Human beings, for ages, have had a need to communicate and share information. And the need for secrecy of the information is just as old a concern. This need for secrecy gave rise to the art of coding the messages in such a way that only the intended people could have access to the information. Unintended people could not extract information even if they got the coded message.
Cryptology is a general term which can be subdivided into two branches Cryptography and Cryptanalysis. Cryptography is the science of secret writing with the goal of hiding a secret message. The science of breaking the cipher text is known as cryptanalysis.
History and Classical Cryptography
The art of cryptography is considered to be born along with the art of writing. The roots of cryptography are found in Roman and Egyptian civilizations. The first known evidence of cryptography can be traced to the use of ‘hieroglyph’. Some 4000 years ago, the Egyptians used to communicate by messages written in hieroglyph. Later, the scholars moved on to using simple mono-alphabetic substitution ciphers during 500 to 600 BC. This involved replacing alphabets of message with other alphabets with some secret rule. This rule became a key to retrieve the message back from the garbled message.
The earlier Roman method of cryptography, popularly known as the Caesar Shift Cipher, relies on shifting the letters of a message by an agreed number (three was a common choice), the recipient of this message would then shift the letters back by the same number and obtain the original message. Caesar Shift Cipher an example of Classical Cryptography. Classical Cryptography manipulates traditional characters, i.e., letters and digits directly.
Modern cryptography does not deal with letters. It operates on binary bit sequences. It relies on publicly known mathematical algorithms for coding the information. Secrecy is maintained through a key which is used as the seed for the algorithms. The computational difficulty of algorithms, absence of secret key, etc., make it impossible for an attacker to obtain the original information even if he knows the algorithm used for coding. Modern Cryptographic are systems split into three main branches: Symmetric Cryptography, Asymmetric Cryptography and Protocols.
Symmetric Cryptography uses a single secret key for both encryption and decryption of messages. This can be thought of a safe with a normal lock. Asymmetric Cryptography uses different keys for encryption and decryption. This can be imagined as a safe with a public lock for depositing message and a secret lock for retrieving the message. Protocols deal with applications of cryptographic algorithms. Some of these protocols are used in our browsers every day.
The basic intention of an attacker is to break a cryptosystem and to find the plaintext from the cipher text. To obtain the plaintext, the attacker only needs to find out the secret decryption key, as the algorithm is already in public domain. Some of the attacks on cryptosystems are:
Letter Frequency Analysis: English language or any other language uses some letters more frequently than others. This behavior is not changed after encryption in some cryptosystems. So it is possible to break the cipher text using frequency analysis of different letters.
Dictioncrary Attack: This attack has many variants, all of which involve compiling a ‘dictionary’. In simplest method of this attack, attacker builds a dictionary of cipher texts and corresponding plaintexts that he has learnt over a period of time. In future, when an attacker gets the cipher text, he refers the dictionary to find the corresponding plaintext.
Brute Force Attack (BFA): In this method, the attacker tries to determine the key by attempting all possible keys. If the attacker is able to find two different inputs that give the same hash value, it is a collision and that hash function is said to be broken.
Several other attacks on the cryptographic systems such as Birthday Attack, Man in the Middle Attack, etc are often used. Cryptography is in important tool for building secure systems which is essential in this world of increasing cyber crime. But adding security to systems often limits their usability and services. Moreover, life line of cyber world: Internet, would be as insecure as an open safe without cryptography.