Most end users do not stop to think about what makes their data, accounts, and online activity secure. They know about passwords and understand that they should change them regularly, but what happens behind the scenes is hardly their concern.
As a student of an online Master of Computer Science, you will be required to understand the nuts and bolts of cybersecurity and the role that cryptography plays to keep us secure.
It is everywhere you look. It helps secure our online transactions and communications and authenticates identities. Cryptography is used to establish secure connections between servers and it prevents information tampering.
Today, it is more important than ever to secure online communication and data storage. According to some, cybercrime is now more lucrative than the drug business.
It is rife because anyone can get in, and it is hard to get caught. Unlike crimes in the physical world that are actively policed, online crime is a free-for-all, and in many jurisdictions, there are no laws and regulations to restrict the public. The as long one has some basic knowledge of computers and the right software, they can participate in hacking and other malicious online activity.
According to a 2021 IBM data breach report, the cost of a data breach in the United States is more than twice as much as the global average, with healthcare getting hit the hardest. The same report highlights that more than 80% of American businesses can expect to suffer a destructive attack sometime soon.
An online masters in computer science at Wilfrid Laurier University is one way to understand the intricacies involved in cryptography for cybersecurity. It covers topics like how to block ciphers, AES encryption, digital signatures, and elliptic curve cryptosystems. You also learn about privacy technologies and zero-knowledge proofs.
You can complete the course in under two years, and all lessons are available online. Apart from cryptography, the course also teaches parallel programming, algorithm design, application, and data mining.
After you complete the degree you will have many employment options. You can become a network architect, a software development manager, a senior data scientist, or a data analyst, all of which are six-figure income jobs.
Table of Contents
What is cryptography?
Cryptography is the study of securing communications so that only the sender and the recipient are privy to their meaning. It keeps messages out of view from third parties or adversaries who are considered malicious entities.
The science of cryptography has been around for a long time. Its earliest use can be traced to an inscription on the tomb of a nobleman in ancient Egypt in 1900 BCE. The writer, it seems, used unusual symbols in place of the hieroglyph of the day. The speculation is that rather than using cryptography to obscure the message, the writer intended to make it look more dignified and not for the common man. To decode what the message said, one needed to have a key.
Other early civilizations also used cryptography. The Arthashastra is a classic, ancient, encrypted handbook from India written between 350 and 275 BCE that outlines statecraft, methods of communication between spies, and how the espionage service of the time worked. Even Julius Caesar used cryptography to communicate with his generals.
Over thousands of years it has gone through three distinct stages: manual, which existed in the days of Caesar and before, mechanized cryptography, which came around the 18th century, and digital cryptography which we use today.
Why do we need cryptography?
Imagine a world where all information was out there for anyone to see. Life as we know it would cease — our reliance on online transactions and communications would be greatly minimized.
You would not be able to transact with your bank or shop online. All messages that you send and receive would be out there, and all your information and data would be available to all and sundry. If you submitted a school assignment online it would be available for others to copy, and anyone could spy on your video calls.
The role of cryptography is to ensure that this does not happen. It provides security for all communications, whether between you and your bank or you and a friend.
The importance of cryptography can be summed up as follows:
- It is the best way to protect the confidentiality of information. Only those with permission can access it. Even if the storage medium (like a server) is compromised, the data within stays safe because only those with the right key have access.
- It secures the integrity of data, making sure that it is reliable, predictable and trustworthy.
- Cryptography ensures that information always goes to the right recipient. Only they have the right key and the transmission is useless in the wrong hands.
- It keeps the holder and the sender accountable. If a message originates from a sender, they can hardly deny sending it because only they have the key. The same goes for the recipient. If your bank transfers money out of your account, they cannot deny it because they are the only ones with permissions to do that. If you were to mistakenly receive money in your bank account, you cannot deny it because you are the only one who has the key to your account. Hackers and other malicious entities indeed find ways to illegally access accounts, but cryptography experts work hard to stay ahead of them.
- Cryptography keeps systems accessible to users. As long as you have your Gmail password, for example, you can be sure to log into your account and retrieve your messages.
Elements of modern-day cryptography
The following four elements are sometimes described as the importance, or principles, of cryptography. Simply defined, they are how data is secured.
