Cryptography for beginners: understanding the basics

Cryptography is the technique for protecting information by transforming it into a secure format, known as "ciphertext", which hides the true meaning of the encrypted data. The reverse process, known as "decryption", makes the information readable again. This practice is fundamental to protecting digital communications and safeguarding data.

The principles of cryptography

Cryptography relies on two key concepts: the encryption key and the decryption key. In symmetric cryptography, the same key is used both to encrypt and to decrypt data. In asymmetric cryptography, two different keys are used instead: a public one for encryption and a private one for decryption.

Code examples in Python

Let's look at a simple example of symmetric cryptography in Python:

from Crypto.Cipher import AES
import base64

# Key and data to encrypt
key = 'ThisIsAKey12345'
data = 'Secret Message'

# Create an AES cipher object
cipher = AES.new(key, AES.MODE_CBC, '16charInitVector')

# Encrypt and encode in base64
encrypted_data = base64.b64encode(cipher.encrypt(data))

print(f'Encrypted data: {encrypted_data}')

# Decryption
decryptor = AES.new(key, AES.MODE_CBC, '16charInitVector')
decrypted_data = decryptor.decrypt(base64.b64decode(encrypted_data)).strip()

print(f'Decrypted data: {decrypted_data}')

In this example we first imported the necessary libraries, then defined a key and a message (data). AES (Advanced Encryption Standard) is the algorithm we used to encrypt the message and then encode it in base64, making it safe for transmission or storage. Since this is symmetric cryptography, we used the same key to decrypt the data as well.

Code example in PHP

The same thing can be done in PHP, let's see how:

// Key and data to encrypt
$key = 'ThisIsAKey12345';
$data = 'Secret Message';

// Pad the data to be a multiple of AES block size
$blockSize = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$pad = $blockSize - (strlen($data) % $blockSize);
$data .= str_repeat(chr($pad), $pad);

// Create an AES cipher object with CBC mode
$cipher = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');

// Initialize encryption
mcrypt_generic_init($cipher, $key, '16charInitVector');

// Encrypt and encode in base64
$encryptedData = base64_encode(mcrypt_generic($cipher, $data));

echo 'Encrypted data: ' . $encryptedData . "\n";

// Initialize decryption
mcrypt_generic_init($cipher, $key, '16charInitVector');

// Decrypt and decode from base64
$decryptedData = mdecrypt_generic($cipher, base64_decode($encryptedData));

// Unpad the data
$pad = ord($decryptedData[strlen($decryptedData) - 1]);
$decryptedData = substr($decryptedData, 0, -1 * $pad);

echo 'Decrypted data: ' . $decryptedData;

In the PHP code we start by defining the key and the data to encrypt, as we did in Python. Next, to make sure the data length is a multiple of the AES block size, we pad the data. This is necessary because AES is a block cipher and requires fixed-size data.

The code uses several functions (mcrypt_get_block_size, mcrypt_module_open, mcrypt_generic_init and mcrypt_generic) to create and initialize the cipher object in CBC (Cipher Block Chaining) mode, and then to encrypt the data. After encryption, the data is base64-encoded to make it safe for transmission or storage.

For decryption, the same process is repeated in reverse. The encrypted data is first decoded from its base64 form, then decrypted using the same mcrypt functions. Finally, the padding is removed to recover the original message.

These Python and PHP examples show how relatively simple it is to implement basic cryptography techniques. However, it's essential to remember that data security isn't just about cryptography. Good security practice also includes proper key management, understanding threats, and using up-to-date security protocols.