Or how your credit card information is kept private when making online purchases?The answer is cryptography.
The vast majority of internet sites now use some form of cryptography to ensure the privacy of its users.
Even information such as emails from your Gmail account are encrypted as they float around in Google’s data centers.
What is Cryptography?Cryptography is the science of transmitting information securely against potential third party adversaries.
For example, think about “The Imitation Game.
” For those who have seen the movie, you know that it is a story about how Alan Turing creates the first computer to decrypt the German Enigma machine — a machine that encoded all German communications, so that the Nazis could safely transmit messages by radio.
Though these messages were easily intercepted by the Allies, the messages could not be understood because they were all encoded, or encrypted, with some foreign key which changed daily.
Cover of “The Imitation Game”Encryption AlgorithmsSymmetric Key Encryption — In symmetric key algorithms, there is one common key, used to lock and unlock the encryption “box.
” Both the sender and the receiver have the same key.
Symmetric key algorithms are very fast because keys do not need to be very long; however, there exists the problem of sharing the common key in the first place as it could be intercepted and then the entire system is compromised.
Asymmetric Key Encryption — In asymmetric key algorithms, only the receiver holds the key.
The receiver can publicly send out a lock (or method of locking our hypothetical box), for which only the receiver holds the key.
The lock is called the public key, and the key is called the private key.
Note: There is only one public key for each private key.
Asymmetric Key Encryption: How does it work?*First, the receiver generates 2 public keys n and e, and one private key d by:Choosing 2 large prime numbers p & q, such that n = p*q.
Choosing another prime number e, such that 3<e<n-1.
Calculating d such that d*e-1 = k(p-1)(q-1).
Next, you’re ready to encrypt:Next transform the plaintext that you want to send into a number m, using the ASCII numerical representation or other method.
Encrypt the number m, by finding ciphertext c= m^e mod n.
Send n, e, and c to the receiver.
If this was hard to follow, please see the example code on my Github, which walks you through each step of the process, using a package in R called ‘openssl’.
Excerpt seen below:R code on Github to practice encrypting & decrypting messagesSignaturesAnother important aspect of encryption is the ability to sign a message.
It allows you to verify senders and avoid sending sensitive information to the wrong users and/or public keys.
How to Sign a MessageCreate a signature M, such that S = M^d mod n, and send S along with your message.
Remember that d is your private key.
How to Verify a SignatureThe receiver can quickly establish that the signature is valid if M= S^e mod n.
R code on Github to sign & verify a messageHashingYou’ll notice in the sample code above, I used a function sha256() for a variable m_hash.
Hashing is a one-way cryptographic function that allows you to irreversibly transform information into a string of letters and numbers called a hash.
Hashing is different from encryption because a hash is meant to be impossible to decrypt, though many have tried, and some have succeeded.
When you hear about a password or other security breach, it is usually referring to a cryptographic hack in which hackers have been able to match hashes back to the original text.
How it works:There are various hashing algorithms (MD, SHA1, SHA2, & SHA3), but we will focus on the SHA256 algorithm as it is most common today.
The SHA256 algorithm first converts text into a string of 256 bits (hence the name) of 0 and 1.
An example would be:1110001010111000101011100010101110001010111000101011100010101110001010111000101011100010101110001010111000101011100010101110001010111000101011100010101110001010111000101011100010101110001010111000101011100010101110001010111000101011100010101110001010000101Since these binary hashes are extremely long to display, they are then converted hexadecimal format (a 64 character combination of values 0–9 & a-f), with each section of 4 bits representing on character.
An example of the hexadecimal representation is:a235810cd87df030d78e890d90c187cc04a09ad09b289b91bbae9d890f987ePasswordsA major use of hashing is in password verification.
It would be extremely unsafe for your bank to keep a database of passwords, so it maintains a database of hashes, that correspond to your actual password.
When log in to your bank online, the system hashes your password, and then checks it against the hash that it has on file for you.
This system works because hashing algorithms will always produce the same hash for the same password—hashes are not a random combination of characters.
Hashing is also the reason that it is important to have complex and unique passwords, because if I compute the hash for “password123”, and I match it up to the hash that corresponds to you, then I know your password is “password123,” and I can easily hack your bank account online.
Bonus Content!Rainbow tablesRainbow tables are databases of hashes to common passwords.
Take ATM pin codes for example.
There are 10,000 combinations of 4-digit ATM pin codes using digits 0–9.
A rainbow table would provide the hash for each of the 10,000 codes, and a hacker could use this list of hashes to map the hash back to your code, thus decoding your pin number from its hash.
How can I sleep at night?Relax!.Banks and most other organizations understand that hackers want to obtain sensitive information, so they typically provide an extra layer of security through something called a “salt.
”Salts are extra strings of characters added to a password (or other information) to make it more unique, longer, and more difficult to hack.
Instead of having a pin = “0000,” adding a salt would change your pin to something like “0000B_of_A_salt,” which would have an entirely different hash.
Organizations can creatively use salts to make hacking extremely difficult.
In order to use a rainbow table to crack such an algorithm, you would need a rainbow table for each possible salt, adding tremendously to the number of possible combinations of pin numbers.
BlockchainCryptography enables blockchain to verify senders in a network through signatures, as well as ensure that past transactions and records, known as “blocks,” cannot be changed.
Blockchain also utilizes hashing algorithms to assign a unique hash to each block, allowing you to distinguish between blocks.
ConclusionNow that you know all about hashing and encryption, take a look at this short video about how Alan Turing was able to successfully “hack” the German Enigma machine, and watch the movie if you haven’t already!*Note: For the purposes of this article, I have focused on an asymmetric encryption algorithm called RSA (Rivest, Shamir, and Adleman) Encryption.