Technology Tap

Cybersecurity Fundamentals: Crypto Shields: How Your Data Stays Secret Chapter 3 Part 1

Juan Rodriguez Season 5 Episode 83

Share episode

professorjrod@gmail.com

Have you ever wondered what invisible force protects your private messages, banking details, and personal information as they travel across the internet? The answer lies in cryptology—the fascinating science of securing information through mathematical techniques.

Cryptology forms the backbone of modern cybersecurity, addressing the critical needs for confidentiality and integrity in our digital communications. Throughout this episode, Professor J-Rod breaks down complex cryptographic concepts into digestible, practical explanations that reveal how our online world maintains security.

We journey through the three fundamental pillars of cryptographic security. First, symmetric encryption—the fastest method using a single shared key—powers everything from full disk encryption on your laptop to secure messaging. Next, we explore asymmetric encryption (public-key cryptography), which brilliantly solves the key distribution problem through mathematically-linked key pairs. Finally, we demystify hashing—the one-way process that creates digital fingerprints to verify data integrity without revealing the original content.

Each concept comes alive through real-world examples: how your laptop protects files even if stolen, how websites establish secure connections with your browser, and why changing just one letter in a document completely transforms its hash value. The episode offers both theoretical understanding and practical knowledge about the technologies we unconsciously trust every day.

Whether you're a cybersecurity novice or simply curious about how digital security works, this episode provides valuable insights into the cryptographic foundations that keep our digital lives private and secure. Subscribe to Technology Tap for part two of our Cryptology Deep Dive, where we'll explore digital signatures, PKI, certificate authorities, and applications like VPNs, TLS, and blockchain. Your digital security knowledge journey is just beginning!

Support the show


Art By Sarah/Desmond
Music by Joakim Karud
Little chacha Productions

Juan Rodriguez can be reached at
TikTok @ProfessorJrod
ProfessorJRod@gmail.com
@Prof_JRod
Instagram ProfessorJRod

Speaker 1:

And welcome back to Technology Tap, where we break down the tech that powers our world. I'm Professor J-Rod and today we're diving into one of the most fascinating and invisible parts of cybersecurity cryptology. Think about it, cryptology. Think about it Every time you send a text, buy something online or stream your favorite show. Cryptology is silently protecting your information from prying eyes. But exactly what is it? How does it work and why do we trust it with our most private data? We'll explore the building blocks of cryptology, from symmetric and asymmetric encryption to hashing and digital signatures, so you can just understand how they work, but why they matter.

Speaker 1:

Let's get started At its core. Cryptology is about protecting information, making sure the right people can read it and the wrong people can't. In cybersecurity, we talk about the CIA triad confidentiality, integrity and availability. Cryptology is the key to the first two. Confidentiality encryption makes sure that if something intercepts your message, it's just gibberish to them. Integrity hashing and digital signatures ensure that no one tampered with your data on its way to you. Authentication and non-repudiation digital signatures let you prove who sent a message and prevent them from denying it later If you ever use HTTPS on a website, logged into your bank app or updated your laptop's operating system, cryptology was working behind the scenes. Without it, the internet will basically be the wild wild west, open to anyone who wanted to spy, steal and tamper with data.

Speaker 1:

All right, symmetric encryption let's start with the simplest and fastest type of encryption symmetric encryption. In symmetric encryption, we use the same key to encrypt and decrypt the data. Think about it like a shared secret. If I lock a box with a key, you need the same key to open it. Here is how it works the sender takes the original message, called plain text, and encrypts it with a secret key. The ciphertext scrambles data, it's sent to the recipient and the recipient uses the same key to decrypt it back to plain text. Because we only use one key, symmetric encryption is very fast and efficient. That's why it's used for bulk encryption things like full-distance encryption on your laptop, vpn tunnels, database encryption and even messaging apps. But here's the catch Key distribution. Both parties need the same key and getting the key to someone securely can be tricky. If an attacker intercepts a key during the exchange, they can read everything right. So, basically, how are you going to give the other person the key?

