Cryptography:It is the group of techniques used for the purpose of conducting secure communications and mitigating the risks of MITM attacks in the presence of third parties (communications in the wild/ insecure channels e.g the Internet).In present times, cryptography is referred to as ‘encryption’. Actually, encryption represents nothing but a part of the overall cryptosystem as cryptography is composed of encryption (transforming plaintext to an unreadable format by humans or machines without the corresponding cipher aka. cipher or encryption algorithms or codes) and decryption which is the reverse process.
Cryptanalysis:It is the study of a cryptosystem in the desire of identifying its hidden aspects and crack it all the way to access plaintext without knowing the decryption key. This can be done by not only analyzing the used algorithms to determine the used cipher and key but also by scanning for weaknesses in their implementation and exploiting them as they get increasingly harder and more complex to keep up with more modern sophisticated ciphers.
Terminology:Although cryptology as a field is seeing a great evolution in cryptography and cryptanalysis, the terminology remains the same as the cryptosystems’ components are constant.
- Plaintext: It is the messaged being sent and wanted to be changed for privacy/security purposes. It should be understandable by both parties (sender and receiver) and contains data which is mostly not meant to be disclosed or intercepted in its raw format.
- Cipher/Cypher: It is a type of algorithms used for performing an encryption or decryption process conserving the length between the input (plain-text) and the output (cipher-text).
- Encryption/Decryption algorithm: Has the same concept as the cipher with the exception that the length varies between plaintext and ciphertext.
- Encryption/Decryption keys: For security purposes, algorithms use d in encryption and decryption became public (e.g: RSA) with a variable key. A key is a generated parameter used in the transformation of data (encrypt/decrypt). The use of the same key in encryption and decryption makes the used algorithm symmetric, and if it’s not the same then the used algorithm is asymmetric.
Do you like to write about your infosec knowledge, skills, opinions, or exploits?
Publish your original research, tutorials, articles, or other written content on Cybray's blog to be seen by thousands of infosec readers daily!