In this post, I describe the basics of cryptography. Here are some definitions to start off with:

  • Plaintext: message to be concealed (“cleartext”).
  • Ciphertext: encrypted data.
  • Algorithm: step-by-step procedure to follow to transform plaintext into ciphertext.
  • Key: modifier used by the algorithm to convert plaintext to ciphertext (and vice versa).
  • Security Strength: amount of security offered by an algorithm with a certain key.
  • Attacker: Entity attempting to compromise an algorithm.
  • Attack: Method of compromising an algorithm. Brute Force Attack is a type of attack in which all possible keys are tried systematically.
  • Vulnerability: A weakness in an algorithm or implementation

To understand these concepts, let’s walk through an example. The Caesar Cipher was a cipher used in Roman times to encrypt data. Characters of plaintext are substituted by having two alphabets offset to one another.

cipher.png

For instance, looking at the diagram above, the plaintext A becomes ciphertext D and the plaintext B becomes ciphertext E. That is , plaintext, “CAESAR” becomes the ciphertext “FDHVDU”. To decrypt, simply go from the ciphertext row to the plaintext row.

Based on the example, the crypto terminology is:

  • Plaintext: CAESAR
  • Ciphertext: FDHVDU
  • Algorithm: Substituting letters based on an offset between two alphabets
  • Key: The amount of offset between alphabets
  • Security Strength:
    • With 26 possible keys, the strength would be log2(26) = 4.7.
    • However, the algorithm is vulnerable to attack by frequency analyzing the ciphertext and knowledge certain letters cannot precede other letters (think q and u), so the cryptographic strength is closer to the rate of the English language, 1.3.