Cryptography Fundamentals
Modern encryption protects trillions of dollars and your passwords. Learn how mathematically hard problems (like factoring large numbers) create security. Explore symmetric and asymmetric encryption, RSA, Diffie-Hellman key exchange, hash functions, and zero-knowledge proofs through interactive demos.
Start with a guided tour
New to cryptography? This interactive walkthrough takes you step-by-step through the core ideas: from symmetric encryption through zero-knowledge proofs. You can skip ahead to any section or come back anytime.
Your journey through cryptography
1 of 8
Welcome to Cryptography Fundamentals!
In this guided tour, you'll learn the core ideas behind modern encryption. We'll start with simple symmetric encryption, move to asymmetric systems like RSA, understand how Alice and Bob exchange keys securely, and even explore zero-knowledge proofs.
You will learn:
- ✓The difference between symmetric and asymmetric encryption
- ✓How RSA encryption works under the hood
- ✓The Diffie-Hellman key exchange and why it's clever
- ✓Hash functions and why they matter for security
- ✓Zero-knowledge proofs: proving without revealing
No advanced math required—we'll use analogies and interactive demos. Let's get started!
Quick check
What's the main difference between symmetric and asymmetric encryption?
What is cryptography?
Cryptography is the art and science of encoding messages so only intended recipients can decode them. Modern cryptography doesn't rely on keeping algorithms secret—instead, it relies on mathematical hardness and large numbers.
Three core goals
Confidentiality
Only authorized parties can read the message.
Integrity
Detect if message has been tampered with.
Authentication
Verify the message came from who claims to sent it.
Key concepts
Plaintext
The original, readable message you want to protect.
Ciphertext
The encrypted message, gibberish without the key.
Key
Secret information used to encrypt/decrypt. Larger keys = stronger security.
Algorithm
The mathematical procedure. Security comes from key size, not keeping algorithm secret.
Kerckhoffs's Principle: A cryptographic system should be secure even if everything about it is publicly known except the key. This seems backwards, but it's actually stronger design.
If security depends on the algorithm being secret, then discovering the algorithm (through reverse-engineering, insider leaks, etc.) breaks everything. But if security depends on the key being secret, then you can change keys without redesigning the algorithm.
Modern cryptography is peer-reviewed, publicly analyzed, and hardened. A secret algorithm probably has hidden weaknesses. An open algorithm that survives scrutiny is trustworthy.
Quick check
What is Kerckhoffs's Principle?
Symmetric vs Asymmetric encryption
Symmetric Encryption
Alice and Bob share the same secret key. Both use it to encrypt and decrypt.
How it works:
Plaintext + Key → Encrypt → Ciphertext
Ciphertext + Key → Decrypt → Plaintext
Pros
- ✓ Very fast
- ✓ Works for large files
Cons
- ✗ Must securely share key beforehand
- ✗ Doesn't scale (many people = many keys)
Examples: AES, DES, ChaCha20
Asymmetric Encryption
Each person has two keys: public (shareable) and private (secret).
How it works:
Plaintext + Bob's PublicKey → Encrypt → Ciphertext
Ciphertext + Bob's PrivateKey → Decrypt → Plaintext
Pros
- ✓ No key distribution problem
- ✓ Scales to many people
Cons
- ✗ Much slower than symmetric
- ✗ Can't encrypt large files directly
Examples: RSA, ECC, Diffie-Hellman
Real systems like HTTPS combine both! Here's how it works:
- 1. Handshake: Alice and Bob use asymmetric encryption (RSA/ECDH) to agree on a shared secret
- 2. Session: They use that secret to generate a symmetric key (like AES)
- 3. Communication: All data is encrypted/decrypted with the fast symmetric cipher
This gets the best of both worlds: security (asymmetric) without the key distribution problem, and speed (symmetric) for large amounts of data.
Quick check
Why combine symmetric and asymmetric encryption?
RSA: The first asymmetric cipher
RSA (Rivest-Shamir-Adleman, 1977) was the first practical asymmetric cipher. It's built on a simple mathematical fact: multiplying two large primes is easy, but factoring their product is hard. Try the interactive visualization below to see RSA key generation, encryption, and decryption.
Choose two primes
RSA starts by picking two large distinct primes. For our demo, pick small primes (2–97).
RSA security relies on the hardness of the factorization problem. Here's the math:
Key generation: Pick large primes p and q (each 1024+ bits). Compute n = p × q (this is public). Keep p and q secret. To find p and q from n requires factoring—computationally hard.
The magic: The public exponent e and secret exponent d are related through Euler's totient function φ(n) = (p-1)(q-1). Computing d from e and n requires knowing φ(n), which requires knowing p and q.
