Cryptography
What Is Cryptography?
Cryptography is the science of securing information by transforming it into a form that is unintelligible to unauthorized parties. It provides the mathematical and engineering foundations for confidentiality, integrity, authentication, and non-repudiation across digital communications and stored data. The discipline draws from number theory, algebra, probability theory, and computer science, and its practical standards are developed through bodies such as NIST and IEEE. Modern cryptography underpins virtually every secure digital interaction, from web browsing to financial settlement to code signing.
Symmetric Encryption
Symmetric encryption uses a single shared key for both encryption and decryption. The Advanced Encryption Standard (AES), standardized by NIST in FIPS 197, is the dominant symmetric cipher and operates on 128-bit blocks with key lengths of 128, 192, or 256 bits. Its security rests on the infeasibility of exhaustive key search and on algebraic properties that resist known statistical attacks. Stream ciphers such as ChaCha20 provide an alternative for environments where hardware acceleration of AES is unavailable, offering comparable security with lower computational overhead. The primary limitation of symmetric encryption is key distribution: two parties who have never communicated need a secure channel to exchange the shared key before any encrypted message can be sent.
Public Key Cryptography
Public key cryptography, introduced by Diffie and Hellman in 1976 and formalized through the RSA algorithm the following year, resolves the key distribution problem by using mathematically linked key pairs. A public key is freely distributed and used to encrypt data or verify a signature; a private key is kept secret by its owner and used to decrypt data or produce a signature. RSA's security depends on the computational difficulty of factoring large integers, while elliptic curve cryptography (ECC) achieves equivalent security with shorter keys by exploiting the discrete logarithm problem on elliptic curves over finite fields. ECC is now prevalent in constrained environments such as mobile devices and embedded systems. The NIST Post-Quantum Cryptography standardization program addresses the threat that quantum computers running Shor's algorithm pose to RSA and ECC, having finalized algorithms including CRYSTALS-Kyber for key encapsulation in 2024.
Hash Functions and Digital Signatures
A cryptographic hash function maps an arbitrary-length input to a fixed-length digest in a way that is deterministic, fast to compute, and computationally infeasible to reverse or to find two inputs sharing a digest. SHA-256 and SHA-3, both standardized by NIST, are the most widely deployed families. Digital signatures combine hashing with asymmetric cryptography: a sender hashes a message and encrypts the digest with their private key, producing a signature that any party holding the corresponding public key can verify. The Elliptic Curve Digital Signature Algorithm (ECDSA) and its deterministic variant EdDSA are standard in TLS 1.3, code-signing pipelines, and cryptocurrency transaction validation. Hash functions also serve as the building blocks for message authentication codes (MACs), password storage schemes, and commitment protocols.
Quantum Cryptography
Quantum cryptography applies principles of quantum mechanics to achieve security guarantees that rest on physical law rather than computational assumptions. Quantum key distribution (QKD), formalized in the BB84 protocol published by Bennett and Brassard in 1984, allows two parties to generate a shared random secret key such that any eavesdropping attempt disturbs the quantum states and is detectable. Commercial QKD systems operating over optical fiber have been deployed in banking and government networks in several countries. The IEEE Quantum Initiative coordinates standards development and educational resources for quantum communication and computing technologies, recognizing that QKD and post-quantum algorithms address complementary aspects of long-term cryptographic security.
Applications
Cryptography has applications in a wide range of disciplines, including:
- Secure communications: TLS/SSL protocols protecting web traffic, email, and messaging applications
- Financial systems: encryption and digital signatures securing payment card transactions, interbank settlement, and cryptocurrency ledgers
- Software integrity: code signing and secure boot processes verifying that firmware and applications have not been tampered with
- Identity and access management: certificate authorities, public key infrastructure (PKI), and authentication tokens
- Cloud storage: client-side and server-side encryption protecting data at rest across distributed storage systems