Skip to content
Exterro for Law Enforcement
Get a Demo

Digital Forensics

An Introduction to Cryptography

July 14, 2021

The Fundamentals

Cryptography dates all the way back to the times of Julius Caesar. In its simplest terms, the science of Cryptography is merely the scrambling and the descrambling of written messages between two individual parties.

These individual parties can also be referred to as the sender and the receiver. The former creates the text and scrambles it into an undecipherable state, and in turn, the latter receives the text and unscrambles into a decipherable format.

A very simple example is “I LOVE YOU.” The sending party would scramble this message by rearranging the letters as “UYO I VEOL.” This message would then stay in this scrambled format while it is in transit, until it is received by the receiving party.

They would then descramble it, so it would read once again “I LOVE YOU.” So, if this message were to have been captured by a malicious third party, the content would be rendered as useless and totally undecipherable.

This is what the essence of Cryptography is all about.

Specifically, it can be defined as “. . . creating written or generated codes that allow information to be kept secret. Cryptography converts data into a format that is unreadable for an unauthorized user, allowing it to be transmitted without unauthorized entities decoding it back into a readable format, thus compromising the data.”1

Scrambling and descrambling are also known as “encryption” and “decryption,” respectively. So, for instance, the written message “I LOVE YOU,” when it is scrambled by the sending party, becomes what is known as the “encrypted message” (this is the encryption step). This simply means that it has been disguised in such a manner that it would be totally meaningless to an unauthorized recipient.

When the receiving party receives this encrypted message, it must be descrambled into an understandable and comprehensible context. This process of descrambling is also known as “decryption.” There are specific terms that are used for the encrypted message as well as the decrypted message.

The decrypted message, when it is returned back into its plain or original state of context, is also known as the “cleartext” or the “plaintext.” When the decrypted message is once again encrypted back into a garbled and undecipherable state, this is known as the “ciphertext.”

To illustrate all of this with the previous example, “I LOVE YOU” is the plaintext or the cleartext, and “UYO I VEOL” is the ciphertext.

The Digital Keys

At this point, you are probably asking “How does this all actually work?” It happens through the use of a mechanism known as the “key.” In a way, this is actually very similar to that of a traditional key—you use it lock your door when you leave and unlock it when you return home.

But in the world of Cryptography, this kind of key is known as a “Digital Key.”

It is actually based upon a mathematical value and is stored on the computers of both the sender and the receiver. So, if Party A (the sending party) wishes to compose and send a message to Party B (the receiving party), they would write the message, and then paste that in the body of the email.

Before sending it off, Party A would then hit the “Encrypt” key in their email package, and from there, the message would be decomposed into its garbled state. Once Party B receives this particular message, they would then descramble it into a readable and decipherable format by using the “Decrypt” function in their email package. Today, most email systems actually automate this entire process.

In the example just illustrated, the Digital Key that is being used is technically known as the “Private Key.” In this case, both Party A and Party B are using the exact same kind of key to both scramble and descramble the message.

While this does provide an extra layer of security, there is one inherent flaw with it. That is, if either Party A or Party B accidentally reveals the secrecy of this key to an outside entity, the value of using it is totally eradicated. This kind of key is used in what is known as a “Symmetric Cryptography” system, because the same Private Key is being used.

In order to alleviate this issue, a newer system was created in which a combination, or a pair of keys, is used. In this case, the new key is called the “Public Key” and is used in conjunction with the Private Key. So, when Party A wishes to scramble the content of their email message to Party B, they use the Public Key.

The Public Key is also digitally based and is created by using a very complex mathematical algorithm. It is important to note that there is actually nothing really secret about the Public Key. Anybody who wishes to can use the same one, and there are no limits as to how many times it can be used.

Now when Party B gets the garbled email message, they follow the same process once again in order to render it back into a readable state. They still use the Private Key, but the difference this time is that only they know about it, not anybody else, not even Party A.

The Public Key/Private Key combination offers a second layer of security and is commonly referred to as “Asymmetric Cryptography.”

Conclusions

This article has examined some of the fundamentals of Cryptography. Of course, it can be a lot more complex than this, especially when it comes to the specific algorithms that are used for both the encryption and decryption processes. A future article will examine some of the more widely used algorithms in further detail.

Sources

Sign Up for Alerts

Get notified when new content for specific topics is available.

Sign Up