LIVE VIRTUAL TRAINING for CRYPTO & BLOCKCHAIN
• Taught by LIVE CRYPTO EXPERTS | • Secure VIRTUAL CLASSROOMS
• Choose Tools: Free & Open Source + MODSIM

Crypto FAQ: What is cryptography? What is encryption?

This Cryptocurrency FAQ consists of Frequently Asked Questions related to cryptography ("crypto") and encryption technologies and their practical applications.

For a general overview of cryptography and the practical application of encryption techniques to cryptocurrencies, see the following FAQs:

Please contact us regarding any additions or corrections to be made to this page.

LIVE VIRTUAL TRAINING for CYBER ARCHITECTURE
• Taught by LIVE CYBER EXPERTS | • Secure VIRTUAL CLASSROOMS
• Choose Tool: CAMEO, MAGICDRAW, SPARX EA...

What is cryptography and how does it work?

Alt. Phrasing: What is cryptology?; What is a encryption/decryption?

Defn: cryptography
[noun]
Cryptography is the study and practice of secure communication techniques that allow only the sender of a message to code (cipher, or encrypt) a message so that only the intended receiver of the message can decode (decipher, or decrypt) and view its semantic contents. Cryptographic techniques assume the presence of adversarial third parties who seek to intercept and decrypt (decode or decipher) the secure encrypted (coded or ciphered) messages for nefarious purposes. In general practice, cryptography is concerned about designing and analyzing secure communication protocols that thwart adversaries from intercepting and decrypting messages.

Cryptographic techniques tend to be multi-disciplinary, as they encompasses various branches of mathematics (algebra, probability, statistics, game theory), computer science (algorithms, complexity theory), electrical engineering (hardware design, FPGA, ASICs), digital signal processing (DSP), physics, and others.

Common applications of cryptography include computer passwords, ATM cards, smart credit cards, cryptocurrencies, electronic commerce transactions, and military communications.

Usage Semantics: The term cryptography is sometimes conflated with the term cryptology, where the former is the practical application of secure communication techniques, whereas the latter is the formal study of these techniques.

Strong cryptography refers to cryptographic techniques based on industry-tested standard algorithms that use robust encryption key lengths. At the time of this writing, examples of industry-tested standards algorithms for minimum encryption strength include AES (128 bits and higher), TDES (minimum triple-length keys), RSA (2048 bits and higher), ECC (160 bits and higher), and ElGamal (2048 bits and higher).

Compare: cryptology
Contrast: plaintext (cleartext)
References:
* Understanding Cryptography: A Textbook for Students and Practitioners, C. Paar et al., 2010.

What is cryptocurrency and how is it used?

Defn: cryptocurrency
[portmanteau: noun "crypto(graphy)" + noun "currency"]

Cryptocurrency is a decentralized form of digital currency that uses strong cryptography techniques (e.g., blockchains with cryptographic hash functions) and distributed peer-to-peer networks to securely regulate currency generation and fund transfers independent of central banks.

For a more comprehensive explanation of cryptocurrency, see the source FAQ: What is cryptocurrency and how does it work? on fhe CryptoCurrencyWorks.com web.

What is the relation between cryptocurrency and cryptography?

Since cryptocurrencies are typically implemented via blockchains that use strong authentication and encryption techniques, cryptography is a key enabling technology for cryptocurrencies.

For a general overview of cryptography and the practical application of encryption techniques to cryptocurrencies, see the following FAQs:

What is encryption?

Encryption is the process of encoding of messages or other information, referred to as plaintext, into ciphertext, in a manner so that only the encoder or other authorized parties can convert the ciphertext back to plaintext. Stated otherwise, ciphertext is encoded (i.e., encrypted), whereas plaintext is decoded (i.e., decrypted). Although encryption does not inherently prevent message interception or information access, in effect it denies content to interceptors who may be adversarial in nature.

