As with the ancient Egyptians and Romans, who used secret writing methods to obscure trade or battle information and hunting routes, one of the most widely used applications of cryptography is in the safeguarding of communications between two parties wanting to share information. Guaranteeing that information is kept secret is one thing, but in the modern world it is only part of the equation. In today’s world, information must not only be kept secret, but provisions to detect unwelcome or unwanted modifications are just as important. In the days of Julius Caesar and the Spartans, keeping a message secret could be as simple as writing it in a language the general public didn’t, or wasn’t likely to, understand. Later forms of encryption require that elaborate systems of management and security be implemented in order to safeguard information.
Is the body of knowledge relating to cryptography only concerned with protecting information? Well, in the first few generations of its existence the answer is yes, but that has changed. The knowledge is now used in systems to authenticate individuals and to validate that someone who sent a message or initiated an action is the right party.
Cryptography has even made some of the everyday technologies that you use possible. One area that owes its existence to cryptography is e-commerce. E-commerce demands the secure exchange and authentication of financial information. The case could be made that e-commerce would not exist in anything resembling its current form without the science of cryptography.
Another area that has benefited tremendously from the science of cryptography is mobile technologies. The careful and thoughtful application of the science has led to a number of threats such as identity theft being thwarted. Mobile technologies implement cryptographic measures to prevent someone from duplicating a device and running up thousands in fraudulent charges or eavesdropping on another party.
So what does the field focus on? Each of the following is a topic you need to understand to put the tools and techniques in their proper context:
- Confidentiality Confidentiality is the primary goal that cryptography seeks to achieve. Encryption information is done to keep that information secret or away from prying eyes. Under the right conditions, encryption should be impossible to break or reverse unless an individual possesses the correct key. Confidentiality is the more widely sought aspect of encryption.
- Integrity Cryptography can help you detect changes in information and thus determine its integrity.
- Authentication Cryptography allows a person, object, or party to be identified with a high degree of confidence. Authentication is an essential component of a secure system because it allows software and other things to be positively identified. A common scenario for authentication nowadays is in the area of device drivers, where it provides a means of having a driver signed and verified as coming from the actual vendor and not from some other unknown (and untrusted) source. Authentication in the context of electronic messaging provides the ability to validate that a particular message originated from a source that is a known entity which, by extension, can be trusted.
- Nonrepudiation The ability to provide positive identification of the source or originator of an event is an important part of security. One of the most common applications of nonrepudiation and cryptography is that of digital signatures, which provides positive identification of where the message came from and from whom.
- Key Distribution Arguably one of the most valuable components of a cryptosystem is the key, which represents the specific combination or code used to encrypt or decrypt data.