In cryptography, as in any scientific subject, precision is important, and this applies in particular to terminology that is often misused by the layman. An example of this is the confusion between the terms cryptography and cryptology, which are often used interchangeably in popular writing.
Cryptology is a broader subject, consisting of two branches: cryptography, the science of creating secure cryptosystems for converting data into a form that is incomprehensible to unauthorized persons, and cryptanalysis, the science of “attacking” cryptosystems in order to “crack” them, or at least discover their weaknesses.
When cryptanalysis discovers weaknesses in cryptosystems, cryptographers create more secure cryptosystems. Conversely, as cryptosystems become stronger, cryptanalysts try to discover more powerful methods of attacking them. Thus, cryptography and cryptanalysis are complementary.
The goal of cryptography is to convert any data in its original form, called plaintext, into an incomprehensible form, known as ciphertext. This process is called encryption. The reverse process of recovering plaintext from ciphertext is called decryption. The (incorrect) terms “encoding” and “decoding” are often found in popular writing, but technically they have completely different meanings and should not be used in the present context.
It is important to understand that the plaintext does not have to be a text message. It can be a computer file representing any type of date – an image, a database, etc.
Any particular cryptosystem is based on certain encryption and decryption algorithms. An algorithm is simply a computational procedure that follows a specific set of rules. An important general principle of modern cryptography, known as the Kerckhoffs principle, is that the algorithms that define a cryptosystem must be publicly known. Only then can the cryptosystem be critically analyzed by experts so that users can trust it.
The exact way the plaintext is encrypted with a particular algorithm depends on the secret key, which in practice is just a large number. A consequence of Kerckhoffs’ principle is that the security of an encryption depends on the secret key, and not on some secret encryption algorithm. This is easy to understand with the following analogy: there are no secrets about how a combination lock works – its mechanism is designed to open the lock when a certain sequence of numbers is stuffed, but a locked lock is locked because there are usually over a million possible combinations (“keys”).
Modern cryptosystems can be divided into two main types: symmetric and public key cryptosystems. They will be described below.
A symmetric (or secret) cryptosystem is one that uses the same key for encryption and decryption. This is similar to using the same key to lock or unlock the front door of your home.
Typically, symmetric encryption is done with block cipher, which is an encryption technique that divides plaintext into blocks of a certain fixed length and transforms each block according to a specific algorithm to create a block of ciphertext. The same algorithm and the same key are used for decryption, which reproduces the original text