暗号学とは何か？

What Is Cryptography? | IBM What is cryptography? What is cryptography? Cryptography is the practice of developing and using coded algorithms to protect and obscure transmitted information so that it may only be read by those with the permission and ability to decrypt it. Put differently, cryptography obscures communications so that unauthorized parties are unable to access them. In our modern digital age, cryptography has become an essential cybersecurity tool for protecting sensitive information from hackers and other cybercriminals. Derived from the Greek word “kryptos,” meaning hidden, cryptography literally translates to “hidden writing.” It can be used to obscure any form of digital communication, including text, images, video or audio. In practice, cryptography is mainly used to transform messages into an unreadable format (known as ciphertext) that can only be decrypted into a readable format (known as plain text) by the authorized intended recipient by using a specific secret key. Cryptology, which encompasses both cryptography and cryptanalysis, is deeply rooted in computer science and advanced mathematics. The history of cryptography dates back to ancient times when Julius Caesar created the Caesar cipher to obscure the content of his messages from the messengers who carried them in the first century B.C.. Today, organizations like the National Institute of Standards and Technology (NIST) continue to develop cryptographic standards for data security . The latest tech news, backed by expert insights Stay up to date on the most important—and intriguing—industry trends on AI, automation, data and beyond with the Think newsletter. See the IBM Privacy Statement . Thank you! You are subscribed. Core tenets of modern cryptography Modern cryptography has grown significantly more advanced over time. However, the general idea remains the same and has coalesced around four main principles. Confidentiality: Encrypted information can only be accessed by the person for whom it is intended and no one else. Integrity: Encrypted information cannot be modified in storage or in transit between the sender and the intended receiver without any alterations being detected. Non-repudiation: The creator or sender of encrypted information cannot deny their intention to send the information. Authentication: The identities of the sender and receiver, as well as the origin and destination of the information are confirmed. Why cryptography is important In today’s digital landscape, cryptography plays a vital role in our daily lives, ensuring that sensitive data like credit card numbers, e-commerce transactions and even WhatsApp messages remain confidential and secure. On a macro level, advanced cryptography is crucial for maintaining national security, safeguarding classified information from potential threat actors and adversaries. Security Intelligence | 29 April, episode 31 Your weekly news podcast for cybersecurity pros Whether you're a builder, defender, business leader or simply want to stay secure in a connected world, you'll find timely updates and timeless principles in a lively, accessible format. New episodes on Wednesdays at 6am EST. Watch the latest podcast episode Common uses for cryptography These are some of the most common use cases for cryptography. Passwords Cryptography is frequently used to validate password authenticity while also obscuring stored passwords. In this way, services can authenticate passwords without the need to keep a plain text database of all passwords which might be vulnerable to hackers. Cryptocurrency Cryptocurrencies like Bitcoin and Ethereum are built on complex data encryptions that require significant amounts of computational power to decrypt. Through these decryption processes, new coins are “minted” and enter circulation. Cryptocurrencies also rely on advanced cryptography to safeguard crypto wallets, verify transactions and prevent fraud. Secure web browsing When browsing secure websites, cryptography protects users from eavesdropping and man-in-the-middle (MitM) attacks. The Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols rely on public key cryptography to protect data sent between the web server and client and establish secure communications channels. Electronic signatures Electronic signatures, or e-signatures, are used to sign important documents online and are frequently enforceable by law. Electronic signatures created with cryptography can be validated to prevent fraud and forgeries. Authentication In situations where identity authentication is necessary, such as logging in to an online bank account or accessing a secure network, cryptography can help confirm or verify a user’s identity and authenticate their access privileges. Secure communications Whether sharing classified state secrets or simply having a private conversation, end-to-end encryption is used for message authentication and to protect two-way communications like video conversations, instant messages and email. End-to-end encryption provides a high level of security and privacy for users and is widely used in communication apps like WhatsApp and Signal. Types of cryptography There are two main types of encryption in use today: symmetric cryptography and asymmetric cryptography. Both types use keys to encrypt and decrypt data sent and received. There are also hybrid cryptosystems that combine both. A cryptosystem is considered symmetrical when each party—sender and receiver—uses the same key to encrypt and decrypt data. Algorithms such as the Advanced Encryption Standard (AES) and Data Encryption Standard(DES) are symmetric systems. Asymmetric cryptography uses multiple keys—some shared and some private. In this way, the sender and receiver of an encrypted message have asymmetrical keys, and the system is asymmetrical. RSA—named after its progenitors Rivest, Shamir and Adleman—is one of the most common public key encryption algorithms. While asymmetric systems are often considered to be more secure due to their use of private keys, the true measure of a system’s strength is more dependent on key length and complexity. Symmetric cryptography Symmetric key cryptography uses a shared single key for both encryption and decryption. In symmetric cryptography, both the sender and receiver of an encrypted message will have access to the same secret key. Caesar’s cipher is an early example of a single key system. This primitive cipher worked by transposing each letter of a message forward by three letters, which would turn the word “cat” into “fdw” (although Caesar would have probably used the Latin word “cattus”). Since Caesar’s generals knew the key, they would be able to unscramble the message by simply reversing the transposition. In this way, symmetrical cryptosystems require each party to have access to the secret key before the encrypting, sending and decrypting of any information. Some of the main attributes of symmetric encryption include: Speed: The encryption process is comparatively fast. Efficiency: Single key encryption is well suited for large amounts of data and requires fewer resources. Confidential: Symmetrical encryption effectively secures data and prevents anyone without the key from decrypting the information. Asymmetric cryptography Asymmetric cryptography (also referred to as public key cryptography) uses one private key and one public key. Data that is encrypted with a public and private key requires both the public key and the recipient’s private key to be decrypted. Public key cryptography enables secure key exchange over an insecure medium without the need to share a secret decryption key because the public key is only used in the encryption, but not the decryption process. In this way, asymmetric encryption adds an additional layer of security because an individual’s private key is never shared. Some of the main attributes of symmetric encryption include: Security: Asymmetric encryption is considered more secure. Robust: Public key cryptography offers more benefits, providing confidentiality, authenticity and non-repudiation. Resource intensive: Unlike single key encryption, asymmetrical encryption is slow and requires greater resources, which can be prohibitively expensive in some cases. Cryptographic keys and key management Cryptographic keys are essential for the secure use of encryption algorithms. Key management is a complex aspect of cryptography involving the generation, exchange, storage, use, destruction and replacement of keys. The Diffie-Hellman key exchange algorithm is a method used to securely exchange cryptographic keys over a public channel. Asymmetric key cryptography is a critical component in key exchange protocols. Unlike Caesar’s cipher, which used a shifted Roman alphabet as a key, modern keys are far more complex and typically contain 128, 256 or 2,048 bits of information. Advanced cryptographic algorithms use these bits to rearrange and scramble the plain text data into ciphertext. As the number of bits increases, the number of total possible arrangements of the data rises exponentially. Caesar’s cipher uses few bits and it would be easy for a computer to decrypt (even without the secret key) by simply trying all the possible arrangements of the scrambled ciphertext until the entire message was transformed into readable plain text. Hackers call this technic a brute force attack. Adding more bits makes brute force attacks prohibitively difficult to compute. While a 56-bit system can be brute forced in 399 seconds by today’s most powerful computers, a 128-bit key would require 1.872 x 10 37 years. A 256-bit system would take 3.31 x 10 56 years. For reference, the entire universe is believed to have existed for only 13.7 billion years, which is less than a percent of a percent of the time it would take to brute force either a 128-bit or 256-bit cryptosystem. Cryptographic algorithms and encryption methods An encryption algorithm is a component o