Crypto 101 - terminology
Cryptography is the practice of secure communication in the presence of third parties or adversaries. It involves transforming plaintext (unencrypted data) into ciphertext (encrypted data) using mathematical algorithms and keys, to prevent unauthorized access, tampering, or interception of the information.
Cryptography is used in various fields such as computer security, digital currency, and military communications. Some common cryptographic techniques include encryption, decryption, hashing, digital signatures, and key exchange protocols. The study of cryptography also involves understanding potential weaknesses in cryptographic systems, and designing algorithms that are resistant to attacks by adversaries.
Let’s explore the most common wording for that matter.
Plaintext: Refers to the original, unencrypted message or data that is to be secured.
Ciphertext: Refers to the encrypted message or data that has been transformed from plaintext using a cryptographic algorithm.
Encryption: The process of converting plaintext into ciphertext using a cryptographic algorithm and a key, making it unreadable to unauthorized parties.
Decryption: The process of converting ciphertext back into plaintext using the correct key, making the original message readable again.
Cryptographic key: A secret code that is used to encrypt and decrypt data.
Symmetric key cryptography: A cryptographic technique that uses the same key for both encryption and decryption.
Asymmetric key cryptography: A cryptographic technique that uses a pair of keys - a public key for encryption and a private key for decryption.
Hash function: A mathematical function that converts plaintext into a fixed-length output, known as a hash value, which is unique to that input.
Digital signature: A digital code that is attached to a document or message to confirm its authenticity and integrity.
Public key infrastructure (PKI): A system of digital certificates, public key encryption, and digital signatures that is used to establish the authenticity of public keys.
SSL/TLS: Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are cryptographic protocols used to provide secure communication over the internet.
Block cipher: A type of encryption algorithm that operates on fixed-size blocks of data, typically 64 or 128 bits.
Stream cipher: A type of encryption algorithm that encrypts data on a bit-by-bit basis.
Key exchange: The process of securely exchanging cryptographic keys between two parties over an insecure communication channel.
Digital envelope: A technique used to securely transmit a message by encrypting the message using a symmetric key and then encrypting the symmetric key using the recipient's public key.
Message authentication code (MAC): A code that is added to a message to ensure its integrity and authenticity.
One-time pad: A type of encryption that uses a random key of the same length as the plaintext that is only used once.
Kerberos: A network authentication protocol used to verify the identities of users and servers in a network environment.
Zero-knowledge proof: A cryptographic method that allows one party to prove to another party that they have knowledge of a specific secret, without revealing any information about the secret.
Side-channel attack: An attack that exploits weaknesses in a cryptographic system by analyzing information leaked through other channels, such as power consumption, electromagnetic radiation, or timing variations.
Diffie-Hellman key exchange: A cryptographic protocol used to securely exchange cryptographic keys over a public channel.
RSA: A widely used public-key cryptography algorithm that is used for encryption, digital signatures, and key exchange.
Elliptic Curve Cryptography (ECC): A public key cryptography technique based on the algebraic structure of elliptic curves.
Digital certificate: A digital document that is used to verify the identity of a user, server, or device.
Certificate Authority (CA): An organization that issues and manages digital certificates.
Public key fingerprint: A unique identifier generated from a public key that can be used to verify the authenticity of the key.
Key length: The size of the cryptographic key, typically measured in bits.
Key stretching: A technique used to increase the strength of a cryptographic key by adding additional data to the key.
Rainbow table: A precomputed table of hash values that can be used to quickly reverse hash functions.
Salting: A technique used to add additional random data to create a unique hash, effective against rainbow table attacks.
Interested in learning more about cryptography? Eccentrix offers certified training that refer to the further understanding of the above principles. For example, the CompTIA Security+ course covers the topic very well – a training dedicated to novices in the field. Or, there also the Certified Information Systems Security Professional (CISSP) training that goes a bit more in depth when it comes to the understanding of cryptography for information security managers.