|
|
| Line 1: |
Line 1: |
| | == Encryption (cryptography) == | | == Encryption (cryptography) == |
| | | | |
| − | '''[[Encryption (cryptography)|Encryption]]''' is the process of encoding [[Data|data]] or [[Information|information]] in such a way that only authorized parties can access it and those who are not authorized cannot. More specifically, it is the conversion of [[Plaintext]] (readable data) into [[Ciphertext]] (an unreadable format) using an [[Algorithm|algorithm]] (called a [[Cipher]]) and a secret value known as a [[Key (cryptography)|key]]. | + | '''Encryption''' is the process of scrambling data or information so that only authorized people can understand it. It converts readable data (plaintext) into an unreadable format (ciphertext) using an algorithm (cipher) and a secret value called a key. |
| | | | |
| − | The purpose of [[Encryption (cryptography)|encryption]] is primarily to ensure [[Confidentiality|confidentiality]], meaning that the data remains secret from unauthorized viewers during storage or transmission. The reverse process, converting [[Ciphertext]] back into [[Plaintext]] using the correct [[Key (cryptography)|key]], is called '''[[Decryption]]'''.
| + | Its main purpose is to ensure confidentiality, keeping data secret during storage or transfer. The opposite process, turning ciphertext back into readable plaintext with the correct key, is called '''decryption'''. Encryption is vital for information and computer security, protecting sensitive data everywhere. |
| − | | |
| − | Encryption plays a crucial role in [[Information security|information security]] and [[Computer security|computer security]], protecting sensitive data across networks, on storage devices, and within applications. | |
| | | | |
| | === Basic Process === | | === Basic Process === |
| | | | |
| − | The fundamental process of [[Encryption (cryptography)|encryption]] involves:
| + | Encryption involves these core steps: |
| − | 1. **[[Plaintext]]:** The original, readable [[Data|data]]. | + | 1. Plaintext: The original, readable data. |
| − | 2. **[[Cipher]] ([[Algorithm|Algorithm]]):** The mathematical function or set of rules used to perform the encryption. | + | 2. Cipher (Algorithm): The set of rules or mathematical function that performs the encryption. |
| − | 3. **[[Key (cryptography)|Key]]:** A secret value used by the [[Cipher]] to transform the [[Plaintext]]. The security of the encryption heavily relies on the secrecy of the [[Key (cryptography)|key]] and the strength of the [[Cipher]]. | + | 3. Key: A secret value the cipher uses to scramble the plaintext. Encryption security depends on the key's secrecy and the cipher's strength. |
| − | 4. **[[Encryption (cryptography)|Encryption]]:** The process of applying the [[Cipher]] and [[Key (cryptography)|key]] to the [[Plaintext]] to produce [[Ciphertext]]. | + | 4. Encryption: Applying the cipher and key to plaintext to create ciphertext. |
| − | 5. **[[Ciphertext]]:** The resulting encoded, unreadable data. | + | 5. Ciphertext: The resulting unreadable, encrypted data. |
| − | 6. **[[Decryption]]:** The process of applying the corresponding [[Cipher]] and [[Key (cryptography)|key]] to the [[Ciphertext]] to recover the original [[Plaintext]]. | + | 6. Decryption: Reversing the process to get the original plaintext back from the ciphertext using the correct key. |
| | | | |
| | === Historical Overview === | | === Historical Overview === |
| | | | |
| − | The practice of concealing messages dates back thousands of years, predating computers and modern [[Cryptography|cryptography]]. Early methods relied on [[Steganography]] (hiding the existence of the message) or simple substitution and transposition techniques.
| + | Concealing messages dates back thousands of years, long before computers and modern cryptography. Early methods included steganography (hiding the message itself) or simple substitution and transposition. |
| − | | |
| − | * **Ancient Methods:** One of the earliest known methods is the [[Caesar cipher]], used by [[Julius Caesar]], which involved shifting letters in the alphabet by a fixed number of positions. Simpler [[Substitution cipher|substitution ciphers]] were relatively easy to break with [[Frequency analysis]].
