Note: Many topics at this site are reduced versions of the text in "The Encyclopedia of Networking and Telecommunications." Search results will not be as extensive as a search of the book's CD-ROM.

Cryptography is a field of science and research in which cryptographers engage in the design and development of cryptographic systems, systems that can protect sensitive data from hackers, eavesdroppers, and industrial spies. Cryptographic methods are also used for authentication between users and between computer systems. Cryptographers actively attempt to break the very systems they create in order to understand their limitations. The concept of breaking something that you have created is common in manufacturing. It proves the reliability and safety of a product such as an automobile. Today, a common practice is to enlist public help in breaking cryptographic schemes by offering prizes in the form of money and "prestige" for having broken a scheme.

Encryption transforms some input into an output that is impossible to read without the proper key. It is performed by running an algorithm that transforms some input called the plaintext into an encrypted form called the ciphertext. While the algorithm always operates the same way, the use of a key ensures that the output will always be different (given the same input). A different key used on the same plaintext will produce different ciphertext. The key is also used to unlock the encrypted data by using the same algorithm in reverse. Because algorithms are usually public and well known, good encryption relies on a solid algorithm and avoiding the use of weak keys.

There are three primary cryptographic techniques. Two are used to encrypt text, graphics, and other information in a form that can be recovered by someone who has an appropriate key. The third, used in authentication and integrity schemes, scrambles input without any intention to recover it.

• Secret-key cryptography    A single key is used to encrypt and decrypt information. This technique is called symmetric key encryption. Encrypted information may be stored on disk or transmitted over nonsecure channels. Since there is only one key, some form of secure key exchange is necessary (in-person, courier, and so on).


• Public-key cryptography    Two keys are used in this scheme-one to encrypt and one to decrypt. Thus, the scheme is asymmetric. Every person has a set of keys and one is held private while the other is made publicly available. To send a private message to someone, you encrypt it with the recipient's public key. The recipient then decrypts it with his or her private key. This eliminates the problems of exchanging keys in advance of using the encryption.


• Hash functions    A hash function is an algorithm that produces a unique "fingerprint" of a message that can prove that it has not been altered since its creation. The output of the algorithm is called a message digest. A recipient that runs the same algorithm on the message should arrive at the same digest; otherwise, the message is suspect. The technique is used to digitally sign messages and documents. See "Hash Functions" for more details.

Several other topics are related to cryptography. Refer to "PKI (Public-Key Infrastructure)," "Public-Key Cryptography," and "Security."