Speaker 1:

Let's talk about some of the most common symmetric algorithms AES, advanced Encryption Standard. The gold standard today is AES-128, aes-129, aes-256. The number is the key length. Aes-256 is practically unbreakable with current computing power. That's today right. 3des or triple DES, an older standard that's more secure than DES, but slower. Blowfish and 2FISH first, flat, fast and flexible algorithms popular in embedded devices. And RC4, once widely used in SSL, now considered insecure. Imagine your company's laptop. Or have bit lockers enabled with AES-256. Even if a laptop gets stolen, the thief cannot read any files without the keys.

Speaker 1:

The lesson here is symmetric encryption is powerful, but you must protect the key at all costs. This is why we often combine symmetric encryption with asymmetric encryption, which solves the key distribution problem, and that's what we'll cover next. Enter asymmetric encryption, also called public key cryptology. This is where things get really interesting. Instead of one key, we use two keys a public key that you can share with the world and a private key that you keep secret. Data encrypted with one key can only be decrypted with the other. Here's a practical example. I want to send you a secret message. I encrypt it with your public key. Only you can decrypt it because only you have the matching private key. This completely solves the key distribution problem. I don't need to send you a secret key in advance. Common algorithms here include RSA, the workhorse of public key cryptology. Ecc elliptic curve cryptology provides the same security as RSA, but with much shorter keys, making it faster and more efficient. Delphi-hellman, a method of securely exchanging keys over an insecure channel, often used to negotiate symmetric session keys. So every time you visit an HTTPS website, your browser and the server use asymmetric encryption. During the TLS handshake, the server sends its public key, your browser encrypts a session key with it and the server decrypts it with its private key. From that point on, symmetric encryption like AES takes over performance. The downside asymmetric encryption is slower and more computationally expensive. That's why it's usually just to use to exchange keys or create digital signatures, not encrypt entire files.

Speaker 1:

Our last major building block for today is hashing. Hashing is a one-way function. It takes input of any length and produces a fixed length. Output called a digest. Key properties is deterministic. The same input always produces the same hash One-way. You can't reverse the hash to get the original input. Collision resistance it is extremely hard for two different inputs to produce the same hash. Avalanche effect change one character, get a completely different hash. Popular hashing algorithms include SHA-256, sha-3, hmac for authentication MD5 and SHA-1. Md5 and SHA-1 are no longer secure and should not be used.

Speaker 1:

So the example that I like to give to my students is if you create a letter, let's say to grandma, and you write her a long letter and you save it, then you do a hash, you get a hash file, a hash number. If you just change grandma to grandpa, you get a completely different number, right? Just changing that one letter from grandma to grandpa, the M to the P, changes the hash completely. And the other thing I like to tell my students is hashing is not encryption. You're not encrypting anything, you're just verifying integrity.

Speaker 1:

It's used to maintain integrity on files. So let's say you uploaded something on the Internet and you give it a hash file. You want people, people, when they download it, to run the hash to make sure the number is the same. If the number is the same, it's good. If it's different, then somebody broke into your website, manipulated the file and you don't want the person to install it. Kali Linux used to do it with the Kali OS, but they stopped doing it on the when they changed websites, when they updated their website. All right, here's an example Password storage. When you create an account. Your password isn't stored in plain text, it's hashed. When you log in, the system hashes the password you enter and compares it to the stored hash. If they match, you're authenticated. Hashing is also used for file integrity checks. Think of downloading an iOS file from a Linux website and verifying that SHA-256 hash to make sure it wasn't tampered with.

Speaker 1:

The key takeaway hashing doesn't hide your data, it just gives you a fingerprint of it. So today we covered three core building blocks of cryptology Symmetric encryption for speed and bulk data, asymmetric encryption for secure key exchange and authentication. And hashing for authentication and verification. In our next episode we'll put these pieces together. We'll talk about digital signatures, pki, certificate authority and real-world cryptographic solutions like VPN, tls, blockchain and key management. Cryptology isn't just theory. It keeps the modern world running. Make sure you subscribe to Technology Tap so you don't miss part two of the Cryptology Deep Dive and keep tapping into technology. This has been a presentation of Little Cha-Cha Productions. Art by Sarah, music by Joe Kim. If you want to email me, you can at ProfessorJRod at gmailcom. You can also follow me on TikTok at ProfessorJRod you.