| |
| − | * **Polyalphabetic Ciphers:** More complex manual ciphers, such as the [[Vigenère cipher]] (though its invention is often misattributed to Vigenère), used multiple substitution alphabets based on a keyword. These were much harder to break than simple substitution ciphers.
| |
| − | * **Mechanical and Electromechanical Eras:** The 20th century saw the development of machines for encryption, like the [[Enigma machine]] used by Germany during [[World War II]]. These machines implemented complex polyalphabetic substitutions that changed with each letter, making manual cryptanalysis extremely difficult. Breaking these ciphers, particularly the Enigma, became a major focus of wartime [[Cryptanalysis]].
| |
| − | * **Digital Era:** The advent of [[Digital computer|digital computers]] revolutionized [[Cryptography|cryptography]] in the latter half of the 20th century. It enabled the development of highly complex mathematical algorithms that could be processed rapidly. The late 20th century saw the creation of modern block and stream ciphers like the [[Data Encryption Standard]] (DES) and later the [[Advanced Encryption Standard]] (AES), as well as the groundbreaking invention of [[Public-key cryptography|public-key cryptography]].
| |
| | | | |
| | + | Ancient Methods: The Caesar cipher, used by Julius Caesar, shifted letters by a fixed number. Simple substitution ciphers were easily broken by frequency analysis. |
| | + | Polyalphabetic Ciphers: Ciphers like the Vigenère used multiple alphabets with a keyword, making them much harder to break than simpler ones. |
| | + | Mechanical Era: The 20th century brought machines like the Enigma, used in World War II. They created complex, changing substitutions that were very hard to manually break. Decrypting Enigma was a major wartime intelligence effort. |
| | + | Digital Era: Digital computers revolutionized cryptography, enabling fast, complex algorithms. This led to modern block and stream ciphers like DES and AES, and the invention of public-key cryptography. |
| | === Interesting Historical Examples === | | === Interesting Historical Examples === |
| | | | |
| − | * '''[[Caesar cipher]]''': A type of [[Substitution cipher|substitution cipher]] where each letter in the [[Plaintext]] is replaced by a letter some fixed number of positions down the alphabet. Simple, but easily broken using frequency analysis.
| + | '''Caesar cipher''': A simple substitution cipher where each letter is shifted. Easily broken. (Example: 'A' to 'D', 'HELLO' to 'KHOOR' with a shift of 3.) |
| − | * Example: With a shift of 3, 'A' becomes 'D', 'B' becomes 'E', and so on. "HELLO" becomes "KHOOR".
| + | '''Vigenère cipher''': Used multiple Caesar ciphers based on a keyword. Once thought unbreakable, but methods to break it were developed. |
| − | * '''[[Vigenère cipher]]''': A method of encrypting alphabetic text by using a series of different [[Caesar cipher|Caesar ciphers]] based on the letters of a keyword. It was long considered unbreakable if the keyword was sufficiently long and random, earning the moniker "le chiffre indéchiffrable" (the unbreakable cipher), although methods for breaking it were eventually developed.
| + | '''Enigma machine''': A complex mechanical cipher used by Nazi Germany in WWII. It changed its substitution with each keystroke. Breaking Enigma (e.g., at Bletchley Park by Alan Turing) was a major intelligence achievement. |
| − | * '''[[Enigma machine]]''': An electromechanical rotor cipher machine used extensively by Nazi Germany during [[World War II]]. It implemented a complex [[Polyalphabetic cipher|polyalphabetic cipher]] that changed its substitution alphabet with each keystroke. Decrypting Enigma messages, notably by the codebreakers at [[Bletchley Park]] (like [[Alan Turing]]), was a major intelligence achievement of the war.
| |
| − | | |
| | === Types of Modern Encryption === | | === Types of Modern Encryption === |
| | | | |
| − | Modern [[Cryptography|cryptography]] primarily uses two main types of encryption: | + | Modern cryptography uses two main types of encryption: |
| | | | |
| − | * '''[[Symmetric-key cryptography|Symmetric-key Cryptography]]:''' In this type, the same secret [[Key (cryptography)|key]] is used for both [[Encryption (cryptography)|encryption]] and [[Decryption]]. Both the sender and the receiver must have this shared secret [[Key (cryptography)|key]]. [[Symmetric-key cryptography|Symmetric ciphers]] are generally much faster to compute than [[Asymmetric-key cryptography|asymmetric ciphers]] and are commonly used for encrypting large amounts of [[Data|data]]. Examples include [[Advanced Encryption Standard|AES]] (Advanced Encryption Standard), [[Data Encryption Standard|DES]] (Data Encryption Standard), and [[Triple DES]] (3DES).
