What is Crptography?
Cryptography is a method of using codes to protect information and communications so that only those who are supposed to read and process it may do so. The prefix "crypt-" denotes "hidden" or "vault," while the suffix "-graphy" denotes "writing."
Cryptography is a term used in computer science to describe secure information and communication systems that use mathematical principles and a series of rule-based calculations known as algorithms to change communications in difficult-to-decipher ways. These deterministic algorithms are used for cryptographic key generation, digital signature, data privacy verification, online surfing, and private communications including credit card transactions and email.
Cryptography and cryptology, as well as cryptanalysis, are closely linked subjects. Techniques such as microdots, combining words with images, and other methods of hiding data in storage or transit are included. However, in today's computer-centric world, cryptography is most commonly linked with scrambling plaintext (regular text, also known as cleartext) into ciphertext (a process known as encryption), then back again (known as decryption). Individuals who practice this field are known as cryptographers.
The following four goals are addressed by modern cryptography:
1. Confidentiality: the information is inaccessible to anybody who was not supposed to receive it.
2. Integrity: the information cannot be tampered with either in storage or in transit between the sender and the intended recipient without being discovered.
3. non-repudiation: the information's creator/sender cannot subsequently reject his or her intentions in creating or transmitting the information.
4. Authentication: the sender and receiver may verify each other's identities as well as the information's origin and destination.
Cryptosystems are procedures and protocols that fulfil some or all of the above criteria. Cryptosystems are frequently assumed to refer primarily to mathematical methods and computer programmes; nevertheless, they also incorporate human behaviour regulation, such as selecting difficult-to-guess passwords, turning off unneeded systems, and not discussing sensitive operations with outsiders.
Cryptosystems encrypt and decode data using a set of techniques known as cryptographic algorithms, or cyphers, to provide secure communications between computer systems, devices, and applications. One method is used for encryption, another for message authentication, and still another for key exchange in a cypher suite. Public and private keys are generated for data encryption and decryption, digital signature and verification for message authentication, and key exchange are all part of this process, which is incorporated in protocols and written in software that runs on operating systems and networked computer systems.
Attackers can get around cryptography by hacking into systems that handle data encryption and decryption, and exploiting flaws such the usage of default keys. Cryptography, on the other hand, makes it more difficult for attackers to get access to communications and data secured by encryption methods.
What problems does cryptography solve?
Data confidentiality, integrity, and availability, as well as authenticity and non-repudiation, should all be guaranteed by a secure system. Cryptography, when applied effectively, can assist give these assurances. Both data in transit and data at rest may be kept secret and secure using cryptography. It can also defend against repudiation by authenticating senders and receivers.
Numerous endpoints, often multiple clients, and one or more back-end servers are common in software systems. These client/server exchanges take happen via unreliable networks. Communication takes place across open, public networks like the Internet, as well as private networks that can be hacked by outside attackers or bad insiders.
It can secure messages that pass via untrustworthy networks. An adversary may attempt to carry out one of two types of assaults on a network. An attacker using passive assaults simply listens on a network segment and tries to read sensitive data as it passes. Online passive attacks (in which an attacker reads traffic in real time) and offline passive attacks (in which an attacker merely collects traffic in real time and examines it afterwards) are both possible— maybe after decrypting it for a while). An attacker impersonates a client or server, intercepts messages in transit, and views and/or modifies the contents before sending them on to their intended destination in an active attack (or dropping them entirely).