Decryption is the inverse process of encryption, in which encoded messages, referred to as ciphertext, are decoded into plaintext, so that their original unencrypted content may be read.

What is a cryptographic key?

A cryptography key is an input parameter to a cryptographic algorithm or cipher function, which uniquely encodes plaintext (messages or other information) into ciphertext during encryption, and vice versa during decryption. (See the What is encryption? What is decryption? FAQ).

To explicate further, consider the following pseudocode for the complementary cryptographic algorithm functions encode and decode with parameters plaintext, cryptokey, and ciphertext:

encode (plaintext: String; cryptokey: String): ciphertext: String
decode (ciphertext: String; cryptokey: String): plaintext: String

The input and output parameters for encode and decode functions are described below:

plaintext: the unencrypted message or other information which is an input parameter to the encode function, and is a return parameter for the decode function.
cryptokey: the cryptographic key used by both the encode and decode functions to encrypt and decrypt the plaintext and ciphertext parameters respectively. Note that the cryptokey need not be identical for both encryption and decryption.
ciphertext: the encrypted message or other information which is a return parameter for the encode function, and is an input parameter for the decode function.

Note that the cryptographic keys used for for encryption and decryption needn’t be symmetrical (i.e., identical). Indeed, for public-key encryption systems the cryptographic keys are asymmetrical. See the What is public-key encryption? FAQ for details.

In addition to encryption and decryption algorithms, cryptographic keys can be used for other cryptographic algorithms, such as digital signature schemes and message authentication codes.

What is asymmetric (public-key) encryption?

Alternative FAQ Phrasings: What is asymmetric encryption? | What is public-key encryption?

Public-key encryption is an asymmetrical cryptographic system which uses a pair of mathematically related cryptographic keys:

public key: As its name implies, the public cryptographic key is widely known. Public keys are typically made available via a public directory or repository.
private key: As its name implies, the private cryptographic key is confidential, and is closely held by the message recipient or information concealor.

The cryptographic key pair is mathematically related in the sense that whatever is encrypted via a public key can only be decrypted via a private key, and vice versa. For example, if Alice wants to send a confidential message to Bob, and wants to ensure that only Bob can read it, Alice can encrypt the message with Bob's public key. Only Bob, or someone with access to his corresponding private key, will be capable of decrypting the encrypted message back into its original unencrypted form. Even if someone intercepts Bob's encrypted message druing transmission, its contents will remain confidential if the interceptor lacks access to Bob's private key, which is essential for decryption.

To explicate further, consider the following pseudocode for the complementary cryptographic algorithm functions encode and decode with parameters plaintext, ciphertext, publickey, and privatekey, where the last two parameters represent a complementary public-private cryptographic key pair:

encode (plaintext: String; publickey: String): ciphertext: String
decode (ciphertext: String; privatekey: String): plaintext: String

The input and output parameters for encode and decode functions are described below:

plaintext: the unencrypted message or other information which is an input parameter to the encode function, and is a return parameter for the decode function;
ciphertext: the encrypted message or other information which is a return parameter for the encode function, and is an input parameter for the decode function.
publickey: the public cryptographic key used by encode as an input parameter to encrypt the plaintext input parameter.
privatekey: the private cryptographic key used by decode as an input parameter to decrypt the ciphertext input parameters.

What is Multi-Factor Authentication (MFA)?

Multi-Factor Authentication (MFA) is information security technology that requires multiple methods of confirmation from independent categories of credentials in order to verify a user's identity for a login or other secure transaction. Multi-Factor Authentication combines two or more independent credentials: what the user knows (e.g., password); what the user possesses (a mobile phone or email account); and what the user is (e.g., biometric verification of fingerprints)

In the context of security in general, and cybersecurity in particular, authentication is the act of confirming of the truth of an attribute of a single piece of data (a datum) claimed true by an entity. There are several levels of security authentication:

Single-Factor Authentication (SFA), where you need to provide at least one kind of credential, typically something that you know (see below), to authenticate;
Two-Factor Authentication (2FA), where you need to provide two out of three kinds of credentials to authenticate.
Three-Factor Authentication (3FA), where you need to provide three out of three kinds of credentials to authenticate.