| + | '''Symmetric-key Cryptography:''' Uses the same secret key for both encryption and decryption. Both parties must share this key. Symmetric ciphers are faster than asymmetric ones, ideal for large data. Examples: AES, DES, 3DES. |
| − | * '''[[Asymmetric-key cryptography|Asymmetric-key Cryptography]] ([[Public-key cryptography|Public-key Cryptography]]):''' This method uses a pair of mathematically related [[Key (cryptography)|keys]]: a '''[[Public key|public key]]''' and a '''[[Private key|private key]]'''. The [[Public key|public key]] can be freely distributed, while the [[Private key|private key]] must be kept secret by its owner. Data encrypted with the [[Public key|public key]] can only be decrypted with the corresponding [[Private key|private key]], and vice versa. [[Asymmetric-key cryptography|Asymmetric ciphers]] are slower than symmetric ciphers but solve the problem of securely distributing keys in a symmetric system. They are used for secure [[Key exchange]], [[Digital signature|digital signatures]], and encrypting small amounts of data. Examples include [[RSA (cryptography)|RSA]] and [[Elliptic-curve cryptography|ECC]] (Elliptic Curve Cryptography).
| + | '''Asymmetric-key Cryptography (Public-key Cryptography):''' Uses a pair of mathematically linked keys: a '''public key''' and a '''private key'''. The public key is shared, the private key is kept secret. Data encrypted with the public key can only be decrypted by the matching private key. Asymmetric ciphers are slower but enable secure key exchange, digital signatures, and encrypting small data amounts. Examples: RSA, ECC. |
| − | | + | Modern systems often use a hybrid approach: asymmetric encryption secures the key exchange, then symmetric encryption rapidly encrypts the bulk data. |
| − | Often, modern systems use a hybrid approach, using [[Asymmetric-key cryptography|asymmetric encryption]] to securely exchange a secret [[Key (cryptography)|key]], and then using that [[Key (cryptography)|key]] for fast [[Symmetric-key cryptography|symmetric encryption]] of the bulk data.
| |
| | | | |
| | === Modern Usage and Applications === | | === Modern Usage and Applications === |
| | | | |
| − | [[Encryption (cryptography)|Encryption]] is fundamental to modern [[Information security|information security]] and is used in numerous applications:
| + | Encryption is vital for modern information security and is used in many ways: |
| − | | |
| − | * '''Internet Security ([[HTTPS]]):''' Secure communication over the [[Internet]] is largely provided by [[TLS]] ([[Transport Layer Security]], formerly [[Secure Sockets Layer|SSL]]). [[TLS]] uses a combination of [[Asymmetric-key cryptography|asymmetric encryption]] (for key exchange and authentication) and [[Symmetric-key cryptography|symmetric encryption]] (for data transfer) to ensure that data sent between your [[Web browser|browser]] and a website is confidential and has not been tampered with. Websites using [[HTTPS]] (HTTP over TLS) indicate this secure connection.
| |
| − | * '''Email Security:''' Protocols and standards like [[Pretty Good Privacy|PGP]] ([[Pretty Good Privacy]]) and [[S/MIME]] ([[S/MIME]]) use [[Encryption (cryptography)|encryption]] (often a hybrid approach) to provide confidentiality and [[Digital signature|digital signatures]] for email messages.
| |
| − | * '''[[File encryption|File]] and [[Full disk encryption|Disk Encryption]]:''' Encrypting individual files or entire storage devices (hard drives, [[Solid-state drive|SSDs]], [[USB flash drive|USB drives]]) protects data at rest, making it unreadable if the device is lost or stolen. Examples include [[BitLocker]] on [[Microsoft Windows]], FileVault on [[MacOS]], and [[LUKS]] on [[Linux]].
