Understand the main principles of cryptology and encryption

Etymologically, cryptology is the science (λόγος) of secrecy (κρυπτός). It brings together cryptography (“secret writing”) and cryptanalysis (study of attacks against cryptographic mechanisms).

Today, cryptology is no longer limited to ensuring the privacy secrets. It has extended to the fact of mathematically ensuring other notions: ensuring theauthenticity of a message (who sent this message?) or even ensure its integrity (has it been modified?).

To ensure these uses, cryptology brings together four main functions: hashing with or without a key, digital signature and encryption.

To explain cryptology, we will use in our examples the traditional characters in cryptography: Alice and Bob.

To discover the major phases in the history of cryptology, go to the web documentary produced by ANSSI.

Why does cryptology exist?

  1. To ensure the integrity of the message: the hash

Cryptology precisely makes it possible to detect whether the message, or the information, has been involuntarily modified. Thus, a ” hash function will make it possible to associate a unique fingerprint that can be calculated and verified by everyone with a message, a file or a directory. This fingerprint is often materialized by a long sequence of numbers and letters preceded by the name of the algorithm used, for example “SHA2” or “SHA256”.

Do not confuse encryption, which ensures confidentiality, i.e. only the persons concerned can have access to it (see ” To ensure the confidentiality of the message “), and the hash which guarantees that the message is intact, that is to say that it has not been modified.

Hash, what for?
To save your photos on your hosting space (of the “cloud” type for example) and check that your download went well?
To synchronize your folders and detect which ones need to be backed up again and which ones have not been modified?

There are also ” keyed hash functions which make it possible to make the calculation of the hash different according to the key used. With these, to calculate a hash, a secret key is used. For two different keys, the hash obtained on the same message will be different. So for Alice and Bob to compute the same hash, they must both use the same key.

It is among these keyed hash functions that we find those used to store passwords securely.

Key hashing, what for?
Does your favorite service recognize your password when you log in?
Do you want to be able to detect if someone is modifying documents without telling you?

How hash and keyed hash functions work

  1. To ensure the authenticity of the message: the signature

In the same way as for an administrative document or a contract on paper, the mechanism of the ” signature – numeric – verifies that a message has indeed been sent by the holder of a “public key”. This cryptographic process allows anyone to ensure the identity of the author of a document and also ensures that it has not been modified.

The digital signature, what for?
Do you want to guarantee that you are the sender of an email?
Do you want to be sure that information comes from a reliable source?

To be able to sign, Alice must have a pair of keys:

  • one, called “public”, which can be accessible to everyone and in particular to Bob who is the recipient of the messages that Alice sends;
  • the other, called “private”, which should only be known to Alice.

In practice, Alice generates her signature with her private key, which is known only to her. Anyone with access to Alice’s public key, including Bob, can verify the signature without exchanging a secret.

How digital signatures work

  1. To ensure the confidentiality of the message: encryption

Encrypting a message makes it possible to guarantee that only the sender and the legitimate recipient(s) of a message know its content. It’s a kind of digital sealed envelope. Once encrypted, without having the specific key, a message is inaccessible and unreadable, whether by humans or machines.

Encryption, what for?
Want to make sure only the recipient has access to the message?
Do you want to send this information in a digital envelope that cannot be read by everyone, like on a postcard?

There are two main families of encryption: symmetric encryption and asymmetric encryption.

the symmetric encryption allows you to encrypt and decrypt content with the same key, then called the “secret key”. Symmetric encryption is particularly fast but requires the sender and receiver to agree on a common secret key or to send it to each other through another channel. This must be chosen with care, otherwise the key could be recovered by the wrong people, which would no longer ensure the confidentiality of the message.

the asymmetric encryption assumes that the (future) recipient has a pair of keys (private key, public key) and that he has ensured that potential senders have access to his public key. In this case, the sender uses the recipient’s public key to encrypt the message while the recipient uses their private key to decrypt it.

Among its advantages, the public key can be known to everyone and published. But be careful: it is necessary that the transmitters have confidence in the origin of the public key, that they are sure that it is indeed that of the recipient.

Another strong point: no more need to share the same secret key! Asymmetric encryption makes it possible to dispense with this. But it is unfortunately slower.

For this last reason, there is a technique combining “symmetric” and “asymmetric” ciphers, better known as ” hybrid encryption “.

This time, a secret key is determined by one of the two parties wishing to communicate and it is sent encrypted by an asymmetric cipher. Once known to both parties, they communicate by symmetrically encrypting their exchanges. This technique is particularly applied when you are visiting a site whose address begins with “https”.

How encryption works

We want to thank the author of this article for this incredible material

Understand the main principles of cryptology and encryption

You can find our social media profiles here , as well as other pages related to them here.https://metfabtech.com/related-pages/