The three kinds of credentials used to authenticate are listed below:

Something that you know, such as a password, a Personal Identification Number (PIN), or a geometric pattern.
Something that you have, such as an ATM card, credit card, mobile phone, or fob.
Something that you are, such as a biometric id (e.g., fingerprint, voiceprint, iris scan).

What is End-to-End Encryption (E2EE)?

End-to-End Encryption (E2EE) is a term used to describe a communication system where the only the sender (the origin end) and the recipient (the destination end) of a message, and no intermediaries, can read the subject message, which is rigorously encrypted throughout its transit from the origin end to the destination end. When end-to-end encryption is properly implemented, only the sender and the recipient of the message possess the cryptographic keys needed to decrypt the message—even the intermediate message service has zero knowledge of the cryptographic keys required.

What is a Zero-Knowledge Proof (ZKP)?

In the context of distributed computer systems, popularly referred to as Cloud-based computing environments, zero knowledge privacy refers to client-server relationships where a server or service is incapable of viewing a client’s “plain-text data” (i.e., unencrypted data) even in those circumstances where the server persistently stores an encrypted version of the the client’s plain-text data.

Theory vs. Practice: The theoretical basis for the soundness of zero-based privacy algorithms is based on rigorous cryptographic methods for zero-knowledge proofs. The practical applications for zero-based privacy algorithms include secure file synchronization and sharing and secure email systems. In the case of secure file synchronization and sharing systems, the client’s seeks to securely store plain-text data on a server so that the data can be shared and data updates synchronized across multiple distributed devices (e.g., desktop, notebook, tablet, smart phone). As long as the client encrypts its plain-text data before it uploads via a secure communication protocol (e.g., IPS/TLS) it relative straightforward to implement zero-knowledge privacy between the data server. (Note: that even though many file synchronization and sharing vendors claim “end-to-end encryption” of data they fall short of zero-knowledge privacy because they don’t ensure that client data is encrypted before it is uploaded to their servers.)

Note that the difficulty of implementing zero-knowledge privacy is significantly increased when the client seeks to securely share data with a third party. Although it is relatively well understood how to resolve this problem using recursive design techniques, a further discussion of theoretical and practical solutions to the third-party sharing problem is outside the scope of this FAQ. (Contact us if you seek further information about this advanced topic.)

A secure file server is incapable of viewing plaintext data; therefore, the data may never be compromised through mismanagement, prying eyes, or external bodies looking to gain access. See Zero-Knowledge Proof Standard.

What is cryptoeconomics and how is it used?

Cryptoeconomics is a cross-disciplinary approach to the study of digital economies and decentralized finance (DeFi) applications. In addition to traditional economic concepts and principles (production, distribution, and consumption of goods and services), cryptoeconomics synergistically integrates concepts and principles from cryptography, computer science, and mathematical game theory disciplines.
— [Source: FAQ: What is cryptoeconomics and how does it work?]

For a more comprehensive explanation of cryptoeconomics see the source FAQ: What is cryptoeconomics and how does it work? on fhe CryptoEconWorks.com web.

What is the best way to learn more about cryptography and encryption?

The best way to learn cryptography and encryption, as well as other advanced technologies, is to combine the best of theory (principles and) with hands-on best practices. If you don't have ready access to a cryptography + encryption guru, check out the Cryptography + Encryption Training page.

How can readers submit new questions for this FAQ?

Please contact us to submit new questions for this Cryptography + Encryption FAQ.

CRYPTOGRAPHY WORKS and Cryptographyworks.com are trademarks of PivotPoint Technology Corporation. All other product and service names mentioned are the trademarks of their respective companies.