Here I attempt to answer two questions:
This is not a detailed description of how any form of cryptography works, just a high-level discussion of its everyday relevance. If you're looking for something specific, check the category page.
Contents |
Whether you know it or not, it's something you likely use every day. If you use a cell phone, do any banking (or for that matter, log in to nearly any service) online, use a credit or debit card, or even, believe it or not, own a garage door opener, you're probably using some form of cryptography.
You wouldn't give your credit card number to a complete stranger willingly. That's tantamount to having your wallet stolen, and can get out of hand extremely quickly. But if it weren't for cryptography, using your credit card legitimately is just as dangerous.
It used to be simple, and even commonplace, for the town operator to listen in on phone calls, at least according to the movies. When "land-line" phone systems got more complex, and human operators were replaced with mechanical or electric ones, it was still a trivial matter to listen in on a phone call, with a little bit of technical know-how. Land-lines have become more sophisticated, but there are still plenty of areas where the high-tech stuff hasn't been deployed. If you don't mind someone listening in on your conversations, there are other problems that can occur: cross-talk being chief among them. If you make a phone call, and your neighbor picks up his receiver, he may get a dial tone, or he may hear your conversation by accident. Or perhaps your neighbor gets a phone call, but your phone rings instead.
Cross-talk is one issue that was mostly solved with cellular phones, due to the way they work: employing a basic form of cryptography on every conversation.
None of the above prevents wiretapping or bugs, but more casual forms of "listening in" are far more difficult.
Several services/applications online, like Facebook, require you to log in, with your username being fairly accessible. Anyone who knows your e-mail address has the opportunity to pretend to be you and deface, defame, or defraud you online. The most basic form of protection is employed when the server does not store something like "password" as your password, but rather "5f4dcc3b5aa765d61d8327deb882cf99" instead. For reasons I'll not go into, it is impossible to calculate "password" from "5f4dcc3b5aa765d61d8327deb882cf99".
For reasons I will go into, "5f4dcc3b5aa765d61d8327deb882cf99" is not effective: anonymous groups have put together dictionaries of the more complicated strings, and can do a simple reverse lookup using those dictionaries. Odds are 100% that "5f4dcc3b5aa765d61d8327deb882cf99" is in that dictionary. That's why you're encouraged to use passwords like "wR&$s8La", because it is much more unlikely that something like "4012aa0f19f4988d062ce6f8b6bc484c" appears in such a dictionary. Note: the above two values do not correspond to one another.
A technology you may have heard of called SSL makes things much more secure in the transmission of data, but not in the security of the data on either end--that's up to the user and his trust of the company with which he is dealing.
These perform a fairly elementary form of cryptography, mostly so that your garage door opener doesn't open your neighbor's garage (or vice-versa). The opener companies may cite "signal-grabbers" as the reason, but those devices are relatively impractical. Even so, that little remote control has more than just a radio transmitter in it--there's a microchip for cryptography involved.
Why should you care? Why should you bother with knowing anything about cryptography? Not only is it a part of your everyday life, but it's more important to keep your data secure than you may realize.
If you store credit card numbers, bank records, vehicle records, etc. on your computer, and that computer gets stolen, the thieves suddenly have access to all that data. If you have set your Internet browser to store information you type into forms, the thieves have access to that as well (possibly every credit card number you've ever used online). Such information can quickly be used to establish a fake identity, and before you can say "Bob's your uncle", Bob is pretending to be you.
The same goes if you innocently take your computer in for service. If you don't mind the Geek Squad looking through pictures of your last vacation, do you mind them opening that file called "Journal--keep out.doc" in your "My Documents" folder? What's to stop them from doing so?
To quote a friend, "just because you don't subscribe to spam and such doesn't mean that when your best friend's wife's second cousin's daughter is forwarding emails about the cute puppies, that someone won't harvest the list and sell it off to spammers."
Now, very little can truly keep your name off of spammers' lists, especially if your best friend's wife's second cousin's daughter forwards those e-mails about the cute puppies to everyone in the known universe as tweens are wont to do. But if your friends are sending important e-mail with a digital signature, it's much easier to sort out the legitimate from the frivolous.