Cryptography is a term that has become popular in recent years, especially in relation to personal data protection and cybersecurity. Let’s try to better understand what it is and two main components: the public key and the private key.
What is cryptography and how does it work?
Cryptography comes from the Greek words “kryptós“, which means hidden, and “gráfein“, which means write. So, cryptography is literally the art of writing in secret code.
However, nowadays cryptography is a technique to protect information by making it unreadable except by those who have the key to decode it. In fact, cryptography transforms readable digital data (plaintext) into an unreadable format (ciphertext).
To encrypt plaintext, a cryptographic algorithm or cipher is necessary. This is the encryption process. To decrypt the ciphertext and read the original data, it is necessary to use the same algorithm with a key to decode the message. This is the decryption process.
There are two main types of cryptography algorithms: symmetric and asymmetric. Symmetric algorithms use the same key for encryption and decryption, while asymmetric algorithms use a different key for each process.
Both symmetric and asymmetric algorithms have their own advantages and disadvantages. For example, symmetric algorithms are typically faster and more efficient, while asymmetric algorithms are more secure. For this reason, both symmetric and asymmetric algorithms are necessary for a complete cryptography system.
However, there is also a third type of encryption, the so-called end-to-end. This is typical of messaging apps such as WhatsApp, Messenger or Telegram. It ensures the privacy of communications by using a double pair of cryptographic keys to encrypt and decrypt the messages. Again, each user use a public key and a private key, thus limiting potential man-in-the-middle attack attempts. This kind of attacks aims to steal personal data and information by “intercepting” communications between users.
Public Key and Private Key
As you can see, public key and private key are two important concepts in cryptography.
The private key is a piece of information that only to the owner knows and allows to decrypt ciphertext. On the other hand, the public key is a piece of information that anyone knows and allows to encrypt plaintext.
The private key must be secret, as it is the only way to decrypt data that has been encrypted with the public key. On the contrary, the public key is freely available.
A good analogy for this concept is a locked box and a key. The locked box is like ciphertext and the key is like the private key. Only someone with the right key can open the box and read its contents. Anyone can put something in the box, but only the owner of the key can take it out.
This is how encryption and decryption work using a public key and a private key.
What are some common uses for cryptography?
Cryptography is common to protect communications between users and to protect personal data, such as credit card numbers. But also to verify the identity of the sender of a message and to ensure that a document is still in its original form.
Digital signatures and time stamps
A digital signature is a form of cryptography that allow to verify the identity of the sender of a message. A digital signature is created by using a private key to encrypt a message. The recipient can then use the corresponding public key to decrypt the message and verify that it was indeed sent by the owner of the private key.
Time stamps are another form of cryptography that allow to verify the authenticity of a message or document.
A timestamp is a sequence of characters representing a date and/or time. It ensures that a certain event has occurred. Indeed, timestamping allows users to establish the existence of a document from a certain instant and ensure its validity over time.
A time stamp is created by taking a hash of the document and then encrypting it with a private key. The recipient can then decrypt the time stamp with the corresponding public key and compare it to their own copy of the document. If the two match, then the document is authentic.
Of course, the encryption and decryption processes take place automatically thanks to specific software.
Cryptography, private key and public key in the blockchain
Cryptography is also part of the blockchain. The blockchain is a distributed database that stores a record of all transactions that occurred on it. Each transaction is verified by the network of computers that make up the blockchain, and each computer keeps its own copy of the transaction history.
Asymmetric cryptography allows to secure the data in the blockchain and to prevent fraud, since every users who owns an asset on the blockchain has a public key (address) and a private key. Each exchange of assets on the blockchain is encrypted so that only its recipient can decrypt it.