Everyone has secrets; some have more than others. When it becomes necessary to transmit those secrets from one point to another, it’s important to protect the information while it’s in transit.
Cryptography presents various methods for taking legible, readable data, and transforming it into unreadable data for the purpose of secure transmission, and then using a key to transform it back into readable data when it reaches its destination.
Predating computers by thousands of years, cryptography has its roots in basic transposition ciphers, which assigns each letter of the alphabet a particular value. A simple example is to assign each letter a progressively higher number, where A=1, B=2, and so forth. Using this formula for example, the word “wiseGEEK”, once encrypted, would read “23 9 19 5 7 5 5 11”. During World War Two, machines were invented that made the ciphers more complicated and difficult to break, and today, computers have made cryptography even stronger still.
The Secure Sockets Layer (SSL) is a common encryption protocol used in e-commerce. When you make a purchase over the Internet, this is the technology the merchant uses to make sure you can safely transmit your credit card information. Using this protocol, your computer and the online merchant’s computer agree to create a type of private “tunnel” through the public Internet. This process is called the “handshake.” When you see a URL in your Web browser that starts with “https” instead of “http”, it is a secure connection that is using SSL.
Some methods of cryptography used a “secret key” to allow the recipient to decrypt the message. The most common secret key cryptosystem is the Data Encryption Standard (DES), or the more secure Triple-DES which encrypts the data three times.
More common are systems that use a public key cryptography system, such as the Diffie-Hellman key agreement protocol. This system uses two keys that work together; a public one, which anyone can access, and a private one, which is kept secret by the party receiving the data. When you want to send a secure message to someone, you encrypt that message using the recipient’s public key. But once encrypted, the recipient must use his or her private key to decrypt it.
The goal of cryptography extends beyond merely making data unreadable, it also extends into user authentication, that is, providing the recipient with assurance that the encrypted message originated from a trusted source. Hash functions are sometimes used in conjunction with private key or public key cryptography. This is a type of one-way encryption, which applies an algorithm to a message, such that the message itself cannot be recovered. Unlike key-based cryptography, the goal of the hash function is not to encrypt data for later decryption, but to create a sort of digital fingerprint of a message. The value derived from applying the hash function can be re-calculated at the receiving end, to ensure that the message has not been tampered with during transit. Then, key-based cryptography is applied to decipher the message.