| |
| − | * '''[[Virtual Private Network|Virtual Private Networks (VPNs)]]:''' [[VPN]]s use [[Encryption (cryptography)|encryption]] to create a [[Secure tunnel|secure, encrypted connection]] over a public network (like the [[Internet]]), allowing users to transmit data privately and securely.
| |
| − | * '''Messaging Applications:''' Many modern [[Instant messaging|messaging apps]] (like [[Signal (software)|Signal]], [[Telegram]], [[WhatsApp]]) offer [[End-to-end encryption]], ensuring that messages are encrypted on the sender's device and can only be decrypted by the intended recipient's device.
| |
| − | * '''[[Cryptocurrency|Cryptocurrencies]]:''' [[Encryption (cryptography)|Encryption]] (specifically using [[Asymmetric-key cryptography|asymmetric cryptography]] for creating [[Digital signature|digital signatures]] to authorize transactions) is a core technology underlying [[Cryptocurrency|cryptocurrencies]] like [[Bitcoin]].
| |
| | | | |
| | + | '''Internet Security (HTTPS):''' TLS (Transport Layer Security) encrypts internet traffic (HTTPS) using a mix of asymmetric (for key exchange) and symmetric (for data) encryption to ensure privacy and integrity between your browser and websites. |
| | + | '''Email Security:''' PGP and S/MIME use encryption (often hybrid) for email confidentiality and digital signatures. |
| | + | '''File and Disk Encryption:''' Protects data stored on devices (hard drives, SSDs, USB drives) by making it unreadable if lost or stolen. Examples: BitLocker (Windows), FileVault (MacOS), LUKS (Linux). |
| | + | '''Virtual Private Networks (VPNs):''' VPNs use encryption to create secure, private connections over public networks like the internet. |
| | + | '''Messaging Applications:''' Many apps (Signal, Telegram, WhatsApp) use end-to-end encryption, ensuring messages are private between sender and recipient. |
| | + | '''Cryptocurrencies:''' Encryption, especially asymmetric cryptography for digital signatures, is core to cryptocurrencies like Bitcoin for authorizing transactions. |
| | === Relation to Other Cryptographic Concepts === | | === Relation to Other Cryptographic Concepts === |
| | | | |
| − | [[Encryption (cryptography)|Encryption]] is often discussed alongside other [[Cryptography|cryptographic]] concepts, though they serve different primary purposes:
| + | Encryption is distinct from other cryptographic concepts, though they often work together: |
| − | | |
| − | * '''[[Cryptographic hash function|Hashing]]:''' A [[Cryptographic hash function|hash function]] takes input [[Data|data]] and produces a fixed-size string of [[Byte (unit)|bytes]] (the [[Cryptographic hash function|hash value]] or [[Message digest|digest]]). [[Cryptographic hash function|Hashing]] is a one-way process (you cannot get the original data back from the hash) and is used for [[Data integrity|data integrity]] checks (verifying data hasn't changed) or password storage, **not** for confidentiality.
| |
| − | * '''[[Digital signature|Digital Signatures]]:''' [[Digital signature|Digital signatures]] use [[Asymmetric-key cryptography|asymmetric cryptography]] to verify the authenticity and integrity of a message or document. The sender uses their [[Private key|private key]] to create a signature based on the message content. The recipient uses the sender's [[Public key|public key]] to verify the signature. This proves the message came from the holder of the [[Private key|private key]] and hasn't been altered. [[Digital signature|Digital signatures]] provide authentication and non-repudiation, **not** confidentiality (the message itself might not be encrypted).
