🔍
🌐 Web
📄 HTML 🎨 CSS JavaScript 🐘 PHP 🔍 SEO 🅱️ Bootstrap New 🌬️ Tailwind CSS Soon 🔷 TypeScript Soon
🔤 Languages
🐍 Python 🗄️ SQL 🔵 C Programming Soon 🟣 C++ Soon Java Soon 💎 Ruby Soon
💻 CS Basics
🖥️ Computer Basics ⚙️ Operating Systems 📊 Data Structures 🧮 Algorithms 🗄️ DBMS 🏗️ Software Engineering 🏛️ Computer Architecture
🌐 Networking
📡 Computer Networks 🔗 OSI Model 🌍 TCP/IP 🔒 HTTP & HTTPS 📶 DNS Explained
🔐 Security
🛡️ Cyber Security 🕵️ Ethical Hacking 🔑 Passwords & Privacy 🦠 Viruses & Malware 🔏 VPN & Firewall 🎣 Social Engineering 🔐 Cryptography & Encryption
🤖 AI & Data
🤖 Artificial Intelligence 🧠 Machine Learning 📊 Data Science ☁️ Big Data 💬 Prompt Engineering
🛠️ Tools
🐙 Git & GitHub 📝 VS Code Tips 💻 Command Line 📋 Cheat Sheets Interview Q&A 🏆 Quizzes
👶 Kids📝 Blog About Contact 🚀 Get Started Free

Cryptography & Encryption

Understand how encryption, hashing, and digital certificates secure our data on the internet.

What is Cryptography?

Cryptography is the practice of securing information and communication through the use of codes, so that only those for whom the information is intended can read and process it. In the digital world, cryptography is the foundation of data confidentiality, integrity, and authenticity.

Symmetric vs. Asymmetric Encryption

Encryption converts plaintext (readable data) into ciphertext (unreadable scrambled data). There are two main categories of encryption based on the keys used:

1. Symmetric Encryption

Symmetric encryption uses the same key for both encrypting and decrypting data. It is fast and efficient, making it ideal for encrypting large amounts of data (such as files on a hard drive).

  • Pros: Very fast execution speed.
  • Cons: Key distribution problem. How do you securely share the key with the recipient without someone intercepting it?
  • Common Algorithms: AES (Advanced Encryption Standard - the industry standard), DES, 3DES, Blowfish.

2. Asymmetric Encryption (Public Key Cryptography)

Asymmetric encryption solves the key distribution problem by using a mathematically linked key pair:

  • Public Key — Can be shared with anyone. Used to encrypt the data.
  • Private Key — Must be kept secret. Used to decrypt the data.

If Alice wants to send a secure message to Bob, Alice encrypts it using Bob's public key. Only Bob's private key can decrypt it. Anyone intercepting the message cannot read it without the private key.

  • Pros: Highly secure key distribution.
  • Cons: Much slower than symmetric encryption due to complex mathematical operations.
  • Common Algorithms: RSA (Rivest-Shamir-Adleman), ECC (Elliptic Curve Cryptography), Diffie-Hellman.
Hybrid Approach: Modern secure protocols (like HTTPS and TLS) use a hybrid system. Asymmetric encryption is used at the start of a connection to securely exchange a temporary symmetric key, which is then used to encrypt the rest of the session data. This gives you the speed of symmetric encryption with the security of asymmetric encryption.

Hashing: One-Way Security

A cryptographic hash function takes an input of any size and produces a fixed-size string of characters, typically a hexadecimal number. Unlike encryption, hashing is a one-way function — you cannot convert a hash back into the original input.

Hashing is used to verify the integrity of data (ensuring it hasn't been altered). If even a single character in the input changes, the resulting hash will be completely different (known as the avalanche effect).

  • Password Storage — Websites should never store passwords in plaintext. Instead, they hash the password. When you log in, the site hashes your input and compares it to the stored hash.
  • File Integrity — Software downloads often provide a SHA-256 checksum (hash). After downloading, you can hash the file to verify it hasn't been tampered with or corrupted.
  • Common Hashing Algorithms: SHA-256, SHA-3, MD5 (legacy, insecure), SHA-1 (legacy, insecure).

Digital Signatures & Certificates

To verify the authenticity of a sender or website, cryptography uses digital certificates:

  • Digital Signature — A mathematical scheme that proves a message was created by a known sender (authenticity) and was not altered in transit (integrity). It is created by hashing the message and encrypting the hash with the sender's private key.
  • Digital Certificate (SSL/TLS) — Issued by a trusted third party called a Certificate Authority (CA). It binds a public key to an entity (like a website's domain name) to verify that you are connecting to the genuine server, not an imposter.

What's Next?

Learn how cryptography is used to secure web traffic in HTTP & HTTPS, or explore the physical boundary tools in VPN & Firewall.