Historically, cryptology corresponds to the science of secrecy, that is, to encryption. Today, it has expanded to proving who wrote a message and whether or not it was changed, using digital signatures and hash functions. Etymologically, cryptology is the science of secrecy. It brings together cryptography (“secret writing”) and cryptanalysis (study of attacks against cryptographic mechanisms).
Cryptology is no longer limited to ensuring the confidentiality of secrets. It has been extended to mathematically providing other notions: guaranteeing the authenticity of a message (who sent this message?) Or even ensuring its integrity (has it been modified?).
Cryptology combines four main functions to ensure these uses: hashing with or without a key, digital signature, and encryption. To explain cryptology, we will use the traditional characters in cryptography: Alice and Bob in our examples.
Why Does Cryptology Exist?
To Ensure The Integrity Of The Message: The Hash
Cryptology makes it possible to detect whether the message or the information has been unintentionally modified. Thus, a “hash function” will allow it to associate a unique fingerprint with news, file, or directory, which all can calculate and verify. This fingerprint is often materialized by a long series of numbers and letters preceded by the name of the algorithm used, for example, “SHA2” or “SHA256”.
Do not confuse encryption, which ensures confidentiality, that is to say, that only the targeted persons can have access to it (see “To ensure the confidentiality of the message”), and hash, which makes it possible to guarantee that the message is correct, that is to say, that it has not been modified.
Hash, What For?
To save your photos on your hosting space (“cloud” type, for example) and check that your download went well? To synchronize your files and detect which ones need to be backed up again and which ones have not been modified? There are also “key hash functions,” which allow the fingerprint calculation to differ depending on the key used.
With these, to calculate a fingerprint, we use a secret key. For two different legends, the imprint obtained on the same message will be distinct. So for Alice and Bob to calculate the same fingerprint, they both have to use the same key. Among these keyed hash functions are those used to store passwords securely.
Key Hashing, What For?
Does your favorite service recognize your password when you log in?
Want to be able to detect if someone is modifying documents without telling you?
To Ensure The Authenticity Of The Message: The Signature
In the same way as for an administrative document or a contract on paper medium, the mechanism of the “signature” – digital – makes it possible to verify that a message has indeed been sent by the holder of a “public key.” This cryptographic process allows anyone to verify the author’s identity of a document and ensures that it has not been modified.
The Digital Signature, What For?
Do you want to guarantee that you are the sender of an email? Want to make sure that information comes from a trusted source? To be able to sign, Alice must have a pair of keys:
- one, called “public,” which can be accessible to everyone and in particular to Bob, who is the recipient of the messages sent by Alice;
- The other, called “private,” should only be known to Alice.
In practice, Alice generates her signature with her private key, which is known only to her. Anyone with access to Alice’s public key, including Bob, can verify the signature without exchanging a secret.
To Ensure The Confidentiality Of The Message: Encryption
The encryption of a message makes it possible to guarantee that only the sender and the legitimate recipient (s) of a note know its content. It is a kind of digital sealed envelope. Once encrypted, a message is inaccessible and unreadable without having a specific key, whether by humans or machines.
Encryption, What For?
Want to make sure that only the recipient has access to the message? Do you want to send this information in a digital envelope that cannot be read by all like on a postcard? There are two prominent families of encryption: symmetric encryption and asymmetric encryption.
It encrypts and decrypts content with the same key, called the “secret key.” Symmetric encryption is high-speed but requires that the sender and the recipient agree on a shared secret key or transmit it to each other through another channel. This must be chosen with care. Otherwise, the key could be recovered by the wrong people, which would no longer ensure the confidentiality of the message.
It guesses the (future) recipient has a key pair (private key, public key), and he made sure that potential issuers have access to their public key. In this case, the sender uses the recipient’s public key to encrypt the message while the recipient uses their private key to decrypt it.
Among its advantages, the public key can be known to all and published. But beware: issuers must trust the origin of the public key and be sure that it is that of the recipient. Another strong point: no need to share the same secret key! Asymmetric encryption eliminates the need for this. But unfortunately, it is slower. For this last reason, there is a technique combining “symmetric” and “asymmetric” ciphers, better known under the name of “hybrid cipher.”
This time, a secret key is determined by one of the two parties wishing to communicate, and this is sent encrypted by asymmetric encryption. Once known to both parties, they share by symmetrically encrypting their exchanges. This technique is applied in particular when you visit a site whose address begins with “HTTPS.”