As a child, you may recall using symbols to write coded messages to your classmates that no one else could understand. More seriously, codes and ciphers are used for information security in computer systems and networks to protect sensitive and commercial information from unauthorized access when it is at rest or in transit. Uses include anything from keeping military secrets to transmitting financial data safely across the Internet.
Cryptography is an important computer security tool that deals with techniques to store and transmit information in ways that prevent unauthorized access or interference.
The cryptographic process of scrambling text from a readable form to an unintelligible form – known as cipher text – is called encryption. Sending secret or private messages as cipher text is a typical use of cryptography. Once the cipher text is received, it is descrambled by the authorized recipient back to its readable form. The descrambling (or decryption) is performed with the use of an encryption key, which serves to prevent third parties from reading these messages.
Encryption methods have been used by many civilizations throughout history to prevent non-authorized people from understanding messages. Julius Caesar is credited for one of the earliest forms of cipher – the “Caesar Cipher” – to convey messages to his generals. With increasing sophistication, cryptography now plays a vital role in ensuring the privacy, data confidentiality, data integrity and authentication in computer systems and networks. In today’s world, where the majority of our personal and professional communications and transactions are conducted online, cryptography is more important than ever.
Register for additional resources and updates on IT and related technologies!
To learn how your data will be used, please see our privacy notice. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
How your data will be used
Please see ISO privacy notice. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Cryptography refers to the techniques and algorithms that are used today for secure communication and data in storage. It incorporates mathematics, computer science, electronics and digital signal processing. Broadly speaking, there are four types of cryptography systems:
The key principles of information security are confidentiality, integrity and availability. Cryptography is an important tool that helps to preserve two of these principles:
In addition to these key information security objectives, cryptography is used to achieve:
By checking knowledge of a secret, entity authentication verifies the identity of the sender. Various crypto-based mechanisms and protocols can be used to achieve this, such as symmetric systems, digital signatures, zero-knowledge techniques and checksums. ISO/IEC 9798 is a series of standards that specifies entity authentication protocols and techniques.
Used to verify the authenticity of data, digital signatures confirm that the data originated from the signer and has not been changed. They are used, for example, in email messages, electronic documents and online payments. International Standards that specify digital signature schemes include ISO/IEC 9796, ISO/IEC 14888, ISO/IEC 18370 and ISO/IEC 20008.
Cryptographic techniques such as digital signatures can be used to provide non-repudiation by ensuring that the sender and receiver of a message cannot deny that they, respectively, sent or received the message. The standard ISO/IEC 13888 describes techniques (symmetric and asymmetric) for the provision of non-repudiation services.
Lightweight cryptography is used in applications and technologies that are constrained in computational complexity: limiting factors can be memory, power and computing resources. The need for lightweight cryptography is expanding in our modern digital world. Constrained devices – for example IoT (Internet of Things) sensors or actuators like the ones switching on appliances in a so-called smart home – use lightweight symmetric cryptography. ISO/IEC 29192 is an eight-part standard that specifies various cryptographic techniques for lightweight applications.
Digital rights management (DRM) protects the copyright of your digital content. DRM uses cryptographic software to ensure that only authorized users can have access to the material, modify or distribute it.
Secure e-commerce is made possible by the use of asymmetric-key encryption. Cryptography plays an important role in online shopping as it protects credit card information and related personal details, as well as customers’ purchasing history and transactions.
A cryptocurrency is a digital currency that uses cryptographic techniques to secure transactions. Each cryptocurrency coin is validated via distributed ledger technologies (e.g. blockchain). A ledger, in this case, is a continuously growing list of records – known as blocks – that are linked together using cryptography.
A cryptographic algorithm is a math-based process for encoding text and making it unreadable. Cryptographic algorithms are used to provide data confidentiality, data integrity and authentication, as well as for digital signatures and other security purposes.
Both DES (Data Encryption Standard) and AES (Advanced Encryption Standard) are popular examples of symmetric-key algorithms, while prominent asymmetric-key algorithms include RSA (Rivest-Shamir-Adleman) and ECC (elliptic curve cryptography).
ECC is an asymmetric-key technique based on the use of elliptic curves, which has applications in encryption and digital signatures, for example. ECC technology can be used to create faster, smaller and more efficient cryptographic keys. Elliptic curve techniques are covered in the multipart standard ISO/IEC 15946.
Cryptography has been the subject of intense standardization efforts resulting in a range of International Standards that encapsulate the knowledge and best practice of leading experts in the field. Internationally agreed ways of working make technology more secure and interoperable. By using cryptography standards, developers can rely on common definitions, as well as proven methods and techniques.
Today, we are on the edge of a quantum revolution. The advent of quantum computing in the coming years will provide mankind with processing powers on a scale that traditional computers can never hope to match. While this offers countless possibilities for complex problem-solving, it also comes with corresponding security threats. That very same power could undermine much of today’s cybersecurity – including established cryptographic practices.
Quantum cryptography is a method of encryption that applies the principles of quantum mechanics to provide secure communication. It uses quantum entanglement to generate a secret key to encrypt a message in two separate places, making it (almost) impossible for an eavesdropper to intercept without altering its contents. Hailed as the next big revolution in secure communication systems, quantum cryptography has the potential to be a real breakthrough for data that needs to stay private far into the future.
The new dawn of encryption is looking bright!