Cybersecurity depends on people's knowledge about phishing and how to avoid it - this is best learned through awareness training. But there are also some technical aspects that come into play if you want to ensure a good and secure transfer of confidential messages.
This is where cryptography comes in. It disguises plain text so that unauthorized persons cannot read the messages - learn more below:
The secret language of the cyber world
Cryptography is one of the core elements of cryptology. Cryptography is used to secure data and to transmit it securely so that only authorized sources can read and understand the information being sent.
The encryption process encodes, or scrambles, the original message using crypto-mathematical concepts and calculations based on specific rules - these are algorithms to protect the data from malware and cyber-attacks.
The word comes from the Greek "kryptos", which means secret or hidden. So the rough translation of cryptography is secret writing. Cryptology, from which cryptography derives, is the science of reading codes or ancient texts, such as hieroglyphics or runes - as well as decoding and understanding them.
Data encryption is one of the most important tools for secure communication and secure networks and infrastructures. Cryptography follows the core messages of information security, thus ensuring that unauthorized parties cannot access the confidential data.
Cryptography is essential in cybersecurity as it encrypts the data that hackers are after. It can be anything between:
- Web browsers
- Personal data
- Card details
... that cryptography secures and keeps secret from unauthorized persons.
How does cryptography work?
To understand cryptography, it is easiest to set the scene with one of the first examples of the use of secret languages; the Caesar Cipher. The Roman Emperor Julius Caesar invented a coding language he could use to pass confidential messages to his commanders and allies.
The Caesar cipher works by changing the order of the alphabetic letters - you slide the alphabet x number of times, so that:
- A corresponds to C
- B corresponds to E
- C corresponds to F
That way, all that was required was that the recipient of the message had a record of the alphabet and how many times it has been moved in order to decrypt the message.
Nowadays, the Caesar code is one of the first things that, e.g, scouts learn - they learn it as the A-to-K code, where the first letter of the encrypted alphabet is K, so:
- A = K
- B = L
- C = M
- D = N etc.
The above example is an old-fashioned but highly effective form of encryption - today, encryption is a little different.
Modern cryptography consists of various combinations of advanced mathematical equations, computer technology, communication and engineering processes. Computers are so advanced now that they can perform many different encryption methods, ensuring that only the rightful recipients can read the message.
The sender writes the message in plain text form. The computer converts the text into a cipher text using encryption algorithms - these algorithms create an encryption key. The key turns the encrypted text back into plain text as soon as the right recipient receives the message.
Cryptographic algorithms (or codes) play a major role in data security as they are used to generate encryption keys and digital signatures; they help secure transactions, secure websites and authenticate messages.
Protection of data transfers
There are three different types of encryption used to protect data transmission:
In this type of encryption, the sender and receiver have the same private key to encrypt and decrypt messages. Without the key, as is the case for hackers, it is almost impossible to read the message or decrypt the code. This method is also called a "secret key" or a "private key", as it is a single key that is used in the encryption process.
The disadvantage of symmetric encryption is that if the one shared encryption key is compromised, the whole system is compromised.
Unlike symmetric encryption, asymmetric encryption consists of two different keys - a private key and a public key. Public key encryption, as the name suggests, uses a public key to encrypt a message, where the private key only decrypts it.
To visualize the public key can be thought of as the key to your mailbox. The key opens the mailbox enough for mail to come through the letterbox, and you can share the public key with anyone who can send you mail. But only you, with the private key, can open the mailbox and read the mail you have received.
The sender who wants to share a message with you can use the public key to encrypt the message. You can decode it with your private key.
Hash functions use a one-way encryption system built up of algorithms, also known as hash values. Hash values encrypt plain text into encrypted text, and once you have encrypted the text, you cannot decrypt it back into plain text. For every hash function that exists, no two hash values are the same - just like our fingerprints.
The hash algorithms ensure confidentiality and data integrity. For example, if you receive a message and its associated hash, the hash algorithms can be used to verify the message. If the hash values do not match what was sent, it means that a third party has interfered - and most likely compromised the text.
Cryptography in cybersecurity
Computers are constantly communicating with each other via direct connections - this creates a demand for good data security.
You can see the use of cryptography in e-commerce, banking systems, military communications, and general user-to-user communications. By using data encryption, you can ensure the following:
- Confidentiality. Unauthorized persons cannot read or access the data.
- Integrity. You are reassured that third parties have not changed the message in transit.
- Authentication and verification. It validates the source where the message comes from.
- Non-repudiation. Undeniable evidence that the message is authentic and not compromised.
So, using cryptography allows you to secure your messages - both so that no one else can read them, but it also makes it less attractive for hackers to try to steal the messages, as it is close to impossible to decode them without an encryption key.
In principle, even the best machines and hackers cannot decode the strongest encrypted files and messages. That's why it's a good thing to keep in mind when checking your cybersecurity - cryptography certainly helps to make it very difficult for hackers to figure out.
Caroline is a copywriter here at Moxso beside her education. She is doing her Master's in English and specializes in translation and the psychology of language. Both fields deal with communication between people and how to create a common understanding - these elements are incorporated into the copywriting work she does here at Moxso.