performance, concurrency without Data races...
Clean Architecture provides a clear and modular structure for building software systems, separating business rules from implementation details. It promotes maintainability by allowing for easier updates and changes to specific components without affe...
Azure Service Bus is a crucial component for Azure cloud developers as it provides reliable and scalable messaging capabilities. It enables decoupled communication between different components of a distributed system, promoting flexibility and resili...