| |
| | | | |
| | + | '''Hashing:''' Converts data into a fixed-size string (a hash value). This is a one-way process used for data integrity checks (e.g., verifying no changes) or password storage, but not for keeping data secret. |
| | + | '''Digital Signatures:''' Use asymmetric cryptography to prove a message's authenticity and integrity. The sender signs with their private key; the recipient verifies with the sender's public key. This confirms the sender and that the message hasn't changed, but it doesn't keep the message content secret. |
| | === Cryptanalysis === | | === Cryptanalysis === |
| | | | |
| − | '''[[Cryptanalysis]]''' is the study of methods for obtaining the meaning of encrypted information without access to the secret [[Key (cryptography)|key]]. This involves studying the [[Ciphertext]] and, if possible, related information to deduce the original [[Plaintext]] or the [[Key (cryptography)|key]]. The strength of an [[Encryption (cryptography)|encryption]] method is measured by how difficult it is to break through [[Cryptanalysis]]. A strong [[Cipher]] should be resistant to known cryptanalytic attacks, and ideally, breaking it should be computationally infeasible within a reasonable timeframe using current or foreseeable technology. | + | '''Cryptanalysis''' is the study of how to break encryption without the key. It involves analyzing ciphertext and related data to find the original message or the key. The strength of an encryption method is judged by how hard it is to break. A strong cipher resists known attacks and is computationally infeasible to crack. |
| | | | |
| | === See Also === | | === See Also === |
| | | | |
| − | * [[Cryptography]] | + | *[[Cryptography]] |
| − | * [[Decryption]] | + | *[[Decryption]] |
| − | * [[Plaintext]]
| |
| − | * [[Ciphertext]]
| |
| − | * [[Key (cryptography)]]
| |
| − | * [[Cipher]]
| |
| − | * [[Symmetric-key cryptography]]
| |
| − | * [[Asymmetric-key cryptography]]
| |
| − | * [[Public-key cryptography]]
| |
| − | * [[Private key]]
| |
| − | * [[Cryptographic hash function]]
| |
| − | * [[Digital signature]]
| |
| − | * [[Transport Layer Security|TLS]]
| |
| − | * [[Pretty Good Privacy|PGP]]
| |
| − | * [[File encryption]]
| |
| − | * [[Full disk encryption]]
| |
| − | * [[Virtual Private Network]]
| |
| − | * [[Caesar cipher]]
| |
| − | * [[Vigenère cipher]]
| |
| − | * [[Enigma machine]]
| |
| − | * [[Information security]]
| |
| − | * [[Confidentiality]]
| |
| − | | |
| − | === References ===
| |
| | | | |
| − | * {{cite book |last=Schneier |first=Bruce |title=Applied Cryptography: Protocols, Algorithms, and Source Code in C |publisher=Wiley |year=1996 |edition=2nd |isbn=978-0471117094}} - A widely referenced book on practical cryptography.
| |
| − | * {{cite book |last=Stallings |first=William |title=Cryptography and Network Security: Principles and Practice |publisher=Pearson |year=2017 |edition=7th |isbn=978-0134444284}} - A standard textbook covering cryptography concepts.
| |
| − | * [https://www.khanacademy.org/computing/computer-science/cryptography Khan Academy - Cryptography] - Provides accessible introductory explanations of cryptographic concepts.
| |
| − | * [https://www.cryptomuseum.com/ Crypto Museum] - Contains information and examples of historical encryption machines like the Enigma.
| |
| − | * [https://www.eff.org/issues/privacy/encryption Electronic Frontier Foundation - Encryption] - Discusses the importance and use of encryption from a digital rights perspective.
| |
| | | | |
| | [[Category:Cryptography]] | | [[Category:Cryptography]] |
| − | [[Category:Data security]]
| |
| − | [[Category:Confidentiality]]
| |
| − | [[Category:Information security]]
| |
| − | [[Category:Computer security]]
| |
| − | [[Category:Algorithms]]
| |
| − | [[Category:Data management]]
| |
Encryption (cryptography)
Encryption is the process of scrambling data or information so that only authorized people can understand it. It converts readable data (plaintext) into an unreadable format (ciphertext) using an algorithm (cipher) and a secret value called a key.
Its main purpose is to ensure confidentiality, keeping data secret during storage or transfer. The opposite process, turning ciphertext back into readable plaintext with the correct key, is called decryption. Encryption is vital for information and computer security, protecting sensitive data everywhere.
Basic Process
Encryption involves these core steps:
1. Plaintext: The original, readable data.
2. Cipher (Algorithm): The set of rules or mathematical function that performs the encryption.
3. Key: A secret value the cipher uses to scramble the plaintext. Encryption security depends on the key's secrecy and the cipher's strength.
