Skip to main content
CipherChronicle

Cryptography glossary

Cryptography

Also known as : Encryption

Cryptography covers the procedures that transform a clear message into a ciphered message, aiming for three cardinal properties: confidentiality (only the intended recipient can read), authenticity (the sender is who they claim), and integrity (the message hasn’t been tampered with). Modern cryptography adds a fourth pillar — non-repudiation — meaning a signer cannot later deny having signed.

A history that follows writing

From Greek kruptos (“hidden”) and graphein (“to write”), cryptography is as old as diplomatic writing. Mesopotamian scribes were already enciphering pottery recipes around -1500 — proof that commercial secrecy predates military secrecy. The Spartan scytale (-500) wraps a parchment around a rod of fixed diameter: the recipient with an identical rod reads the message; anyone else reads gibberish. Julius Caesar used his shift-3 in letters to his legions. Medieval abbeys exchanged messages in symbolic alphabets. The Renaissance invented polyalphabetic encryption (Alberti 1467, Vigenère 1586) — the first major conceptual leap.

The mechanical and computational turn

The 20th century changed everything. The Enigma machine (1923) industrialized encryption with rotors that change the alphabet on every keypress: what took a human half an hour took the machine a second. World War II was also a war of ciphers — Enigma on the German side, Purple on the Japanese, M-209 on the American. The electromechanical bombes of Bletchley Park, which cracked Enigma, are the direct ancestors of the computer.

With computing, cryptography became pure mathematics. DES (1977, IBM/NSA) was the first federal standard: 56-bit key, designed for banks. AES (2001) replaced it after a public competition open to researchers worldwide — a doctrinal choice rooted in Kerckhoffs: don’t trust a secret, trust what the entire world tried to break and couldn’t.

Symmetric versus asymmetric

Modern cryptography splits into two families:

  • Symmetric: the same key encrypts and decrypts (AES, ChaCha20). Very fast. Problem: how do the two parties share the key without transmitting it in the clear?
  • Asymmetric (1976, Diffie-Hellman + RSA 1977): each user has a key pair — a public key (to encrypt or verify a signature) and a private key (to decrypt or sign). The public key spreads anywhere; the private one never leaves its owner. This scheme solves the key-sharing problem… but costs thousands of times more compute.

In practice, the two are combined: asymmetric cryptography transports a random symmetric key that then encrypts the actual session. That’s what HTTPS does, what WhatsApp does, what Signal does.

Cryptography in everyday life

You use cryptography dozens of times a day without noticing:

  • HTTPS (the lock icon in the address bar) encrypts your web traffic with TLS, which combines RSA / ECDSA for authentication and AES-GCM for the cipher.
  • Signal and WhatsApp apply the Double Ratchet protocol — every message has its own ephemeral key, and compromising it doesn’t reveal earlier ones (forward secrecy).
  • Bitcoin rests entirely on cryptography: SHA-256 for hashes, ECDSA for transaction signatures, hierarchical key derivation (BIP-32) for wallets.
  • Your phone encrypts its storage with a key derived from your PIN, backed by a hardware Secure Enclave.

The post-quantum horizon

A specter haunts modern cryptography: the quantum computer. Shor’s algorithm (1994), running on a sufficiently large quantum machine, would break RSA, ECDSA, Diffie-Hellman and elliptic-curve cryptography in polynomial time — the entire asymmetric stack that powers HTTPS today. Symmetric ciphers like AES are far less affected (Grover’s algorithm only halves their effective key length, so AES-256 stays comfortable). NIST has been running a multi-year Post-Quantum Cryptography competition; the first standards (CRYSTALS-Kyber for key exchange, CRYSTALS-Dilithium for signatures) were finalized in 2024. Migration of the public web to these algorithms is a decade-long effort that’s already underway in browser TLS stacks.

Designing a good cipher

A good cipher is not a cipher nobody can crack — such a cipher only exists in the case of the one-time pad, and it’s impractical at scale. A good cipher is one whose attack costs more than the protected value. Shannon’s rule (“confusion + diffusion”) guides modern designs: each output bit must depend in a complex way on every input bit and every key bit. AES applies this rule at scale (10 to 14 rounds depending on key size), and that’s what makes it robust.

Key takeaways:

  • Cryptography + cryptanalysis = cryptology. The first builds, the second attacks, and both progress through dialogue.
  • A good cipher isn’t a cipher nobody can crack — it’s a cipher whose attack costs more than the protected value (Kerckhoffs’s principle).
  • Modern cryptography pairs symmetric (fast) with asymmetric (elegant but slow): that combination is what powers HTTPS, Signal and all contemporary security.
  • Today, encrypting your private exchanges (messengers, email, payments) is mundane, and that’s a good thing: cryptography has become infrastructure.

← Whole glossary