One of the core purposes of cybersecurity is to protect information from being changed or stolen. But how exactly is this done? One of the main ways is through cryptography. Cryptography is the practice of using coded algorithms to protect and obscure information so that it may only be read by those with the permission and ability to decrypt it (IBM, n.d.).
In history, cryptographic methods such as ciphers have been used to add a level of security to secret or sensitive information. Today, however, cryptography includes more advanced mathematical processes which would take massive amounts of time and computing power to crack. Different techniques like encryption and hashing can help protect the authenticity and integrity of digital information in this way.
Encryption Keys
Encryption is the process of turning a message into incomprehensible data via an encryption algorithm and key. Lots of data online are encrypted, from emails to personal information stored on the cloud.
(Shipman, 2022)
There are two types of encryption keys: symmetric keys and asymmetric keys. Symmetric keys are identical keys that are used to both encrypt and decrypt messages. This method of encryption is much easier than asymmetric keys, which are different keys which can both be used to either encrypt or decrypt. Among the keys used are the public key, which is shared among users, and the private key, which is not shared. (Stouffer, 2023).
Many different types of encryption algorithms exist, like AES, which is a symmetric key encryption technique, and RSA, which is used for asymmetric encryption. AES-256 and RSA-4096 are considered the best, as they lie in the sweet spot between security and practicality (Lake, 2023).
Hash algorithms
In cryptography, hash algorithms turn a message of any size into a hash value of a fixed length. The hash algorithm would always generate a different hash for a different message, meaning that even any small alterations to the original message will produce a completely different hash value. This is useful in verifying that any messages sent are original and not tampered with by any third party. This process is also irreversible, making it extremely difficult to obtain the original message from the hash value.
Hence, hash algorithms like SHA (Secure Hash Algorithm) are very useful in ensuring the integrity and security of sensitive data. Many websites store information like passwords as hash values to prevent them from being changed or stolen directly (GeeksforGeeks, 2024).
Digital Signatures
The digital signature is an authentication technique which combines encryption and hashing. A large issue with encryption is that it can be very computationally expensive, making it impractical to encrypt large data sizes. In scenarios where verifying the original sender is important, digital signatures can be used. The signature is created by passing the original plaintext data into a hash algorithm, giving a shorter hash value which is then encrypted. The resulting digital signature is then sent to the receiver of the message along with the plaintext.
The receiver can then retrace this process to verify that the message had not been tampered with, and that it came from the expected sender who is (ideally) the only one who has the encryption key used (Materese, 2016).
Future technology: Quantum Cryptography
In the race against hackers to improve the security of our online systems, new technology is constantly being developed. For cybersecurity, this promising new tech would be quantum cryptography, a technique that utilizes the unique property of particles on a quantum level; that is, being able to exist in multiple states simultaneously.
In quantum mechanics, a system will be altered after being observed. This way, if any information carried is intercepted by a third party, the data would no longer be valid, providing a form of authentication and guarantee of integrity. While this form of cryptography is still in early stages of development, it can potentially be far more secure than existing forms of cryptography, and is even theoretically unhackable (Schneider & Smalley, 2023).
Works Cited
GeeksforGeeks (2024). Cryptography Hash Functions. [online] GeeksforGeeks. Available at: https://www.geeksforgeeks.org/cryptography-hash-functions/ [Accessed 31 Jul. 2024].
IBM (2024). What is cryptography? | IBM. [online] www.ibm.com. Available at: https://www.ibm.com/topics/cryptography [Accessed 31 Jul. 2024].
Lake, J. (2019). Common Encryption Types, Protocols and Algorithms Explained. [online] Comparitech. Available at: https://www.comparitech.com/blog/information-security/encryption-types-explained/ [Accessed 31 Jul. 2024].
Robin Materese (2016). Cryptography. [online] NIST. Available at: https://www.nist.gov/cryptography [Accessed 31 Jul. 2024].
Schneider, J. and Smalley, I. (2023). What is quantum cryptography? | IBM. [online] www.ibm.com. Available at: https://www.ibm.com/topics/quantum-cryptography [Accessed 31 Jul. 2024].
Shipman, A. (2022). A Beginner’s Guide to Encryption Vs Decryption - DZone. [online] dzone.com. Available at: https://dzone.com/articles/a-beginners-guide-to-understanding-encryption-vs-d [Accessed 31 Jul. 2024].
Stouffer, C. (2022). What is encryption and how does it protect your data? [online] us.norton.com. Available at: https://us.norton.com/blog/privacy/what-is-encryption [Accessed 31 Jul. 2024].
Comments