# Simple and understandable cryptography

What is cryptography

The underlying algorithm research of cryptography belongs to the field of mathematics and is not the focus of our discussion. At the same time, cryptography also implies a new way for people to communicate on the Internet, involving some concepts of encryption economy and cryptopunk, which can be studied from the perspective of humanities and social sciences. But our idea in this section is the middle way, and we talk about cryptography from the perspective of engineering technology. Its precise definition, theoretical basis and mainstream technical scheme are given.

definition

Wikipedia says that cryptography is the study of secure communication technology, which should be able to effectively prevent potential attacks.

To put it bluntly, it is to study some protocols that can transfer information privately. Cryptography is an intersection of mathematics and computer science. There are two main applications: one is encryption communication. The main task of this direction is to ensure that information will not be tampered and eavesdropped during transmission, which is also a direction that we can easily think of. However, the other direction is also equally important, that is, digital signature.

Similar to pen and paper signatures in the real world, digital signatures can be used to verify the identity of signers and prevent repudiation. In the early days, cryptography was more common in the military field, and the civil field involved e-commerce, bank payment, digital copyright and other key social fields. Therefore, it is not too much to say that cryptography is a pillar of contemporary society. In recent years, with the rise of blockchain and cryptocurrency, the development of cryptography has entered a new stage. The bottom layer of blockchain is cryptography technology, but also involves economics.

concept

The basic concepts of cryptography are encryption, decryption, ciphertext and key. For example, if Alice has a piece of data to pass to Bob, she must first run the encryption algorithm to convert the data into ciphertext, which is something that seems unintelligible. When the ciphertext is sent to Bob's machine, Bob can run the corresponding decryption algorithm to convert the ciphertext into data again. So what is a key? In fact, there are two elements in the process of encryption and decryption. One is the algorithm, and the other is the key, which is called key in English. A key is a small piece of data involved in encryption and decryption operations.

In fact, the current popular encryption and decryption algorithms are generally open, because no one dares to use them if they are not open, for fear of having a back door. Therefore, the security of information depends entirely on the fact that the encryptor and the decryptor hold the key. If we encapsulate the encryption algorithm into an encryption function, the input of the function is two, one is information and the other is key, and the return result of the function is ciphertext. The decryption process is similar, that is, the ciphertext and key are passed to the decryption function, and the returned result is information.

Let's take Caesar's password as an example. Caesar wants to send a secret letter to his general. Here, Caesar uses the algorithm to move the letters backward in alphabetical order by a certain number of digits. For example, the message was originally A, but now it moves back three digits, and becomes D, so that no one can understand the generated ciphertext. In this process, the algorithm is "letter offset", and the key is 3. After the general receives the ciphertext, he can decrypt it according to the same algorithm and the key.

theoretical basis

First, contemporary cryptography is "cryptography on the Internet". Historically, since the era of Caesar, there has been the concept of secret communication, so Caesar's password was also born. Later, with the rise of the electrical revolution, people also named the hardware equipment specially used for encryption. But the real big development of cryptography is actually after the rise of computers. Especially after the arrival of the Internet, all information is transmitted in public areas, and anyone can intercept our data. Therefore, encryption before data transmission is particularly important. Contemporary cryptography also develops in this context.

Second, we should remember that there is no password that cannot be cracked. In theory, any password can at least be cracked by violent search. The encryption algorithms on the Internet are public, so some characteristics of the key are also clear, such as the total number of bits. For computers, guessing one by one, that is, using brute force search to crack, is also an attack that is easy to think of. So this puts forward a basic requirement for the designers of encryption algorithms, that is, the algorithm must ensure sufficient computational difficulty. This ensures that although the key can be calculated in theory, the time required to use the current hardware is unacceptable in practice, for example, 10000 years. Of course, mathematical theory has been developing, and computer processing speed has also been improving, so cryptography itself is an evolving discipline.

Understanding that cryptography is mainly used to ensure communication between two strangers under Internet conditions can understand why cryptographic algorithms are basically open. At the same time, after understanding that there is no password that cannot be cracked, only the password that is difficult to crack, we know why the encryption algorithm needs to be iterated constantly.

The core position of public key encryption

Contemporary cryptography has always been divided into two systems: symmetric encryption and asymmetric encryption. Among them, asymmetric encryption is also called public key encryption, the core technology of cryptography.

How is symmetric encryption distinguished from asymmetric encryption? As we mentioned just now, encryption and decryption must involve a key. If encryption and decryption use the same key, this is symmetric encryption technology, otherwise it is asymmetric encryption technology. Asymmetric Camille has some counter intuitions. The specific method is to first generate a pair of keys. One is the public key, which can be disclosed to anyone. The other is the private key, which should be kept strictly confidential. The sender first gets the public key of the receiver, encrypts the information with the public key, and the receiver decrypts the information with the private key after receiving the ciphertext.

The reason why public key and private key can work together in this way is that they are a pair by nature and have a natural mathematical relationship. The specific contact information is related to the specific encryption algorithm used. There are two most famous algorithms in asymmetric encryption. One is RSA, which is named after the abbreviation of three authors' names, and the other is ECC, that is, elliptic curve algorithm. RSA is the originator of asymmetric encryption technology. ECC is a more efficient encryption algorithm. Bitcoin uses this encryption algorithm.

Symmetric encryption uses the same key between the sender and the receiver, so the premise of establishing secure communication is that both parties must have a shared key first. How should the key be transferred to the other party safely without an encryption channel? This is very challenging on the Internet. In contrast, public key encryption technology needs to share the public key, not worry about leakage, and it is relatively safer. In addition, public key encryption technology has also derived digital signature technology.

Of course, public key encryption technology also needs to consider technical issues such as how to confirm the public key owner. Therefore, we will not expand the concept of CA, namely, the issuing authority, and PKI public key infrastructure.

summary

In this section, we give a brief introduction to cryptography, and the main points are as follows: First, cryptography is the research on secure communication technology, which should be able to resist various malicious attacks. Second, the bottom layer of cryptography is mathematics. The security of cryptography depends on a mathematical problem that is difficult enough to ensure that computers can not calculate keys within an acceptable time span. Third, contemporary cryptography is cryptography under the Internet environment, and the key technology is public key encryption technology.

Station B video explanation:

https://www.bilibili.com/video/av34660072/

Comment: