Family Encyclopedia >> Electronics

How common online crypto techniques work

Without modern cryptographic techniques, the Internet as we know it would not exist. Secure communications enable virtually all online interactions. Encryption algorithms enable secure data exchange and reliable identity verification. Without these common cryptographic tools, our modern connected society could not function as it does today.

ContentsSymmetric Key Encryption AlgorithmsAsymmetric Key (Public Key) Encryption AlgorithmsSecurity in (Big) NumbersHash FunctionsSalted HashesConclusion

Symmetric-key encryption algorithms

How common online crypto techniques work

Asymmetric or public key encryption uses a pair of cryptographic keys. These keys are related to each other mathematically. The widely shared public key encrypts the message. The private key decrypts the message. Therefore, any sender can encrypt a message with a recipient's public key. Then they can be sure that only the intended recipient can decrypt the message because the parties share no secrets; they don't need trust.

As a practical example, consider this analogy. What if Alice wants to communicate securely with Bob, but she doesn't trust him?

  1. Alice buys a padlock and a combination of keys. She unlocks the padlock with her key and sends the unlocked padlock to Bob.
  2. Bob places his message in a box and uses Alice's padlock to lock it.
  3. Bob returns the locked box to Alice, secured with Alice's padlock.
  4. Alice opens the box with the key to the padlock, which only she has.

To facilitate communication, Alice can duplicate the unlocked padlock and publish it widely. Anyone with the padlock can send secure communications to it. With a sufficiently complex lock, an attacker cannot derive the key from the lock alone.

Security in (big) figures

To stay secure, these algorithms rely on complex padlock/mathematical problems with no known effective solution. These unsolvable problems define one-way functions:easy to compute in one direction but extremely difficult to compute backwards. RSA, a commonly used public-key algorithm, relies on the difficulty of finding prime factors of integers with hundreds of decimal digits.

To begin with, an RSA user generates two very large prime numbers. These numbers are then multiplied together to create the product. The user keeps the prime factors that make up the private key a secret. The user posts a public key derived from the master pair product. The public key encrypts messages; the private key decrypts them.

Without knowing the prime factors, finding the prime factors of the product would take infeasible time. RSA-1024, the minimum standard, uses 1024-bit binary products made from 512-bit binary primes. According to the math, it would take 5.95 × 10^211 years to factor without the key. For perspective, the universe only existed for a relatively short period of 13.75 x 10^19 years.

Hash functions

How common online crypto techniques work

A hash function translates an arbitrary length message into a fixed length string called a hash or digest. Cryptographic hashes are deterministic:the same input always produces the same output. Even minor changes to the message will result in a drastically different hash. Finding two unique messages that produce the same hash value, called a hash collision, should be impossible.

Both digital signatures and password authentication use hash functions like SHA. Rather than authenticating your plain text password, login servers use the hash of the password. The server compares this hash to the hash stored on the server. Same hash, same password.

Salted mince

How common online crypto techniques work

For storing passwords, companies usually add a "salt" before the hash. This randomly generated string is concatenated with the password text before hashing, ensuring that even two identical passwords produce distinct hashes. This also protects against a dictionary attack on a stolen table of hashed passwords.

Conclusion

Until the 1970s, encryption was based on symmetric keys. Only after proof of public key encryption could two different keys – one for encryption, the other for decryption – be used to communicate. This revolutionary change, which allows communication without trust, is what allows the Internet to exist in the form it takes today. Everything from banking and shopping to messaging and web browsing depends on it.