Back

Cryptography Basics: The Foundation of Cybersecurity

By Anurag~14 min readPublished 2025-10-16

Imagine sending a secret message to a friend, but someone could sneak a peek while it travels across the internet. Cryptography is like a magical lock that scrambles your message so only your friend can read it. It turns readable words (plaintext) into a jumbled code (ciphertext) that looks like nonsense to anyone without the key. This protects everything from your bank account to your WhatsApp chats and the websites you visit. Let’s explore how cryptography works, its history, and why it’s the hero of our digital world.

Why Cryptography Matters

Every day, your phone, laptop, or smartwatch sends sensitive stuff—like passwords, credit card numbers, or private messages—over the internet. Without cryptography, hackers could grab this info, change it, or pretend to be you. Cryptography keeps things safe by ensuring:

  • Confidentiality: Only the right person can read your data. For example, when you message on Signal, it’s scrambled so only your friend sees it.
  • Integrity: If someone messes with your data, you’ll know. Tools called hash functions act like a tamper-proof seal.
  • Authentication: Proves who sent or got the message. Digital signatures are like a virtual ID card.
  • Non-repudiation: Stops someone from saying, “I didn’t send that!”—like a signed receipt for a digital action.

Think of the 2023 MOVEit hack, where millions of records were stolen because of weak security. Cryptography prevents such disasters, making online shopping, remote work, and chatting safe.

A Quick Look at Cryptography’s History

Cryptography started thousands of years ago and grew into today’s super-smart systems. Here are the key algorithms that shaped it:

  • Caesar Cipher (58 BCE): Used by Julius Caesar, it shifts each letter (e.g., A becomes D if you shift by 3). Easy to crack by trying all possible shifts.
  • Vigenère Cipher (1586): Uses a keyword (like “KEY”) to shift letters differently each time, making it harder to break until the 1800s.
  • Enigma Machine (1920s): A WWII device with spinning rotors to scramble messages in billions of ways. Codebreakers used early computers to crack it.
  • DES (1977): A 56-bit key system to encrypt data blocks; too weak now because computers got faster.
  • Public-Key Systems (1970s): Diffie-Hellman for sharing keys safely; RSA and ECC for secure messaging without secret handshakes.
  • AES (2001): Today’s go-to encryption, super secure with longer keys.
  • Post-Quantum Crypto (Now): New algorithms like Kyber to protect against future quantum computers.

These show how cryptography moved from simple letter swaps to complex math-based systems.

Symmetric Encryption: The Fast Lock

Symmetric encryption is like a safe with one key: the same key locks (encrypts) and unlocks (decrypts) your data. It’s super fast, great for big files or quick chats.

How It Works:

  1. You and your friend share a secret key (like passing a key in a locked box).
  2. You use the key to scramble your message into ciphertext.
  3. Your friend uses the same key to unscramble it.

There are two types: block ciphers (encrypt chunks of data) and stream ciphers (encrypt one bit at a time). It’s fast but tricky because you need a safe way to share the key. If a hacker grabs it, they can read everything.

Examples:

  • AES (Advanced Encryption Standard): The world’s favorite. Uses keys of 128, 192, or 256 bits. It chops data into 128-bit blocks and scrambles them through 10–14 rounds of swapping, mixing, and combining with the key. Used in Wi-Fi, VPNs, and cloud storage.
  • DES (Data Encryption Standard): An older system with a 56-bit key, too short for today’s computers, so it’s retired.
  • ChaCha20: A stream cipher that creates a random-looking stream of bits (keystream) using a key and a unique number (nonce). It mixes this with your message to scramble it. Great for phones and secure apps like WireGuard.

Code Example: AES Encryption

from Crypto.Cipher import AES
from Crypto.Random import get_random_bytes
import base64

# Generate random key and IV
key = get_random_bytes(16)  # AES-128
iv = get_random_bytes(16)   # 128-bit IV
message = "Hello, secure world!"

# Pad message to 16-byte blocks
def pad(text):
    padding_length = 16 - (len(text) % 16)
    padding = bytes([padding_length] * padding_length)
    return text.encode() + padding

# Encrypt
cipher = AES.new(key, AES.MODE_CBC, iv)
ciphertext = cipher.encrypt(pad(message))
encoded_ciphertext = base64.b64encode(ciphertext).decode('utf-8')

# Decrypt
def unpad(padded):
    padding_length = padded[-1]
    return padded[:-padding_length].decode()

decipher = AES.new(key, AES.MODE_CBC, iv)
decrypted = unpad(decipher.decrypt(ciphertext))

print(f"Ciphertext: {encoded_ciphertext}")
print(f"Decrypted: {decrypted}")

This Python code (using pycryptodome) encrypts “Hello, secure world!” with AES. The key and IV (initialization vector) ensure unique encryption. Run it with pip install pycryptodome.

Asymmetric Encryption: The Double-Key Trick

Asymmetric encryption is like a mailbox: anyone can drop a letter in (encrypt) using a public key, but only the owner with the private key can open it (decrypt). It’s slower but doesn’t need secret key sharing.

How It Works:

  1. You create two keys: public (shareable) and private (secret).
  2. Someone encrypts a message with your public key.
  3. You decrypt it with your private key.

It’s great for secure emails or signing digital documents but uses more computer power. Often, it’s used to share a symmetric key safely, then symmetric does the heavy lifting.

