Cryptography Explained

Cryptography Explained

Though cryptography has existed for a considerable time, its importance has dramatically increased in modern times. The rise of global connectivity has led to an unprecedented demand for secure communication and data protection. Cryptography now serves as a linchpin in cybersecurity, crucial for shielding sensitive information from unauthorized access and malicious intent.

In this post, let’s explore the foundational concepts, principles, and cryptography terminology. This post lays the groundwork for what cryptography is at its core.

What is Cryptography?

In technical terms, cryptography refers to the practice and study of techniques for securing communication and data by encoding it in a manner that only authorized parties can access and understand. The term originates from the Greek words “Krypto,” meaning conceal or hidden, and “graphy,” referring to drawing, writing, or recording. Essentially, cryptography can be understood as the art and science of concealing and securing information through various methods of encoding and decoding. When it comes to Cybersecurity we can think of it as the art of concealing information.

Example of Cryptography

Throughout this post, we will hide or conceal the word “secret”. We are concealing it into a code. In the below figure, we conceal the word SECRET as a coded message VHFUHW.

Image showing SECRET encrypted to VHFUHW

What is a Cryptographer?

A “cryptographer” refers to an individual tasked with either crafting or deciphering coded messages.

What is Plain Text?

“Plain text” denotes the original message before encryption. The figure below shows the portion that is considered to be plain text.

Image shows what is plain text

What is Cipher Text?

A “cipher text” represents the message after encryption. The yellow box in the figure below shows what we consider the cipher text.

Image shows cipher text

What is Encryption?

The process of transforming plain text into cipher text is termed “encryption.” In the figure below, the yellow box highlights the arrow which represents the process of turning plain text into cipher text.

Image highlights arrow showing encryption

What is Decryption?

Decryption is when we take the cipher text and convert it back to plain text. Notice in the figure below, that the arrow now is reversed. This denotes the process of reversing the encryption that happened in our last step.

Arrow points other direction representing decryption

What is a Cipher?

A cipher is just the process or algorithm that’s used to encrypt a message or decrypt a message. It is the process that it goes through, and there are a lot of different ciphers out there. AES, DES, and RSA are examples of ciphers that can be used to encrypt and decrypt messages.

image shows encryption is done using a cipher

Ciphers are a specific type of algorithm, the algorithms that are used to encrypt and decrypt messages.

What is an Algorithm?

In technical terms, an algorithm is a systematic procedure or set of instructions designed to solve a specific computational problem or perform a particular task. It involves taking an input, processing it through a defined sequence of steps, and producing an output. In essence, an algorithm encapsulates the logical and computational steps necessary to address a problem or achieve a desired result.

Example: here is the process defined in our cipher/algorithm:

  1. Start with the first letter. Our first letter is S and we look it up on the chart.
  2. The corresponding letter to S is V in our chart. Substitute the letter with the new letter.
  3. Repeat steps one and two for each of the letters of the plain text. E becomes an H, C becomes an F, and so on.

SECRET = VHFUHW

A B C D E F G J K L M N O P Q R S T U V W X Y Z
D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

 

instructions on how the Caeser Cipher works

This specific Cipher is known as the Ceasar Cipher because it was used by Julius Caesar around 58 BC, this is an old and simplistic way to encrypt and decrypt messages. 

What is Cryptanalysis?

Cryptanalysis is the art of reverse engineering or decrypting things without knowing all the variables that go into it. In our example. Someone may figure out that our cipher text (VHFUHW) translates to SECRET when decoded without any table or prior knowledge of how it was encrypted to begin with.

A common trick to cryptanalysis is to look for repeated letters. The letter E is one of the most common letters in the English alphabet. If you see a repeated pattern, you could try substituting E’s for the most repeated letters. In our example, someone might guess that H’s has a high probability of being an E because of both the frequency of use and position in the cipher text. This assumption would be correct.

Someone may then try to create a decoding table shown above by shifting all letters to 3 positions. They could then use the table to decode the rest of the letters, which would also prove to be correct.

As you can see, this simple Caesar Cipher could be easily reverse-engineered, making it a poor cipher. We call this a weak cipher.

What is a Cipher Key?

A key is additional information that you need, along with the cipher, in order to encode or decode a secret message.

As you can see in our cryptanalysis description, a simple Caesar Cipher is easily discovered nowadays. We can make this a little more complex so it will be harder to break. For instance, maybe this time when you receive a message, it’s shifting the alphabet by 3 but maybe next time it’s going to be by 6, and maybe the time after that it’s going to be by 9. By shifting the letters a different amount every time, you’ve increased the complexity. Of course, you’ll need to know how many characters you need to shift the alphabet by, and that’s where the key comes into play.

image shows a cipher key of 8

Essentially, a cipher key allows us to create more secure encryption even if someone knows the cipher that we are using. Modern cryptography requires the use of keys since the cipher algorithms are well-documented and known by many.

What is Substitution?

What we are doing here is a type of cryptography that is called substitution. We are substituting our letters for different letters. It doesn’t have to be other letters, it could be numbers, symbols, or other representations as well. 

What is Transposition?

Transposition is another way that we can encrypt a message and we do that by shifting the letters rather than substituting them. Here is an example:

SECRET = ESRCTE

illustration of transposition

In the example, we’ve moved the 1st, 3rd, and 5th letters over one to create our cipher text.

