inventionimage

Encryption & Decryption

The need for encryption

A huge amount of private data is sent around the Internet every day: emails with details about our personal lives, passwords that we type into login screens, tax documents that we upload to servers.

The Internet protocols send private data in packets on the same routes as everyone else's data, and unfortunately, attackers have figured out ways to look at the data whizzing around the Internet.

That's where encryption comes in: encrypting data means that we scramble the original data to hide the meaning of the text, while still making it possible for the data to be unscrambled using a secret key. Encryption enables two people (or computers!) to share private information over open networks.

Now we'll dive into the two most common types of encryption used in securing Internet communications: symmetric encryption and public key encryption.

Encryption, decryption, and cracking

One of the earliest encryption techniques is the Caesar Cipher, invented by Julius Caesar more than two thousand years ago to communicate messages to his allies. The Caesar Cipher is a great introduction to encryption, decryption, and code cracking, thanks to its simplicity.

Encrypting a message

Imagine Caesar wants to send this message:

SECRET MEETING AT THE PALACE

Here's what that might look like encrypted:

YKIXKZ SKKZOTM GZ ZNK VGRGIK

That looks an awfully lot like gobbledygook at first, but this encrypted message is actually very related to the original text.

The Caesar Cipher is a simple substitution cipher which replaces each original letter with a different letter in the alphabet by shifting the alphabet by a certain amount.

Decrypting a message

According to historical records, Caesar always used a shift of 3. As long as his message recipient knew the shift amount, it was trivial for them to decode the message.

Imagine Caesar sends this message to a comrade:

EHZDUH EUXWXVA

Answer:

BEWARE BRUTUS

Caesar Cipher was very easy to crack because English Alphabets were only 26.Later then made the code for each alphabet in the message, which made it very hard to decode the message without the key.

Public key encryption

On the Internet, two computers often want to exchange secure data with each other. When I type my password into the login screen, I want my computer to send that data safely to the servers. I do not want to worry that an attacker might be monitoring my Internet traffic and watching the password go across the wires.

Symmetric encryption techniques rely on both the sender and receiver using the same key to encrypt and decrypt the data. How can my computer and the server exchange the key securely? If an attacker can see my password go across the wires, then they can also see an encryption key!

Public key encryption to the rescue! It's an asymmetric encryption technique which uses different keys for encryption and decryption, allowing computers over the Internet to securely communicate with each other.

Let's step through the high-level process of public key encryption.

  • Step 1: Key generation

    • Each person (or their computer) must generate a pair of keys that identifies them: a private key and a public key. You can generate a pair below, using the same RSA algorithm that's used by your computer.

    Did you notice it takes a few seconds to generate the keys? That's due to the math involved. The keys are generated by multiplying together two incredibly large primes. The algorithm repeatedly generates random large numbers and checks if they're prime, until it finally finds two random large primes. All that checking for primes can take a while, and these keys are only 512 bits long. The current nationally recommended key length is 2048, or even 3072 bits.

  • Step 2: Key exchange

    • The sending and receiving computers exchange public keys with each other via a reliable channel, like TCP/IP. The private keys are never exchanged.

  • Step 3: Encryption

    • The sending computer encrypts the secret data using the receiving computer's public key and a mathematical operation.

    The power of public key encryption is in that mathematical operation. It's a "one-way function", which means it's incredibly difficult for a computer to reverse the operation and discover the original data. Even the public key cannot be used to decrypt the data.

  • Step 4: Sending encrypted data

    • The sender can now safely transmit the encrypted data over the Internet without worry of onlookers.

  • Step 5: Decryption

    • Now the receiver can decrypt the message, using their private key. That's the only key that can be used to decrypt the message (in the world!).