Cryptography is method of securing communication between two different parties in the network in the presence of other third parties.
When cryptography was first implemented, it was used mostly in the field of military defense, spying, protection of world leaders and diplomats. However, in recent years cryptography is implemented in various other fields – like to secure online payment transactions, chip based payment cards, digital currencies, rights management, password protection, identity management, etc.
Types of Cryptography
There are two types of cryptography as discussed below –
In this type of cryptography, two parties agree on a secret key (private key) and use it for both encryption and decryption. Symmetric cryptography is faster, however, not scalable.
Also called as public key cryptography, this type uses two keys – a public key to encrypt the message and a private key to decrypt it.
As is evident from the name, the public key is known to the members of the network. However, the private key is kept a secret. This method enhances the security of the communicated message/transaction.
Brute Force Attack
An attack where the attacker uses methods to decrypt an encrypted message without knowing the private key. This is mainly done by employing very powerful computers to guess the private key.
With computers having a faster speed and processing power, it is always theoretically possible to guess the keys. So it is very important to have keys that will need powerful computers slog out for a very long duration (more than a couple of decades) for a successful guess.
For the same reason, the keys need to be randomly generated, be longer through the use of a secure algorithm for generation.
Every individual on the network has two sets of keys – a public key and a private key, as discussed earlier. The combination of these keys create a digital signature.
Digital signature identifies an individual uniquely and can be used to refer to the particular individual. Digital signature helps identify the wallet of the user in a decentralized network like the blockchain and is used to prove ownership of assets and control the same.
Digital signatures are thus primarily responsible to ensure security and integrity of the data recorded in the blockchain, and are used to secure transactions and blocks of transactions, transfer of sensitive information and other scenarios where detection and prevention of data tampering is important.
Asymmetric cryptography is used in digital signatures.
How is Digital Signature Created and Used?
Algorithms help encrypt, decrypt, sign and verify messages using the pair of keys in two major steps as discussed below –
1. Creation of Digital Signature – Uses Private Key
The following steps are involved –
- Let’s assume that Akash will send this document to Babli and so he creates the document
- Akash generates the public key and private key and shares the public key with Babli
- The document passes through a hashing algorithm to create a unique digest
- Akash’s private key is applied on the digest to create a digital signature
- The digitally signed document is sent to Babli
2. Message Verification – Uses Public Key
Once Babli receives the digitally signed document from Akash, she follows the below steps –
- Babli uses the public key shared by Akash to decrypt the digital signature to get a digest
- The content of the document is passed through a hashing algorithm to create a second digest
- If both the digest from 1 and 2 match, Babli knows that the message sent by Akash has not changed and that the sender is indeed Akash.
Advantages of Digital Signature
Key advantages provided by digital signature are –
If in any case, the encrypted data is altered while on the network, the digital signature would change too. This would make the data invalid and would prove that the data has been tampered with.
Data ownership always remains with a particular individual and so does digital signature which will help identify if the data is from the intended sender.
Nonrepudiation in simpler terms means that someone cannot deny something. In digital signature, it means the guarantee between parties during message transmission. When a message or data is signed by someone, it legally means that the person owns it and he cannot deny the same at a later stage.
However, it only stands when the private key of the individual is not compromised and thus it is very important to note that private keys should never be shared.