In this article, we will go through some of the most commonly used terminologies in the world of cryptography.
Encryption:
Put very simply, encryption is the process of transforming data into something random that obscures the meaning of the data. The data could be virtually anything, ranging from a secret text message, an image, a voice recording, or even the entire contents of your smartphone.
Plaintext:
Plaintext is the data that is encrypted by the process of encryption.
Ciphertext:
The plaintext is encrypted by the process of encryption into something that is referred to as the ciphertext. In other words, the encrypted text is referred to as the ciphertext.
Encryption Process
Decryption:
Decryption is the process that helps recover the original data (plaintext) from the ciphertext.
Decryption Process
Thus, the purpose of encryption is to protect information. When data has been encrypted, it becomes accessible to only those who possess the knowledge of being able to reverse the process of encryption, i.e., those who can decrypt the encrypted data. In such a context, you might even think of encryption being a process or way of restricting access to data. For every encryption process exists a corresponding decryption process. So, data encryption transforms the data from its plaintext form to ciphertext form, something that isn’t understood until the ciphertext is decrypted back into the original plaintext.
Cipher:
Cipher is the algorithm that is used for the process of encryption and decryption (the combined process of encryption and decryption is often referred to as ‘encryption’ by many).
Enciphering:
As the encryption process involves the use of a cipher, very often, the act of encryption is, therefore, also referred to as enciphering.
However, from a pure technical perspective, do remember that enciphering refers to that form of encryption that can only be used on text. Thus, enciphering the text is transforming the plaintext to ciphertext.
Deciphering:
Deciphering is to decryption as enciphering is to encryption. Like the process of encryption, as the decryption process also involves the use of a cipher, very often, the act of decryption is, therefore, also referred to as deciphering.
Again, from a pure technical perspective, do remember that deciphering usually applies to text only. The ciphertext is deciphered back into the original plaintext.
Encoding:
The process of encoding is entirely different from the process of encryption and it is incorrect to interchangeably use the terms ‘encryption’ and ‘encoding’. Encoding data means transforming the data from one format to another. Therefore, encoding changes the usability and not accessibility of the data. A very common and simple example of encoding data is the conversion of a sound file from the MP3 to WAV format – the process can be performed (completed) as well as reversed by anyone; however, take cognizance of the fact that had the sound file been encrypted, only people with the required knowledge (key) would be able to decrypt the file.
Shift cipher:
A shift cipher is a simple encryption scheme that helps obscuring the meaning of a message by shifting each letter comprising the message a few places in the alphabet. An example of a shift cipher is the Caesar cipher.
Encryption/cipher machine:
Encryption/cipher machines were invented in the early part of the 20th century and these machines made significant contributions in helping automate the process of encryption because the machines could be configured to help implement more and more complex and varied encryption substitutions. One of the most well-known encryption/cipher machines is the Enigma machine which was used by the German forces in World War II.
Substitution cipher:
Substitution ciphers comprise of a subset of encryption schemes. In a substitution cipher, each letter comprising the plaintext message gets substituted with a separate letter in the alphabet with an aim to obscure the meaning of the original plaintext message. A substitution cipher could involve substituting each letter comprising the plaintext message for other letters, symbols or characters. A substitution cipher could also involve replacing whole words or syllables comprising the plaintext message, instead of individual letters.
Encryption Algorithm:
We already know by now that an encryption scheme transforms a plaintext into ciphertext – an encryption algorithm is used to help achieve the transformation. An encryption algorithm, therefore, defines a set of instructions that can be followed to modify/encrypt the plaintext into ciphertext. There are two inputs to an encryption algorithm – the plaintext and a Key, and the ciphertext is produced as the output of the encryption algorithm.
Key:
The key is that very important secret which determines what the output of the encryption algorithm will be – different keys will result in the output of different ciphertexts. The key is the component that restricts accessibility to the message because it is only those people who know the key that can decrypt the message (decrypt the ciphertext back to the original plaintext). A key is used to encrypt the plaintext into ciphertext and then decrypt the ciphertext back to the original plaintext.
Key Generation Algorithm:
A key generation algorithm is a set of instructions that are used to generate the key. An ideal encryption scheme should comprise of a key generation algorithm that can generate truly random keys; however, generating keys that are truly random and therefore, cannot be guessed is still not practical and thus, keys often are pseudorandom. Pseudorandom keys mean that the keys are not truly random in real sense of the term, but they appear to be random when they are analyzed.
Decryption Algorithm:
The decryption algorithm helps turn the ciphertext back into the original plaintext. In most cases, the set of instructions comprising of the decryption algorithm is simply the reverse of those that had been followed to encrypt the plaintext into ciphertext. The inputs to the decryption algorithm are the ciphertext and key, and the output is the original plaintext.
The encryption, key generation and decryption algorithms should always be so designed such that it is always possible for the decryption algorithm to turn the encrypted form of a message (the ciphertext) back into the original message (the plaintext). A strong encryption scheme always has the encryption, key generation and decryption algorithms publicly known; however, that doesn’t make it easier for a hacker to hack the system. If the key that is used to encrypt the original plaintext message into the ciphertext is kept secret, it is only and only those people who possess the knowledge of the key that can decrypt the ciphertext back into the original plaintext message.
The discussion of cryptography is incomplete without explaining what symmetric and asymmetric encryption are. We can sort the modern encryption techniques broadly into two different categories: symmetric encryption and asymmetric encryption.
Symmetric Encryption:
A symmetric encryption scheme uses the same key to encrypt as well as decrypt data. You can think of symmetric encryption as something like putting a secret envelope into a locked box. If you had used KEY1 to lock the box, you are going to use the same key, KEY1, to open the locked box. Quite clearly, as you can understand, using a symmetric encryption scheme to send a secret message to your friend means that your friend must possess a copy of the key that you had used to encrypt the secret plaintext message into ciphertext. Quite evidently, if the key falls into the wrong hands, you run the risk of your message being vulnerable to be read by someone unauthorized.
Asymmetric Encryption:
An asymmetric encryption scheme uses a separate key to encrypt and decrypt a message. An asymmetric encryption thus, solves the key sharing problem as present in a symmetric encryption scheme.
An asymmetric encryption scheme’s key generation algorithm generates two keys – a public and private key. While the public key is used to encrypt the plaintext data into ciphertext, the private key is used to decrypt the ciphertext back into the original plaintext. As an asymmetric encryption scheme involves the use of a public key, it is also known as the public-key cryptography.
An asymmetric encryption scheme’s key generation algorithm generates the public and private keys in such a way that you can give the public key to anyone, that is, as the name suggests, you can make the public key ‘public’ – and you can do that because the public key is only used to encrypt the plaintext data into ciphertext. If someone has the knowledge of the public key, it doesn’t, in any way, mean that he/she can decrypt the ciphertext back into the original plaintext – he/she must have the knowledge of the private key in order to decrypt the information.
Do remember the fact that asymmetric encryption systems are more complex and computers require more resources in order to complete the key generation, encryption and decryption algorithms.
************************************************************************************************************************************************************
The author of the technical article, Subhasish Sarkar (SS), is an IBM Z Champion for 2020.
************************************************************************************************************************************************************