Randomness and Cryptography
Prakhar Tandon
Posted on February 20, 2022
Hey everyoneđ
I am back with The âRandomâ
series! One of my most loved and my personal favourite as wellđ.
This series has overall got almost 4K+ viewsđ€© on various platforms like Dev Community, HashNode and TealFeed.
I will recommend you to read the previous article before reading this oneđ Is random() really random?
So letâs dive in!!!!!!
Before diving into the cryptographic aspect of randomness, we first need to understand what actually cryptography is and how it works.
So Wikipedia says
Cryptography, or cryptology, is the practice and study of techniques for secure communication in the presence of adversarial behaviour.
...And that was a very bookish type of definition.
Okay so cryptography is basically some sort of encryption for the data being transferred, that means only the sender and receiver can view the data or the message... and ideally no one else, not even ZuckerBurg (lolđ€).
And yeah its actually (kind-of) more ideal version of what WhatsApp claims to provide âEND TO END ENCRYPTIONâ.
NOTE
Cryptography is a subject that involves a-lot of high-end mathematics, and hence, I will try to avoid those complex expressions and keep it as simple as it can be.
This is closely related to encryption, which is the act of scrambling ordinary text into what's known as cipher-text and then back again upon arrival.
Some very common examples of encryption can be:
- Encryption over the internet like the SSL.
- Wireless 4G LTE network uses 128-bit Advanced Encryption Standard (AES) and SNOW3G
- Your Internet banking, cards, UPI payments etc.
- Encryption in your computer like storing passwords, files etc.
If you have ever heard of the famous Ceaser Cipher, you will probably be able to connect with the idea of cryptography.
If you havenât read it here.
How Encryption works
In case of encryption, a given algorithm will always transform the same plain-text into the same cipher-text if the same key is used.
Key is basically some number, that is used while encoding and decoding.
So letâs have an example.
Say we take KEY = 2 and we decided to encode our message in such a way that every English alphabet is replaced by the âKEYâth alphabet.
That means in our example
- âAâ to be replaced by âCâ
- âBâ to be replaced by âDâ and so on.
And a simple assignmentđ !!
Comment down what is the below message based on the above description(Key=2).
Kpetgfkdng Kpfkc!
Note: Special characters remain the same in Caesar Cipher.
So this can be the simplest form of encryption.
There are two types of cryptography symmetric and asymmetric.
Symmetric Cryptography
With symmetric cryptography, the same key is used for both encryption and decryption. A sender and a recipient must already have a shared key that is known to both.
So just have a thought ... you are also sending the decryption key via the same channel, that can obviously be intervened I mean hackers are damn smart nowadays!
Although any hacker wonât be interested in reading your efforts and super fast replies towards your crush even after getting ignored, so you can relax.......emotional damageđ« (to me as well).
Asymmetric Cryptography
So yes, these security concerns lead to the development of next type that is Asymmetric.
Here, we have two different keys, PUBLIC KEY and a PRIVATE KEY.
Private key as the name suggests, is always private to whom it belongs, and his public key is available to all. Data encrypted with a public key may only be decrypted with the corresponding private key.
Letâs have an example:
Suppose you are Raju want to send a message to your friend Baburao about a great financial scheme.
So you need to have his public key, and encrypt the message using it and send it to him.
Only Baburao can decrypt the message, as only he has his private key.
And similarly any data encrypted with a private key can only be decrypted with the corresponding public key.
Letâs dive even deep with a easier real-world example.
So basicallyđ€, we want an encryption method, that is easy to do on one side, but difficult from the other side i.e, encrypting is easy but decryption without required information is very difficult.
Here we can use a simple yet great mathematical trick (that actually powers the modern world, not as it is though) is Prime Numbers!
Say you multiply two prime numbers 13 and 67 that would be 871. Very Simple..isnât it.
Now have a look in the opposite direction.
You have given 871 and you need to find exact those prime numbers we used to encrypt it.
This will take you a while, I mean you will look at different possible prime combinations as so on. But now, what if I say those numbers will be something huge like 10^20 or 10^30 !!!
đŻ
Multiplication(encryption) would be fairly easy, but decryption will take a-lottt of time!!
Now letâs get back to the âRandomâ Numbers.
The "key" has to be random! Randomness as it is used to generate session keys.
The more random the numbers, the more secure the cryptographic system.
And here comes the problem that we discussed in our previous article, computers cannot provide pure randomness.
Hence we use "cryptographically secure" pseudo random number generator, that are based on external entropy, the best source of which is Quantum Physics. Quantum Random Number Generators (QRNGs) are able to provide highest possible randomness till date.
In its latest report looking at quantum computing, the IBM Institute for Business Value highlights the potential quantum technologies have to become âa double-edged swordâ; one that will expand computing power and offer opportunities for improving cyber-security, whilst exposing vulnerabilities in current encryption methods.
Hashing
There exists another similar term "HASHING". Hashing is the process of converting the information into a unique text using a hash function. The original information cannot be retrieved from the hash key by any means.
Most popular algorithm for this is SHA-256
. In this, no matter how large your input data is, the resulting Hash will always be of 256 characters.
If you people are interesting in knowing about hashing more, let me know in the comments below.
Here are some resources that you can have a look at to gain more insights about Cryptography.
- Cryptography Concepts every developer should know by FireShip
- A TED from James Lyne :Power of randomness
I found the below ones bit advanced.
Thanks for readingđ!
If you loved the article please share itđ, it takes a-lot of efforts and time making The Random
series.
Want to connect?
Posted on February 20, 2022
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.