Understanding the Fundamentals of Cryptography

Cybersecurity encompasses multiple different domains, including network isolation, platform security and infrastructure security. However, one thing that we less frequently discuss, but use more than often is cryptography. Whether it’s HTTPS, data encryption in databases, disk encryption, or technologies like VPNs and blockchains, cryptography is one of the fundamental building blocks. As part of this article, lets try to decipher the cryptography concept.

First and Foremost, What Is Cryptography?

Simply put, it is the method of protecting information so that only intended people can read or access it. To better understand the definition let's consider a simple example.

Imagine two kids, Alice and Bob, passing secret notes in the class. Alice wants to write "let's meet at the park." Now, instead of plainly writing it, she uses a code: shift each letter by one (A becomes B, B becomes C, C becomes D and so on). As a result, the actual message that Bob sees is "Mfu't nffu bu uif qbsl." For anyone other than Bob or Alice, it looks gibberish. But, because Bob knows the code, he can read the actual message.

There are plenty of concepts in the example we discussed just now. Let's understand what they are:

Plaintext

"let's meet at the park" is the plaintext message that Alice wants to send.

Encryption

The process of converting the plaintext to gibberish is called Encryption.  The most common type of encryption algorithms is:

• Symmetric Encryption:
  •  Also called as shared key algorithm, the same key is used for both encryption and decryption.
  • It is computationally cheaper to perform symmetric encryption as it uses simple mathematical operations like XOR and multiply.
  • Some of the popular algorithms in this space are AES (Advanced Encryption Standard), DES (Data Encryption Standard) and Triple DES.
    
    
• Asymmetric Encryption
  • Synonyms for public-key cryptography, uses two different keys, one for encryption and one for decryption. The data is encrypted with the public key and decrypted using the matching private key.
  • It is expensive to perform asymmetric encryption as it uses more complex algorithms like power and modulus on larger numbers.
  • Rivest-Shamir-Adelman (RSA) and Elliptic Curve Cryptography (ECC) are some of the famous asymmetric encryption algorithms.

Cipher Text

The gibberish or encrypted message we received after the encryption is called cipher text.

Key

Key is the important piece of information required to encrypt or decrypt the data.

Decryption

The process of converting the cipher text back to its original message is called decryption.

Before we jump into other examples, an important concept to understand while talking about cryptography is how it supports the broader and well known security model called the CIA triad. The CIA triad stands for Confidentiality, Integrity, and Availability triad.

Confidentiality

At its core,  Confidentiality means keeping the information secret. By encrypting data before transmission, we prevent unauthorized access and ensure that only the intended recipients are able to read it.

Integrity

Integrity means keeping the data unaltered and authentic. In cryptography, before a message is sent, a hash is calculated, also called the fingerprint on the original content. 

This fingerprint, along with the encrypted message, is transmitted to the receiver. Upon receiving the data, it is the responsiblity of the entity receiving it to decrypt the message and apply the same hash function to the unencrypted message. If the newly computed hash and the fingerprint match, it confirms that the message has not been tampered with maintaining it's integrity.

Example of generating a hash function:

import hashlib

# Step 1: Read the file
with open("report.pdf", "rb") as f:
    file_data = f.read()

# Step 2: Generate SHA-256 hash
hash_object = hashlib.sha256(file_data)
hash_hex = hash_object.hexdigest()

# Step 3: Print the hash
print("SHA-256 Hash:", hash_hex)

# Compare with the hash Alice sent
expected_hash = "d2d2c3f4a90898e2b6c51e1c0eae11aaf9bffcb5e24acbcda2743e028c11bfb2"

if hash_hex == expected_hash:
    print("File integrity verified.")
else:
    print("File has been altered!")

In the above example, we are reading a file "report.pdf", computing a sha-256 hash of the file data and comparing it with the hash we received from Alice. If they match, we print "integrity verified".

Availability

Availability means that data is accessible whenever required. Cryptography ensures this by preventing attackers and other threat actors from locking out users or crashing systems through highly secure authentication and access controls.

Symmetric Key Encryption Example

from cryptography.fernet import Fernet

# Step 1: Generate a key
key = Fernet.generate_key()
cipher = Fernet(key)

# Step 2: Encrypt a message
message = b"Meet me at the park"
encrypted = cipher.encrypt(message)
print("Encrypted:", encrypted)

# Step 3: Decrypt the message
decrypted = cipher.decrypt(encrypted)
print("Decrypted:", decrypted.decode())

The example above is quite straightforward. We generate a key using the Fernet cryptography algorithm. Using the key, we perform both encryption and decryption.

Asymmetric Encryption Example

from cryptography.hazmat.primitives.asymmetric import rsa, padding
from cryptography.hazmat.primitives import serialization, hashes

# Step 1: Generate RSA key pair
private_key = rsa.generate_private_key(public_exponent=65537, key_size=2048)
public_key = private_key.public_key()

# Step 2: Encrypt with the public key
message = b"Meet me at the park"
encrypted = public_key.encrypt(
    message,
    padding.OAEP(
        mgf=padding.MGF1(algorithm=hashes.SHA256()),
        algorithm=hashes.SHA256(),
        label=None
    )
)
print("Encrypted:", encrypted)

# Step 3: Decrypt with the private key
decrypted = private_key.decrypt(
    encrypted,
    padding.OAEP(
        mgf=padding.MGF1(algorithm=hashes.SHA256()),
        algorithm=hashes.SHA256(),
        label=None
    )
)
print("Decrypted:", decrypted.decode())

In the asymmetric encryption example, we have generated two keys, a private key and a public key using the RSA algorithm. We then encrypt the data using the public key and in the final step, using private key for decryption.

Common Use Cases of Encryption

HTTPS (Hypertext Transfer Protocol Secure)

HTTPS is the most common example that uses cryptography. It is the secure version of HTTP, which use SSL/TLS to encrypt the data and TLS under the hood uses asymmetric and symmetric key encryption.

Messaging Apps

Apps like WhatsApp, and Signal uses Asymmetric key cryptography to protect the data in transit.

Cryptography is the foundation of the modern Internet. Whether you’re sending messages or making transactions, it keeps your information secure. By learning its key ideas, like encrypting and decrypting data, you can see how it protects everyday activities. Just like Alice and Bob who want to share secrets safely, cryptography helps everyone communicate with confidence in a world full of risks.