"Crypto," to use the all-purpose abbreviation for cryptography,
cryptoanalysis, and cryptology, is cool. Just plain cool. My
biggest
regret in life is that I never took a math class past Algebra
II, so I
really don't know jack about the mathematical foundations of
intense
crypto systems. But boy, do I respect those who do.
If you're a person who finds crypto textbooks really boring
yet
wants to understand this whole crypto bit in the broad sense,
go read Neal
Stephenson's Cryptonomicon. Sure, it's more than 900 pages of quasi-fiction, but it manages to tell a fascinating story while giving an incredible amount of insight into modern cryptography.
In this tutorial, you'll learn something or another about the common, Web-based uses for the following basic encryption techniques
- Asymmetric key-based algorithms. This method uses one key
to encrypt
data and a different key to decrypt the same data. You have
likely heard of this technique; it is sometimes called public
key/private key
encryption, or something to that effect.
- Symmetric key-based algorithms, or block-and-stream ciphers.
Using
these cipher types, your data is separated into chunks, and those
chunks
are encrypted and decrypted based on a specific key. Stream ciphers
are
used more predominantly than block ciphers, as the chunks are
encrypted on
a bit-by-bit basis This process is much smaller and faster than
encrypting larger
(block) chunks of data.
- Hashing, or creating a digital summary of a string or file.
This is the most
common way to store passwords on a system, as the passwords aren't
really
what's stored, just a hash that can't be decrypted.
If your head's already spinning, stick with me — it does
get better.
The following sections will show you the why and how of real-life
data
encryption in a Web environment, using PHP and various other
tools such as
the mcrypt and mhash libraries.
Get started: Lesson 1»
