Cybersecurity Fundamentals
Introduction to Cybersecurity The CIA Triad & Core Principles Cyber Threat Landscape Security Frameworks & Standards Cryptography Essentials
Progress: 0%
Cybersecurity Fundamentals

Cryptography Essentials

55 min

What is Cryptography?

Cryptography is the science of securing information by transforming it into an unreadable format for unauthorized parties. It is the mathematical backbone of all cybersecurity systems — from HTTPS to digital signatures to VPNs.

Symmetric Encryption

The same key is used for both encryption and decryption. Fast and efficient for bulk data encryption.

SYMMETRIC ALGORITHMS ──────────────────────────────────────── AES-256 → Industry standard, used in TLS, VPNs Block cipher, 256-bit key, FIPS approved 3DES → Legacy, being phased out DES → Deprecated, 56-bit key (broken) Key challenge: Secure key exchange between parties ────────────────────────────────────────

Asymmetric (Public Key) Cryptography

Uses a mathematically related key pair: a public key (shareable) and a private key (secret). What one key encrypts, only the other can decrypt.

  • RSA — Based on difficulty of factoring large primes; 2048-4096 bit keys
  • ECC (Elliptic Curve) — Smaller keys, same strength; used in modern TLS
  • Diffie-Hellman — Key exchange protocol; enables forward secrecy

Hash Functions

One-way functions that produce a fixed-size "fingerprint" (digest) of any input. Used for data integrity verification and password storage.

COMMON HASH FUNCTIONS ──────────────────────────────────────────────── MD5 → 128-bit | BROKEN — collision attacks SHA-1 → 160-bit | DEPRECATED — collision found 2017 SHA-256 → 256-bit | ✅ SECURE — current standard SHA-3 → Variable | ✅ SECURE — Keccak algorithm bcrypt → Variable | ✅ PASSWORD HASHING standard Argon2 → Variable | ✅ MODERN — memory-hard, best for passwords ──────────────────────────────────────────────── Example — SHA-256: Input: "Anirban Mitra" Output: a3f8d9c2... (always 64 hex chars) Change any single character → completely different hash (Avalanche Effect)

PKI & Digital Certificates

Public Key Infrastructure (PKI) is the framework for managing digital certificates and public-key encryption. SSL/TLS certificates use PKI to secure HTTPS connections.

  • CA (Certificate Authority) — Trusted entity that issues digital certificates (DigiCert, Let's Encrypt)
  • X.509 Certificate — Standard format containing public key, identity, validity period, and CA signature
  • Digital Signature — Created with private key; verified with public key; proves authenticity + integrity

🔑 TLS Handshake Summary

1. Client sends "Hello" + supported cipher suites
2. Server sends certificate (public key)
3. Client verifies certificate against trusted CAs
4. Key exchange via DH/ECDH establishes shared session key
5. All data encrypted with symmetric AES session key

Previous
Login to Track Progress