Examples:

  • RSA (1977): Uses big prime numbers. Multiplying them is easy, but splitting the result (factoring) is super hard, keeping your data safe. Used in website security (HTTPS).
  • ECC (1985): Based on math with elliptic curves. Smaller keys but just as secure, perfect for phones. Used in Bitcoin and secure apps.
  • Diffie-Hellman (1976): Lets two people agree on a secret key over an open line, like a secret handshake. Used in VPNs and secure chats.

Code Example: RSA Encryption

from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_OAEP
import base64

# Generate RSA key pair
key = RSA.generate(2048)
private_key = key
public_key = key.publickey()

# Message to encrypt
message = "Secure RSA message!"

# Encrypt with public key
cipher = PKCS1_OAEP.new(public_key)
ciphertext = cipher.encrypt(message.encode())
encoded_ciphertext = base64.b64encode(ciphertext).decode('utf-8')

# Decrypt with private key
decipher = PKCS1_OAEP.new(private_key)
decrypted = decipher.decrypt(ciphertext).decode()

print(f"Ciphertext: {encoded_ciphertext}")
print(f"Decrypted: {decrypted}")

This code creates an RSA key pair, encrypts a message, and decrypts it. The 2048-bit key makes it secure.

Historical Ciphers: Learning from the Past

Old ciphers teach us how encryption started. They’re simple but show the basics of scrambling messages.

Caesar Cipher: Shifts letters by a number (e.g., shift 3: “CAT” becomes “FDW”). Easy to guess by trying 25 shifts.

def caesar_encrypt(plaintext, shift):
    result = ""
    for char in plaintext:
        if char.isalpha():
            ascii_offset = 65 if char.isupper() else 97
            result += chr((ord(char) - ascii_offset + shift) % 26 + ascii_offset)
        else:
            result += char
    return result

def caesar_decrypt(ciphertext, shift):
    return caesar_encrypt(ciphertext, -shift)

message = "Hello, World!"
shift = 3
encrypted = caesar_encrypt(message, shift)
decrypted = caesar_decrypt(encrypted, shift)
print(f"Original: {message}")
print(f"Encrypted: {encrypted}")
print(f"Decrypted: {decrypted}")

Vigenère Cipher: Uses a keyword to change shifts for each letter (e.g., key “KEY” shifts “CAT” to “RIQ”).

def vigenere_encrypt(plaintext, key):
    result = ""
    key = key.upper()
    key_index = 0
    for char in plaintext:
        if char.isalpha():
            ascii_offset = 65 if char.isupper() else 97
            key_shift = ord(key[key_index % len(key)].upper()) - 65
            result += chr((ord(char) - ascii_offset + key_shift) % 26 + ascii_offset)
            key_index += 1
        else:
            result += char
    return result

def vigenere_decrypt(ciphertext, key):
    result = ""
    key = key.upper()
    key_index = 0
    for char in ciphertext:
        if char.isalpha():
            ascii_offset = 65 if char.isupper() else 97
            key_shift = ord(key[key_index % len(key)].upper()) - 65
            result += chr((ord(char) - ascii_offset - key_shift) % 26 + ascii_offset)
            key_index += 1
        else:
            result += char
    return result

message = "Hello, World!"
key = "KEY"
encrypted = vigenere_encrypt(message, key)
decrypted = vigenere_decrypt(encrypted, key)
print(f"Original: {message}")
print(f"Encrypted: {encrypted}")
print(f"Decrypted: {decrypted}")

The Math Behind Cryptography

Cryptography uses math to make data hard to crack but easy to unlock with the right key. It’s like a puzzle that’s simple one way but nearly impossible the other.

  • XOR (Exclusive OR): A math trick that flips bits. If two bits are the same, you get 0; if different, you get 1. Example: “A” (01000001) XOR key (10101010) = 11101011. Do it again, and you’re back to “A”. It’s used in stream ciphers like ChaCha20 because it’s fast and reversible.
  • Modulo Arithmetic: Keeps numbers in a range, like a clock. Example: 17 mod 5 = 2 (17 ÷ 5 leaves remainder 2). In RSA, it handles huge numbers safely, making it hard to reverse without the key.
  • Prime Numbers: RSA uses two big primes (e.g., 17 and 23). Multiply them (17 × 23 = 391), and factoring 391 back is tough. For 2048-bit numbers, it’s nearly impossible!
  • Discrete Logarithms: Used in Diffie-Hellman and ECC. If g^k = h, finding k is super hard. ECC uses curves like y² = x³ + ax + b, where points follow special math rules.
  • Hash Functions: Turn data into a fixed-size code. Example: SHA-256 turns “hello” into a 64-character hash. Changing one letter gives a totally different hash, proving integrity.

These math ideas create locks that are easy to use but hard to pick. Future quantum computers might break some, so new math (like lattices) is being developed.

Best Practices for Safe Cryptography

  • Use Random Keys: Pick keys with secure random tools (not your birthday!).
  • Don’t Reuse Keys: Reusing keys or IVs can let hackers spot patterns.
  • Trust Experts: Use libraries like OpenSSL or libsodium, not homemade code.
  • Mix It Up: Use asymmetric to share keys, symmetric for big data.
  • Stay Ready: Watch for hacks (like Heartbleed) and use quantum-safe algorithms like Kyber.

Wrapping Up

Cryptography is like a shield for our digital lives. By learning its basics—simple ciphers, modern algorithms, and cool math—you can keep your data safe. Want to explore further? Try hands-on challenges on TryHackMe or dive into “Applied Cryptography” by Bruce Schneier. More posts coming soon—stay tuned.