This refers to the guidelines ensuring that information is restricted to certain people, places or networks. It prevents unauthorized access using a cryptographic algorithm that is known only to the user and the recipient. Should anyone intercept a message, it will be meaningless because they cannot decode it.
A good example of this is a virtual private network (VPN). It secures data by encrypting it and passing it through a secure tunnel so that no one else can see your online activity. Should a malicious entity access your searches, all they will see are garbled letters and numbers that are meaningless.
This has to do with ensuring that messages are not altered in transit. Both the sender and recipient have an algorithm. If the message should be altered in any way, the recipient is informed and they can take the necessary steps to retrieve the original.
When you receive an email message, for example, you are sure that it is what the sender intended for you to see. This is the power of cryptography — no one interferes with your communication as it makes its way to you.
Spam ends up in a spam folder because it fails the authentication test. Authentication aims to verify the sender before a message is sent or any other action is initiated. It happens for both the sender and the recipient.
When the bank is crediting your account, for example, the user at that end is asked for a password. They cannot access your account if they do not enter the correct authentication information. Likewise, when you want to withdraw money, you will go through a series of steps that are in place to ensure that it is only you and no one else trying to access your account.
Authentication has come a long way in the last decade or so. In addition to passwords, we have biometric authentication which is even harder to bypass.
This is the process of ensuring that a message can be traced back to its original sender. It is like signing the dotted line in a contract — you cannot deny that you read and accepted the terms because you appended your signature to the document.
When you send a message, it first goes through an algorithm that assigns it a digital signature based on your verified identity. The signature will always identify that message as coming from you.
When the communication gets to the recipient, an algorithm checks the digital signature to make sure that it is legitimate before delivering it to the inbox. It also checks the digital signature of the recipient to ensure that it is indeed the right person receiving the message.
That way, both the sender and recipient cannot deny their role in the transmission.
What is the difference between cryptography and encryption?
Cryptography refers to the various processes that are used to secure data so that it is useless in the wrong hands. Encryption is one of those processes. You can think of cryptography as a main topic and encryption as a sub-topic within it.
Encryption is the actual coding and decoding of messages so that only those with the key can read them. It is one of the main techniques used in cryptography and relies on a key to encrypt and decrypt data.
Is cryptography 100% secure?
No, it is not, but it is hard to bypass. Hackers, scammers, and other malicious entities are continuously working to break cryptographs, and industry experts must always stay ahead.
Many businesses, financial institutions, security firms, and even law enforcement, for example, use AES-256 encryption. This is a very complicated form of encryption that would take a long time to crack. It has been around for a while now, and there is yet to be a successful widespread breach.
However, as hackers have demonstrated, they can sometimes bypass such systems to steal or compromise information.
You can think of it like antivirus software. The most secure is that which is constantly updated to stay ahead of bug makers. In other words, those who make antivirus software try to make it harder and harder to breach with each new version. It is the same for cryptography.
After you complete your online master’s degree in computer science, you will have a good understanding of the steps you can take to prevent security breaches. The course equips you with the skills needed to secure networks, data storage and communication systems to prevent breaches.
Common Weaknesses of cryptography
- Weak keys — a key is what is used to crack a cryptogram, and if it is weak it is only a matter of time before a malicious third party figures it out. Key strength is usually relative to the sensitivity of the data it protects as well as how long it needs to be in place. To log in to your Gmail account, for example, you need a relatively simple password. To get into your bank account you need a longer password that is made up of numbers, letters and symbols.
- Incorrect use of keys — if keys are not used correctly they are easier to crack.
- The reuse of keys — this is a common problem, and the only way to get around it is to change passwords frequently.
- Poor storage of keys — if you leave them where others can see them you will be compromised sooner or later.
- Insider threats — this is common today. A rogue employee can compromise an entire system and place critical data and information at risk.
- Lack of proper audits — few companies take the time to audit their computer systems to find out how secure they are. As long as they have not experienced a breach they are happy to keep using existing systems.
To overcome some of these weaknesses, companies have to be willing to invest in the latest security management systems from reputable providers. They must also employ highly qualified professionals who understand information systems and how to secure them.
Cryptography may not be a familiar concept to the average user, but as a student of IT, you need to have a deep understanding of how it works and why it matters. An online master’s degree in computer science is one way to gain the necessary knowledge. You will become a highly desired professional and employers will be willing to pay well for your skills.