Tracing the Evolution: As with the ancient Egyptians and Romans, who used secret writing methods to obscure trade or battle information and hunting routes, one of the most widely used applications of cryptography is in the safeguarding of communications between two parties wanting to share information. Guaranteeing that information is kept secret is one thing, but in the modern world it is only part of the equation. In today’s world, not only must information be kept secret, but provisions to detect unwelcome or unwanted modifications are just as important. In the days of Julius Caesar and the Spartans, keeping a message secret could be as simple as writing it in the language the general public didn’t, or wasn’t likely to, understand. Later forms of encryption require that elaborate systems of management and security be implemented in order to safeguard information.
Is the body of knowledge relating to cryptography concerned only with protecting information? Well, in the first few generations of its existence, the answer was yes, but that has changed. The knowledge is now used in systems to authenticate individuals and to validate the entity that sent a message or initiated an action to the receiving party.
Cryptography has even made some of the everyday technologies that you use possible. One area that owes its existence to cryptography is e-commerce. E-commerce demands the secure exchange and authentication of financial information. The case could be made that e-commerce would not exist in anything resembling its current form without the science of cryptography.
Another area that has benefited tremendously from the science of cryptography is mobile technologies. The careful and thoughtful application of the science has led to a number of threats such as identity theft being thwarted. Mobile technologies implement cryptographic measures to prevent someone from duplicating a device and running up thousands of dollars in fraudulent charges or eavesdropping on another party.
So what does the field focus on? Each of the following is a topic you need to understand to put the tools and technique in their proper context:
Confidentiality Confidentiality is the primary goal that encryption seeks to achieve. Encryption is done to keep secret information from disclosure, away from prying eyes. Under perfect conditions, encryption should be impossible to break or reverse unless an individual possesses the correct key. Confidentiality is the more widely sought aspect of encryption.
Integrity Cryptography can detect changes in information and thus prove its integrity or original unmodified state. You will learn more about this in the previous article “ Understanding Hashing”.
Authentication Cryptography allows a person, object, or party to be identified with high degree of confidence. Authentication is an essential component of a secure system because it allows software and other things to be positively identified. A common scenario for authentication nowadays is in the area of device drivers, where it provides a mean of having a driver signed and verified as coming from the actual vendor and not from some other unknown (and untrusted) source. Authentication in the context of electronic messaging provides the ability to validate that a particular message originated from a source that is a known entity that, by extension, can be trusted.
Nonrepudiation The ability to provide positive identification of the source or originator of an event is an important part of security.
Key Distribution One of the most valuable components of a cryptosystem is the key, which is the specific secret combination or code used in a cryptographic function.