/ Technology

The Dummies' Guide to Cryptography

Cryptography is the practice and study of techniques for secure communication in the presence of third parties.
- Wikipedia

Public Key Encryption

Public-key cryptography, or asymmetric cryptography, is any cryptographic system that uses pairs of keys: public keys which are shared widely and private keys which are known only to the owner.
This mechanism accomplishes two functions: authentication, where the public key verifies that a holder of the paired private key sent the message, and encryption, where only the paired private key holder can decrypt the message encrypted with the public key.

How it works?

Let's assume we have email privacy program. We denote public key as lock and private key as the key.

  1. The user creates a lock and the key.

Alice User creates Lock as Public key and Key as Private Key

  1. The User puts the key in the safe and protects it with a password.
  2. The user puts the lock in the lockbox.
  3. The user can encrypt the documents so that only she can read them.
  4. User's friends would like to send her private messages. To do that they need a copy of User's lock.
  5. The user sends them a copy of their lock, and they put them in their lockboxes.
  6. User's friend encrypts his private message with User's lock and sends it to the user.
  7. On receive mail, the user opens the safe with a password, takes the key out and unlocks the mail.

Bob sends private message using Alice's Lock (Public key) and Alice reads message using her Key (Private Key)

  1. The user receives locks from his friends to allow the user to send private messages.
  2. To make it easier for others to send her messages, the user sends her lock to the server.
  3. Now everyone can get the user's lock from the server and write him private messages.
  4. Here's how a lock looks.
-----END PUBLIC KEY-----
  1. Here is how key looks
  1. Here is how an encrypted message looks.
Version: GnuPG v1.4.5 (FreeBSD)
Comment: This is what your message looks like after encryption.


Digital Signatures

A digital signature is a mathematical scheme for presenting the authenticity of digital messages or documents.

A valid digital signature offers:

  1. Authentication:
    Who send it? It gives a recipient reason to believe that a known sender created the message.
  2. Non-Repudiation:
    We can't deny who sent it. The sender cannot deny having sent the message.
  3. Integrity:
    Ensure Message has not tampered and not altered in transit.

How it works?

  1. The user writes the message to his friend.
  2. User hashes the message and then encrypt the hash with his private key forming digital signature and send it to his friend.
  3. User's friend takes User's public key and then decrypt the digital signature, this provides the Message Digest.
  4. User's friend can hash the message that User sent and compare with the Message Digest to authenticate and ensure integrity.

Cryptographic hash function

A cryptographic hash function is a special class of hash function that has certain properties which make it suitable for use in cryptography.
It is a mathematical algorithm that maps data of arbitrary size to a bit string of a fixed size (a hash) and is designed to be a one-way function, that is, a function which is infeasible to invert.

A cryptographic hash function (specifically SHA-1) at work. A small change in the input (in the word "over") drastically changes the output (digest). This effect is the so-called avalanche effect.


Cryptographic Hash Function

The ideal cryptographic hash function:

  1. it is deterministic, so the same message always results in the same hash
  2. it is quick to compute the hash value for any given message
  3. it is infeasible to generate a message from its hash value except by trying all possible messages
  4. a small change to a message should change the hash value so extensively that the new hash value appears uncorrelated with the old hash value
  5. it is infeasible to find two different messages with the same hash value


  1. Pre-image resistance:
    One way function and impossible to determine Message from Hash(Message)

  2. Second pre-image resistance:
    Given a message Message1, infeasible to find message Message2 such that Hash(Message1) = Hash(Message2)

  3. Collision resistance:
    Given any messages Message1 and Message2, infeasible to find Hash functions such that Hash(Message1) = Hash(Message2)

The Dummies' Guide to Cryptography
Share this

Subscribe to Coding Today

Popular queries