By Dr. Jason Perry, Assistant Professor and Director of Cybersecurity at Lewis University
What is cryptography? Chances are, the web browser you are using right now is using cryptography to securely bring you the very page you are reading. If you see a small lock icon in the address bar of your browser, it means that cryptography is being used to secure your web browser’s connection to the website.
Our online life as we know it couldn’t exist without cryptography. Without cryptography, all the data we send across the internet, including personal and financial information, could be easily read and stolen by malicious third parties. Or, just as bad, those malicious actors could modify the data on its way to the destination, so that the recipient (such as a website on which we are placing an order) gets a message that we never intended to send.
The goal of cryptography is to prevent these kinds of security breaches from happening. Formally, cryptography is the study of algorithms (procedures that a computer can execute) for keeping communication private and tamper-resistant. As such, it’s one of the most important tools for cybersecurity.
A central topic in cryptography is encryption, which is about ways to “scramble” data using a key to keep its contents secret. You may have done puzzles involving simple encryption and decryption of a message, perhaps by substituting letters of the alphabet. But computers can carry out much more complex and secure encryption schemes than this. Those schemes are one thing that you learn about them when you study cryptography.
A second major topic in cryptography, and just as important, is authentication, which is the study of algorithms for preventing forgery and tampering of the data that your devices send on the Wi-Fi and across the internet. It helps ensure that no one can change your online order of 3 pizzas into an order of 30 pizzas!
Because today’s encryption algorithms are so strong, and there are so many existing implementations of encryption, someone who wants to enter the field of cybersecurity may think they don’t need to learn the ins and outs of cryptography in detail. But that would be a big mistake. Many security breaches have been caused by IT engineers who added encryption to a system or web application but didn’t understand how it really worked, and they left a gaping security hole in the system.
Cryptography is a powerful tool, but it’s no “silver bullet” for security. For the cybersecurity professional, encryption can’t be treated as a magic “black box” to be bolted on to a system. Like all powerful tools, encryption algorithms need to be well understood and correctly configured and deployed.
That is exactly what you will learn to do when you study Cryptography in Lewis’s cybersecurity program. It is well known that Cryptography is a subject with a lot of math behind it. But whatever your math background, we give you all the pieces you need to build your understanding of cryptography from the ground up. You’ll understand what aspects of computing systems cryptography can and can’t protect. After studying encryption and authentication in Lewis’s Cybersecurity program, you’ll know not only what the best practices are for deploying and configuring encryption, but also why they are the best practices.
In my own case, I had still another motive for studying cryptography. The way the concepts and constructions of cryptography all fit together so logically and consistently made the subject a joy to study just for its own sake. It seemed like a bonus that something so elegant and beautiful could be so useful in the real world. So, don’t be surprised if you also catch the “cryptography bug” and want to take your studies even further!