Want to know more? Check our full module on encryption on our YouTube Channel:

Foundations of Cybersecurity, Module 6: Cryptography

We release new content often through our YouTube channel and our Newsletters.

Subscribe to our YouTube channel!

Sign up for our newsletter!

 LinkedIn | Facebook | X | Instagram

Stellar Leadership: A Technical Dive into Building Strong Leaders

Stellar Leadership: A Technical Dive into Building Strong Leaders

In today’s dynamic and competitive tech landscape, effective leadership stands as the cornerstone of success for any team. The upcoming in-person event, “Stellar Leadership: The Journey of a Strong Leader,” in Portland at The Melody Center offers tech managers or those looking to level up their careers, a comprehensive toolkit to elevate their leadership skills and drive their teams towards stronger performance and success.

Unraveling the Fabric of Great Leadership:

At the core of this workshop lies a deep dive into the essence of leadership. We will embark on a journey to define what constitutes great leadership in the realm of IT management. Drawing upon real-world examples and empirical research, attendees will gain insights into the fundamental characteristics that distinguish exceptional leaders from the rest.

Deciphering Impactful Leadership Traits:

In a world inundated with diverse leadership styles, it becomes imperative to discern the traits that wield the greatest influence on team performance. Through rigorous analysis and discussion, we will identify the primary leadership traits that have a direct correlation with enhanced team engagement, productivity, and retention. Furthermore, we will explore the nuanced interplay between primary and secondary leadership traits, offering attendees a roadmap for cultivating and reinforcing their leadership style.

Crafting Your Personal Leadership Blueprint:

Central to the workshop agenda is the creation of a personalized leadership profile tailored to each participant’s unique strengths and challenges. By leveraging insights gleaned from the session, attendees will craft a strategic framework that aligns their leadership approach with organizational objectives. This personalized blueprint will serve as a compass, guiding IT managers toward greater confidence, team engagement, and operational excellence.

Led by industry veteran Andrew Grimes, former Technical Manager at a leading Tech Company, the workshop promises an immersive learning experience designed to empower IT managers at every stage of their leadership journey. From defining the essence of leadership to crafting a bespoke strategy, participants will traverse a meticulously curated agenda aimed at unlocking their full potential as leaders.

This workshop was developed for IT managers who aspire to push their teams to new heights of performance and innovation. Whether you’re a seasoned leader seeking to refine your approach or an emerging talent eager to hone your skills, this event offers invaluable insights and strategies to accelerate your leadership trajectory.

Key session outcomes:

Attendees can anticipate a myriad of tangible outcomes from their participation in the workshop:

  1. Enhanced Confidence: Equip yourself with the confidence to lead with conviction and clarity in the face of complex challenges.
  2. Elevated Team Engagement: Foster a culture of collaboration and empowerment that ignites passion and commitment among team members.
  3. Amplified Productivity: Harness the collective potential of your team to drive operational excellence and achieve strategic objectives.
  4. Improved Employee Retention: Cultivate an environment where talent thrives and flourishes, reducing turnover and fostering long-term loyalty.
  5. Enhanced Service Quality: Elevate the caliber of your team’s output, delivering products and services that surpass industry standards.
  6. Mitigated Stress and Burnout: Implement strategies to promote employee well-being and resilience, mitigating the risk of burnout and enhancing overall team morale.

Join us in Portland, register here. Keep up with our in-person and online sessions by signing up for our newsletter. Join the community conversation on LinkedIn | Facebook | X | Instagram

Cybersecurity Fundamentals

Cybersecurity Fundamentals

TechKnowSurge is launching its new course, Cybersecurity Fundamentals. The course covers the fundamentals of Cybersecurity, what it is, threats to an organization, and what steps are needed to protect against such threats. The course covers the topics with simple explanations, real-world examples, and clears up misconceptions about cybersecurity principles and terminology. Watch it all or the specific module you are interested in knowing more about. The course covers topics that can clear up confusion with even the more advanced IT professionals. However, the course is designed more for those who don’t have as much experience. It also covers security objectives from many certifications and is a great foundation for studying for many other certifications. Objectives of the course are drawn from the following IT certification objectives:

  • CompTIA IT Fundamentals (ITF+)
  • CompTIA A+ care 2
  • CompTIA Server+
  • CompTIA Security+
  • CompTIA Network+
  • CompTIA Advanced Security Practitioner (CASP+)
  • Cisco Certified Network Administrator (CCNA)

Explore the comprehensive courses covering vital cybersecurity concepts such as:

  • Module 1: Defining Cybersecurity
  • Module 2: Threats to Cybersecurity
  • Module 3: Protecting Against Threats
  • Module 4: Identity and Access Management
  • Module 5: Confidentiality
  • Module 6: Cryptography
  • Module 7: Integrity
  • Module 8: Public Key Infrastructure
  • Module 9: Availability
  • Module 10: Securing Your Network

Videos are being released on a daily basis on the TechKnowSurge YouTube channel. It will later be released at courses.techknowsurge.com. Don’t miss out on the latest trends and insider tips – sign up for my exclusive newsletter here [https://techknowsurge.com/newsletter-signup/]. Stay ahead in the fast-paced world of cybersecurity with expert insights delivered right to your inbox. Join the community conversation on LinkedIn | Facebook | X | Instagram