4. Encryption: Applying the cipher and key to plaintext to create ciphertext.
5. Ciphertext: The resulting unreadable, encrypted data.
6. Decryption: Reversing the process to get the original plaintext back from the ciphertext using the correct key.
Historical Overview
Concealing messages dates back thousands of years, long before computers and modern cryptography. Early methods included steganography (hiding the message itself) or simple substitution and transposition.
Ancient Methods: The Caesar cipher, used by Julius Caesar, shifted letters by a fixed number. Simple substitution ciphers were easily broken by frequency analysis.
Polyalphabetic Ciphers: Ciphers like the Vigenère used multiple alphabets with a keyword, making them much harder to break than simpler ones.
Mechanical Era: The 20th century brought machines like the Enigma, used in World War II. They created complex, changing substitutions that were very hard to manually break. Decrypting Enigma was a major wartime intelligence effort.
Digital Era: Digital computers revolutionized cryptography, enabling fast, complex algorithms. This led to modern block and stream ciphers like DES and AES, and the invention of public-key cryptography.
Interesting Historical Examples
Caesar cipher: A simple substitution cipher where each letter is shifted. Easily broken. (Example: 'A' to 'D', 'HELLO' to 'KHOOR' with a shift of 3.)
Vigenère cipher: Used multiple Caesar ciphers based on a keyword. Once thought unbreakable, but methods to break it were developed.
Enigma machine: A complex mechanical cipher used by Nazi Germany in WWII. It changed its substitution with each keystroke. Breaking Enigma (e.g., at Bletchley Park by Alan Turing) was a major intelligence achievement.
Types of Modern Encryption
Modern cryptography uses two main types of encryption:
Symmetric-key Cryptography: Uses the same secret key for both encryption and decryption. Both parties must share this key. Symmetric ciphers are faster than asymmetric ones, ideal for large data. Examples: AES, DES, 3DES.
Asymmetric-key Cryptography (Public-key Cryptography): Uses a pair of mathematically linked keys: a public key and a private key. The public key is shared, the private key is kept secret. Data encrypted with the public key can only be decrypted by the matching private key. Asymmetric ciphers are slower but enable secure key exchange, digital signatures, and encrypting small data amounts. Examples: RSA, ECC.
Modern systems often use a hybrid approach: asymmetric encryption secures the key exchange, then symmetric encryption rapidly encrypts the bulk data.
Modern Usage and Applications
Encryption is vital for modern information security and is used in many ways:
Internet Security (HTTPS): TLS (Transport Layer Security) encrypts internet traffic (HTTPS) using a mix of asymmetric (for key exchange) and symmetric (for data) encryption to ensure privacy and integrity between your browser and websites.
Email Security: PGP and S/MIME use encryption (often hybrid) for email confidentiality and digital signatures.
File and Disk Encryption: Protects data stored on devices (hard drives, SSDs, USB drives) by making it unreadable if lost or stolen. Examples: BitLocker (Windows), FileVault (MacOS), LUKS (Linux).
Virtual Private Networks (VPNs): VPNs use encryption to create secure, private connections over public networks like the internet.
Messaging Applications: Many apps (Signal, Telegram, WhatsApp) use end-to-end encryption, ensuring messages are private between sender and recipient.
Cryptocurrencies: Encryption, especially asymmetric cryptography for digital signatures, is core to cryptocurrencies like Bitcoin for authorizing transactions.
Relation to Other Cryptographic Concepts
Encryption is distinct from other cryptographic concepts, though they often work together:
Hashing: Converts data into a fixed-size string (a hash value). This is a one-way process used for data integrity checks (e.g., verifying no changes) or password storage, but not for keeping data secret.
Digital Signatures: Use asymmetric cryptography to prove a message's authenticity and integrity. The sender signs with their private key; the recipient verifies with the sender's public key. This confirms the sender and that the message hasn't changed, but it doesn't keep the message content secret.
Cryptanalysis
Cryptanalysis is the study of how to break encryption without the key. It involves analyzing ciphertext and related data to find the original message or the key. The strength of an encryption method is judged by how hard it is to break. A strong cipher resists known attacks and is computationally infeasible to crack.
See Also
