Cryptography 101
Cryptography is a familiar term for most of us. Google will tell you that it is the practice of securing information and communication by encoding it into unreadable formats. In other words, you encrypt these information and communications so only the relevant parties can access them. Encryption is another term that we are familiar with. Messaging platforms like WhatsApp constantly bombard us with promises like End-to-End encryption for our messages, all the while stealing our data. But let’s not get into that now.
The need for encrypted messaging goes all the way back to the days of Julius Caesar. You will either know him as the guy from the cartoon Asterix & Obelix or you will know him as a former Roman dictator. Either way, he was a guy who wanted to improve his real estate portfolio by invading other people’s land. This meant he needed a way to discreetly communicate with his troops. In comes symmetric key encryption.
Symmetric Encryption, a.k.a Private key encryption
Symmetric key encryption is a simple yet brilliant way to effectively encrypt communications. The method is as follows,
- Caesar uses a key to encrypt his message into a bunch of gibberish that no one can understand.
- Caesar’s messenger carries this message containing gibberish, to his troop commander.
- The troop commander uses the same key that Caesar used in order to decrypt the gibberish back into the original message.
The algorithm that Caesar used to encrypt and decrypt his message is also known as the Caesar cypher. In those days this key was just a random word but in modern times keys are much more complicated. The beauty of this method is that even if enemies of Caesar intercepted the message, they wouldn’t know what to make of it because…well it’s gibberish.
But if you have been paying attention, you might have noticed a weakness in this method which is also its biggest strength. Without the key, an encrypted message cannot be decrypted by an attacker in the middle. But on the other hand, how do both parties exchange the key in the first place? If you exchange the key before starting the communication, an attacker who is monitoring the channel can easily intercept it. This was a big problem in symmetric key encryption which was solved centuries later by two genius cryptographers named Whitfield Diffie and Martin Hellman.
Diffie-Helmen Key Exchange
First, let me introduce you to Alice and Bob. They’re pretty famous in the world of cryptography. Now, the goal of the Diffie-Helman key exchange is to establish a shared secret key between Alice and Bob without having to transmit it over an insecure channel. In other words, the two parties are generating the same secret key, on their own, using magic.. well actually it’s using math but I don’t see the difference. Let me explain with an example,
- Setup: Alice and Bob agree on two prime numbers, usually denoted as p=23 and g=5 (g is actually the primitive root of p, but don’t worry about that now). These values are known publicly and can be shared openly.
- Key Generation: Alice and Bob randomly select their secret values. Alice selects a=6 while Bob selects b=15. These values are private and are not shared with anyone.
- Public exchange: Alice performs a calculation with her secret value ‘a’ to create the public value ‘A’
A = g^a (mod p) = 5⁶ (mod 23) = 8
Alice sends A=8 to Bob. Bob does the same calculation with his private value ‘b’ and sends B=19 to Alice.
B = g^b (mod p) = 5¹⁵ (mod 23) = 19
4. Secret key computation: This is where the magic happens. Alice and Bob use the received public values ‘A’ and ‘B’ to generate the same shared secret key ‘K’.
K (Alice) = B^a (mod p) = 19⁶ (mod 23) = 2
K (Bob)= A^b (mod p) = 8¹⁵ (mod 23) = 2
Brilliant right? now Alice and Bob can use this shared secret key ‘K’ for symmetric key encryption or any other cryptographic operation. Again if you’ve been paying attention, you must’ve realized that Diffie-Helmen key exchange is vulnerable to a Man-In-The-Middle attack. You can easily pretend to be either Alice or Bob to get information from them. So what now? Asymmetric key encryption to the rescue!
Asymmetric encryption, a.k.a Public key encryption
The main difference here is that instead of using a single key, asymmetric encryptions use a pair of keys called public key and private key. So each Alice and Bob will generate a public key and a private key. The public key is as always.. well public. These two are mathematically related, such that data encrypted with one key can only be decrypted with the other key in the pair. Let’s see how the exchange works.
Encryption: Alice wants to send Bob a secret message. Alice obtains Bob’s public key. She then encrypts her message using the public key and sends the message through the channel
Decryption: Upon receiving the encrypted text from Alice, Bob uses his private key to decrypt the message.
The beauty of this method is that Bob and only Bob, can decrypt this message since no one else has Bob’s private key.
But how do we solve the Diffie-Helmen key exchange vulnerability using this? I have two words for you ‘Digital Signature’. I mentioned that keys are mathematically related. A text encrypted from one key can be decrypted from the other. So during the Diffie-Helmen key exchange, if Bob wants to make sure no one else is pretending to him, all he has to do is use his private key to encrypt the message, in other words digitally sign his message. So using Bob’s public key to decrypt the message Alice will know for sure that this message was sent by Bob.
So in conclusion, just like Alice and Bob, symmetric and asymmetric key encryption are like the dynamic duo of digital security, each with its own special powers. Symmetric key encryption is like the speedy superhero, ideal for encrypting large volumes of data. But it does have its kryptonite, the need to securely share keys. Enter asymmetric key encryption, the clever sidekick that uses a pair of keys to securely share keys to keep things safe without all the key-swapping drama. Plus, it’s got this cool trick called digital signature, adding an extra layer of authenticity and integrity to our messages. Understanding these encryption pals and their strengths helps us keep our digital world safe and sound, ensuring our secrets stay secret and our conversations stay genuine!
