View on GitHub

reading-notes

Daily Reading 18

Cryptography

###

What is the basic principle behind the Caesar Cipher, and how was it used historically?

A Caesar cipher, or Caesar shift, is a type of letter substitution cipher that replaces each letter in a message with the letter x number of letters after or before it. The simplest example would be that every A becomes B, every B becomes C, every C becomes D, etc, and Z becomes A. This is every letter being shifted forward once. It is a common, easy cipher to use. Easy to decode when recognized, but still unreadable until decoded.

As might be expected, the historical significance of the Caesar cipher is that a variant of this format was proven to have been used by Julius Caesar, for encoding of sensitive military intel.

What are the key differences between symmetric and asymmetric encryption? How is asymmetric used in secure communication today?

Symmetric encryption means that the same key can be used for both encryption, and decryption, while asymmetric means a different key is used for each step of the process.

Asymmetric encryption is used for HTTPS, and is the heart of the concept behind having a private key, and a public key. If you have heard of those, those are your personal computer’s codes for encrypting outgoing data, and decrypting incoming data.

How do computers generate random numbers, and what are the differences between true random number generation (TRNG) and pseudo-random number generation (PRNG)? Discuss their use cases in cryptography.

True random, from within a computer, and without an external source, is impossible. It is only through the measurement of external factors in the world that TRNG can be produced. PRNG can be produced much easier, but has the major weakness of, because of its existence in a deterministic system, if you perform the exact same actions at the exact same time, you will get the exact same “random” results every time.

In many cases, this is not an issue, but if you’re resetting a system and automating actions upon it on startup, factors that are supposed to be random may not be until hooked into an external source of randomness, like keyboard input or the system clock to use as a seed for the PRNG. PRNGs however, due to this flaw, are unsuitable for secure cryptography, as if an attacker knew the method of random generation you were using, and was able to emulate the same conditions, they would get the exact same results, rendering the encryption useless.

What’s the difference between encryption and decryption? Explain with an analogy.

The simplest way to put it, would be to say the “direction” of encryption. to Encrypt something means to get it from a human readable (or otherwise usable) state, into a encrypted gibberish unreadable and unusable state, where only a very specific action can render it usable again.

Decryption, is the act of using that very specific action, to make the gibberish and unusable data back into it’s readable/usable condition.

Encryption is putting a document into an already opened safe.

Decryption is turning the dial on the safe to unlock it and access the document inside.

Back To Main Page.