Network Security & Cryptography

Because the Internet is a public, shared infrastructure (packets pass through dozens of routers owned by various ISPs and governments before reaching their destination), any data sent in plain text can be easily intercepted and read by malicious actors (Packet Sniffing).

Cryptography is the science of mathematically scrambling data so that it becomes completely unreadable to anyone except the intended recipient.

1. Core Principles of Security (CIA Triad)

A secure network must guarantee three primary objectives:

1. Confidentiality: Ensuring that data cannot be read by unauthorized parties (achieved via Encryption).
2. Integrity: Ensuring that data has not been altered or tampered with during transit (achieved via Hashing and Digital Signatures).
3. Availability: Ensuring that the network and services remain operational and accessible to authorized users (defending against DDoS attacks).

2. Symmetric-Key Cryptography

In Symmetric-Key cryptography, the exact same mathematical key is used for both Encryption (scrambling the data) and Decryption (unscrambling the data).

• How it works: Alice and Bob meet in secret and agree on a password: "SUPER_SECRET". Alice encrypts a PDF using that password and emails it to Bob. An attacker intercepts the PDF, but it looks like random garbage. Bob receives it and uses "SUPER_SECRET" to decrypt and read the PDF.
• Industry Standard: AES (Advanced Encryption Standard). It is incredibly fast and secure, making it the standard for encrypting massive amounts of data (like hard drives or streaming 4K video).
• The Fatal Flaw (The Key Distribution Problem): How do Alice and Bob agree on the secret password in the first place? If Alice emails the password to Bob, the attacker intercepts it. If they are on opposite sides of the planet, symmetric cryptography cannot be safely established over the Internet.

3. Asymmetric-Key (Public-Key) Cryptography

Invented in the 1970s (Diffie-Hellman, RSA), Asymmetric cryptography solved the Key Distribution Problem using advanced mathematics (like prime number factorization).

Instead of one shared key, every user generates a mathematically linked Key Pair:

1. Public Key: Given away to the entire world. Anyone can see it.
2. Private Key: Hidden securely on the user's computer. Never shared with anyone.

How Encryption Works:

If Alice wants to send a secure message to Bob over the public Internet:

1. Alice looks up Bob's Public Key.
2. Alice encrypts the message using Bob's Public Key.
3. The Mathematical Magic: Once encrypted with a Public Key, the data can only be decrypted by the corresponding Private Key. Even Alice cannot decrypt the message she just encrypted!
4. The encrypted message travels across the Internet.
5. Bob receives it and uses his hidden Private Key to decrypt it.

Industry Standard: RSA and ECC (Elliptic Curve Cryptography).

• The Flaw: Asymmetric encryption requires massive mathematical calculations and is thousands of times slower than AES. It is far too slow to encrypt a 5GB video file.

4. The Modern Solution: Hybrid Cryptography (TLS/SSL)

To secure the Web (HTTPS), engineers combined the best of both worlds into the TLS (Transport Layer Security) protocol:

1. When you connect to your bank's website, your browser and the bank use slow Asymmetric Cryptography (RSA/ECC) to perform a secure "Handshake".
2. During this handshake, they use the asymmetric math to secretly agree upon a temporary, randomized Symmetric Key (Session Key).
3. Once the Session Key is established, they abandon the slow asymmetric math and switch to blazing-fast Symmetric Cryptography (AES) using the new Session Key to encrypt all the actual web traffic for the remainder of your visit.