next up previous contents
Next: What type of cryptography Up: Cryptography HowTo Previous: Why would I want   Contents

What types of cryptography are there?

This list will be very far from comprehensive. Everybody has their own opinions on how cryptography should work, and therefore it seems that there are as many types of cryptography as there are people who can write a program.

However, there are a few basic types of cryptography which we will discuss in this document. Before we get into any of these types, there are a few terms which we need to define for you.

The process of locking up information using cryptography. Information that has been locked up this way is said to be encrypted.
The process of unlocking encrypted information using cryptography.
A secret, like a password, which is used to encrypt and decrypt information. There are a few different types of keys used in cryptography, which we will see below.
Secure Line
A transmission channel which can be used to send information secretly (in other words, nobody can intercept and read that data).
Public Line
A transmission channel which cannot be used to send information secretly - the information can be ''overheard'' easily. A public pay phone is an excellent example of this; so is the Internet.

Now, we get to the basic types of cryptography. While reading about these types of cryptography, it may be helpful to think of a key as a key to a door.

Symmetric Cipher
In the simpler types of cryptography, the same key is used to encrypt and decrypt information. This key is sometimes called a symmetric key.

Everybody who is supposed to be able to read the information must have the key. The problem with this sort of code is that the key has to be given to them over a secure line. If you're able to give a key securely, why not send the whole message securely?

Thinking of the key as the key to a room may help explain this better. Everybody who should have access to the room is given a copy of the key. Anybody who has that key can go in, put new information in, take old information out, and lock the room again when they leave. Without the key, you can't enter the room. Furthermore, if you send somebody a copy of the key by way of the Post Office, somebody working at the Post Office could intercept this key, make a copy of it, and then send it along. This would allow them to access this same locked room, and do the same things with it. Now, think of sending the key over the Internet. That key could be intercepted by anybody between you and the other machine, letting them read everything you locked up with that key, even letting them modify it.

Public Key Cryptography
In this type of cryptography, one key is used to encrypt, and a matching key is used to decrypt. These two keys together are called a key pair. One of these keys is called the secret key or private key, and should be kept secure. The other is called the public key and should be given out to everybody on the planet (if possible). The reasons for this will become apparent in later discussion.

This type of code is a bit more complex, but it is the most commonly used type of code for exchanging email today.

The best way to explain this is by using an analogy. In this case, let's think of the public key as a key to a public drop box, and the private key as a key which lets you take things out of the drop box. When people want to send information to the owner of the drop box, they get the public key, which lets them into the room with the drop box. They put their information directly into the drop box. After that, not even they can get it back out. Only the holder of the private key can get it back out.

In reality, you can also use these keys for other purposes, such as verifying the identities of everybody involved. We will talk more about verification later in this HOWTO.

One Time Pad
A one time pad is considered the only perfect encryption in the world. The sender and receiver must each have a copy of the same pad (a bunch of completely random numbers), which must be transmitted over a secure line. The pad is used as a symmetric key; however, once the pad is used, it is destroyed. This makes it perfect for extremely high security situations (for example, national secrets), but virtually unusable for everyday use (such as email).
Steganography is actually the science of hiding information from people who would snoop on you. The difference between this and encryption is that the would-be snoopers may not be able to tell there's any hidden information in the first place. As an example, picture files typically have a lot of unused space in them. This space could be used to send hidden messages. If you do research on encryption, you may see the term steganography used on occasion. It is not, however, true encryption (though it can still be quite effective), and as such, we only mention it here for completeness.

next up previous contents
Next: What type of cryptography Up: Cryptography HowTo Previous: Why would I want   Contents
Greg Wooledge 2000-10-11