Created by Turbolearn AI
Understanding Cryptography
Cryptography is a method of converting text into abstract codes known as
ciphertexts. It's used to hide sensitive data, preventing unauthorized users from
accessing and stealing information. Most websites and applications use cryptography
to protect data transmission over the internet.
How Cryptography Works
Cryptography uses a cryptographic key, which is a string or sequence of text, to
scramble and encode readable data into an unreadable ciphertext.
Here’s how the transmission of information works on the internet:
1. The sender uses a key to encode the data.
2. The receiver uses the key to decode the data.
The strength of a cryptographic system depends on the length of the key, measured
in bits. The possible combinations for a key are generated by the number of its size
(in bits) to the power of two. For example, a one-bit key has two possible
combinations: 1 or 0.
Shorter keys have fewer combinations and are less secure, while longer keys are
more secure but algorithms also play a vital role in security.
Page 1
� Created by Turbolearn AI
The infographic above illustrates the difference between HTTP and HTTPS protocols.
HTTPS is the secure version of HTTP, achieved through SSL/TLS encryption.
Key Management Best Practices
To prevent unauthorized use of keys, implement these practices:
Key Lifecycle Management: Update keys periodically and delete unused ones.
Protected Storage: Securely store keys, using a Hardware Security Module
(HSM) for enhanced security.
Usage and Access Restrictions: Limit access and usage permissions to
authorized users and specific purposes.
Audit Log Monitoring: Record all key creation, modification, and usage
activities in an audit log.
Importance of Cryptography
Cryptography is essential for enhancing data security on the internet. It protects
sensitive information, verifies data origin, prevents unauthorized modifications, and
increases user privacy. Cryptography is crucial because unencrypted data can be
viewed when transmitted over a network.
For website owners, cryptography ensures compliance with digital data protection
laws, such as the General Data Protection Law (LGPD). Installing an SSL certificate
on your site is the easiest way to comply with data protection rules on the internet.
Types of Cryptography
There are two main types of data encryption: symmetric and asymmetric, based on
the number of cryptographic keys used.
Symmetric Encryption
In symmetric encryption, the sender and receiver use an identical symmetric key to
encode and decode the transmitted data.
Page 2
� Created by Turbolearn AI
Step Description
1. Key Sharing Both sender and receiver possess the same cryptographic key.
Using the symmetric key, the sender encrypts the data, converting
2. Encryption
textual information into an unreadable ciphertext.
3. Data
The encrypted data is sent over the internet.
Transmission
The recipient receives the encrypted data and decodes it with the
4. Decryption same symmetric key used earlier, revealing the transmitted
information.
Symmetric encryption is faster but less secure than asymmetric encryption. It is
suitable when speed is prioritized over security, often used to protect stationary data
like employee contracts stored in a cloud platform.
Asymmetric Encryption
Also known as public key cryptography, asymmetric encryption uses two different
but mathematically related keys: a public key and a private key.
Step Description
1. Key Generation Both sender and receiver generate their asymmetric key pairs.
2. Public Key
Each party sends their public key to the other.
Exchange
The sender encrypts the data using the recipient's public key and
3. Encryption
sends it.
4. Decryption The recipient decrypts the data using their private key.
5. Repetition (if If the recipient needs to send data back, they encrypt it using the
needed) original sender's public key, and the process repeats.
The public key encrypts data and is available to everyone. Only the
corresponding private key can decrypt data encrypted by the public key.
The private key is generated and used only by authorized users.
Page 3
� Created by Turbolearn AI
Some technologies use a hybrid approach, combining symmetric and asymmetric
encryption. TLS (Transport Layer Security) certificates are an example, using
asymmetric encryption to protect the symmetric key. This provides an extra layer of
security but is slower. Public key cryptography is commonly used to protect sensitive
information exchanges, such as email messages.
Encryption Algorithms
An encryption algorithm is a mathematical formula that systematically converts data
into ciphertexts and allows the encrypted data to be reverted into readable text.
Different algorithms can be used with symmetric and asymmetric encryption.
DES (Data Encryption Standard)
One of the earliest cryptographic algorithms, developed at IBM. It's a symmetric key
algorithm and was the U.S. federal standard for data encryption until 1999.
Key Size: 56 bits
Status: Obsolete due to security concerns
Typical Use: Protecting electronic financial transactions
3DES (Triple Data Encryption Standard)
A successor to DES, designed to address the small key size (56 bits) issue.
Type: Symmetric
Key Size: 64 bits
Process: Applies the DES algorithm three times to each data block.
AES (Advanced Encryption Standard)
A more recent symmetric algorithm that replaced DES as the U.S. national
cryptographic standard.
Advantage: Larger key sizes (up to 256 bits) and faster mathematical efficiency.
Common Uses: Securing Wi-Fi networks, protecting information on data
storage platforms, and mobile applications.
Page 4
� Created by Turbolearn AI
RSA (Rivest-Shamir-Adleman)
One of the first asymmetric cryptographic algorithms, offering a high level of security.
Method: Uses the mathematical method of Primary Factorization to generate a
long sequence of numbers from smaller combinations.
Key Sizes: Supports asymmetric keys up to 4096 bits.
Common Uses: Protecting web applications, email messages, and
cryptocurrency blockchains.
Twofish
A symmetric encryption algorithm supporting key lengths up to 256 bits.
Flexibility: Suitable for a wide range of applications, especially those with
limited storage and RAM.
Key Features: Allows performance to be balanced based on parameters like
encryption speed and hardware capabilities.
Applications:
PGP (Pretty Good Privacy): Email encryption program.
KeePass: Password manager for storage and encryption.
TrueCrypt: Disk encryption software for freeware programs.
PeaZip: File archiver and extractor.
RC4 (Rivest Cipher)
A symmetric encryption algorithm that uses a stream cipher system, processing data
one bit at a time.
Key Features: Known for its simplicity and good performance.
Common Uses: SSL and TLS certificates, Wi-Fi encryption protocols, and
browser protection.
Status: No longer widely used due to identified security vulnerabilities.
FAQ
What is a Cryptographic Key?
Page 5
� Created by Turbolearn AI
In cryptography, a key is a sequence of characters (string) used to
systematically encode data. Secret keys are mathematically developed
based on a specific algorithm, making each key unique and difficult to
decipher.
What is a Brute Force Attack?
A brute force attack occurs when cybercriminals attempt to decipher an
encryption key by trying billions of possible combinations. Modern
cryptographic systems are immune to these attacks due to long keys and
complex algorithms.
What is the Difference Between Cryptography and
Tokenization?
Tokenization is a method of replacing sensitive information with tokens.
Unlike ciphertexts, tokens do not have a mathematical relationship to the
original data, making tokenization an irreversible encryption process. The
relationship between the protected information and the token is stored in
a database called a vault.
Page 6
