Showing posts with label cryptography. Show all posts
Showing posts with label cryptography. Show all posts

Sunday, 19 July 2015

Mini Blog: Classical Cryptography's Hill Cypher

The contents of this blog post today will detail about a cipher in classical cryptography. It is not used nowadays because it is easily vulnerable. In fact, the way it works can also be understandable to any high schooler or first year college student who has an elementary-level knowledge of linear algebra.

Say you have a message you want to decrypt, e.g. "I like pie". We convert each character into a numerical representation (e.g. perhaps ASCII). Then we form a matrix out of these characters. Let's call it matrix B.

Let's use the concept of matrix multiplication and invertible matrices in order to decrypt and encrypt this matrix B message.

We can easily encrypt it by matrix-multiplying it with an arbitrary matrix A. The resulting matrix, AB, will be sent as the "encrypted message". Note that of course, the number of columns in matrix A must be equal to the number of rows in matrix B for matrix multiplication of A and B to work.

Now, you can send this encrypted message AB to anyone. But how can they decrypt it? Simple. We can use the property of invertible matrices.

(A^-1)(AB) = B

So, we just need to multiply the inverse of matrix A to the encrypted message AB, to get back the decrypted message B. Note that A must be an invertible matrix then.

-------------------------------------
Resources:

Tuesday, 2 December 2014

How Keybase.io Taught me Basic Public Key Cryptography/Asymmetric Cryptography



While on Facebook one day, I noticed a friend who is in first year software engineering posting publicly about how he has some invites to a certain website called "Keybase.io". Naturally, I was intrigued, and decided to visit the website, and also asked my friend for an invite (and he kindly gave me one). To be honest, the most intriguing and captivating thing about the website at first was just the amazing, wondrous, illustrations that looked like they were from a classic children's book. I subsequently visited the portfolio site of the brilliant designer who drew these heartwarming, Caroline Hadilaksono's site.

After wasting a few minutes on her site and seeing her pretty illustrations, I actually started to read the text/content on Keybase's main website. And let me tell you that I honestly had trouble wrapping my head around what exactly this service was offering to me, the user. I was even questioning whether I was a potential user of this website, since I didn't know what it was trying to explain, except for the fact that it allows you to connect various usernames from various popular social networks together in order to form a single social identity online. I was honestly confused as to what a "public key" was.

As a regular person who does not know a thing about cryptography until visiting this site, I do have to recommend that Keybase should have some sort of explanation about what public key cryptography is, and their service. I mean, the example on their homepage with Maria grabbing a pint with someone seems like it should explain the whole service wholly, but it just didn't. I didn't understand a thing, even after reading it quite a few times over. That's when I got a bit frustrated at the lack of a good explanation, and decided to Google by myself about this whole "public key" thing.

And boy did I learn a lot! That's one thing that I really like about Keybase - that it taught me something really cool and exciting in my opinion (even though they didn't do a good job of it themselves).

So, just what exactly is this "public key" thing, and what exactly is Keybase? Well, this post is to basically explain it in simple English. No need for fancy words in this post - just straight up facts.

Tl;dr Short Lesson on What is Public Key Cryptography, and Cryptography in General, For Dummies (Like Me)



So, I'm guessing everyone already knows about the whole fiasco with the NSA and how they're spying on everyone's emails. So, how would you prevent people like the NSA, or "hackers" from reading your email? Well, that's where cryptography comes in.

So basically, let's say you want to send an email to someone, but you are afraid that a hacker can hack and might get that email while it is sent to the receiver. So, a good way to prevent the hacker from knowing the contents of your email is to encrypt it. A really good and simple example of what "encrypting" is would be if the hacker didn't know the Chinese language at all and did not have access to a Chinese-English dictionary, but you and the person you want to send the email to do have dictionaries. So, you translate your message word by word in Chinese, send it to the receiver, and they can translate it back to English and read it. Along the way, even IF the hacker gets the email, the contents are unreadable to him. Of course, actual encryption uses lots of complex and very interesting math, and are very very hard to "crack".

So, basically, I learnt that Keybase offers a service that provides this kind of easy service to communicate to other people by using their encrypting and decrypting methods. But, they provide a certain type of cryptographic method called public key cryptography. Some people also call "public key cryptography" as "asymmetric cryptography".

I will explain now about how public key cryptography actually "encrypts" your messages and allows the recipient of your messages to "decrypt" the messages.

Basically, in this type of cryptographic method, you have a public key that anyone can see and "use" (I will explain this in just a second).  This key is usually a big and long sequence of words and numbers that you can copy and paste to anyone. In addition to this public key, you also have a private key. You should never show this private key to anyone, or else the public key cryptography method of safely encrypting/decrypting will just not work - so be sure to keep the private key safe!

Both your public key and private key are mathematically related to each other, but this math is very hard to crack, so for all intensive purposes, no one can "solve" or find out what your private key is just from looking/analyzing your public key.

The public and private keys are mathematically related in such a way so that if you encrypt a message using the public key, you can decrypt the same message using your private key.

So, let's say you want to give your friend Joe an encrypted message that only HE can read. So what do you do? You actually USE Joe's public key to encrypt your message, and then give this encrypted message to him. If anyone accidentally sees this message and obtains it, they cannot read it or decipher it. This is because the encrypted message can only be decrypted by Joe's private key.

Now that I have explained the very very basics of public key cryptography, if anyone is actually reading this, and if they actually want to read more about this interesting subject (including learning about digital signatures, digital certificates, etc.), please click here to read more about it!

To whomever reads this post, I hope you learned a little something about public key cryptography, as I did. Disregarding some of the criticisms that exist for Keybase, I still think it's a very neat service. It's very entertaining to write a message, encrypt it, copy and paste the encrypted message to someone, and have them decrypt it. It's also very fun vice versa. (I like to pretend that I'm some sort of spy!) Overall, I am delighted about how fun Keybase was. I have read that its purpose was to create a service for ordinary people like me or you to encrypt and decrypt messages easily. Well, I certainly think Keybase has hit its target in that regard.