Conclusion: Eve sees n and e (public). To find d, she needs p and q. But factoring n takes ~2^2048 operations for 2048-bit RSA. Even if Eve tried 1 trillion factors per second, it would take billions of years.
Quick check
What's the mathematical hardness that makes RSA secure?
Diffie-Hellman key exchange
Before RSA, there was a fundamental problem: how do Alice and Bob agree on a shared secret if Eve is listening? The Diffie-Hellman protocol (1976) solved this using modular exponentiation and the discrete logarithm problem.
The Color Mixing Analogy
Imagine Alice and Bob want to agree on a secret color. They can't meet privately, but Eve is listening. Here's how they do it:
Public knowledge (Eve knows this)
Base color
Prime p = 23
Generator g = 5
Alice
Secret
6
Public share
8
(Sends this to Bob, Eve can intercept)
Bob
Secret
15
Public share
19
(Sends this to Alice, Eve can intercept)
Result
Alice's shared secret: 2
Bob's shared secret: 2
✓ Secrets match! They can now use this as an encryption key.
RSA and Diffie-Hellman rely on different hard problems:
RSA: Factorization. Given n = p × q, find p and q. Easy to multiply, hard to factor.
Diffie-Hellman: Discrete logarithm. Given g^x mod p, find x. Easy to exponentiate, hard to take logarithm in modular arithmetic.
Different hard problems provide diversity. If someone breaks factorization, RSA fails but DH might still work. Modern systems often use Elliptic Curve Diffie-Hellman (ECDH), which relies on the elliptic curve discrete logarithm problem—mathematically different, providing additional security.
Quick check
Why is Diffie-Hellman secure even though Alice and Bob exchange public values?
Hash functions and integrity
A cryptographic hash function produces a fixed-size "fingerprint" of any message. It's deterministic, one-way, and collision-resistant. Try the interactive demo to see the avalanche effect in action.
Hash function demonstration
A hash function takes any input and produces a fixed-size output. Small changes in input cause drastic changes in output (avalanche effect). Enter text to see its hash.
Text 1 hash
Input: "Hello"
111
Binary (10-bit):
0001101111
Text 2 hash
Input: "Hallo"
403
Binary (10-bit):
0110010011
Comparison
Hashes are equal: ✗ No
Texts are equal: ✗ No
Even small input differences produce completely different hashes. This is the avalanche effect.
Avalanche Effect
Change just one character and watch the hash completely flip. This property is crucial for security: no one can tamper with a message without changing its hash.
Input
"Hello"
Hash
111
Common Uses
- •Password verification: Store hash of password, not password itself
- •File integrity: Hash file to detect tampering
- •Digital signatures: Sign the hash, not the full document
- •Blockchain: Chain blocks together via hashes
Password verification: Servers store hash(password), not the password itself. When you log in, the server hashes your input and compares. If someone steals the password database, they can't reverse the hash to find passwords.
File integrity: Download a file and its hash. Hash the downloaded file locally. If hashes match, file wasn't corrupted or tampered with. If they differ, something changed.
Digital signatures: Instead of signing a long document, sign its hash. This is faster and cryptographically equivalent. The signature proves the document hasn't been modified.
Blockchain: Each block contains a hash of the previous block. Changing any old block changes its hash, which breaks all subsequent blocks. This makes blockchain tamper-evident.
Quick check
What's the key property that makes password hashing secure?
Zero-knowledge proofs
A zero-knowledge proof lets you prove you know something (like a password) without revealing the secret. The verifier becomes convinced without learning anything useful. This concept is revolutionizing privacy in blockchain, authentication, and machine learning.
The cave analogy
Peggy knows the magic word to open a secret door in a cave. Victor wants proof without learning the word.
- 1. Victor stands at entrance. Peggy goes deep, left or right path.
- 2. Victor shouts "LEFT" or "RIGHT" randomly.
- 3. Peggy must come out from that path (uses magic word if needed).
- 4. Repeat 20+ times. Probability Peggy is faking: 2^(-20).
Victor never learns the word, but he's convinced Peggy knows it.
Three properties
Completeness
If you know the secret, you can prove it.
Soundness
If you don't know the secret, you can't fake the proof.
Zero-knowledge
Verifier learns nothing except that you know the secret.
Blockchain (zk-SNARKs): Prove you own funds or made a transaction without revealing amounts, addresses, or identities. Zcash uses this for private transactions.
Authentication: Prove you know your password without sending it. The server never sees the password, preventing leaks.
Privacy-preserving ML: Train machine learning models on sensitive data without revealing individual data points.
Age verification: Prove you're over 18 without revealing your actual age or date of birth.
Quick check
What makes zero-knowledge proofs powerful?
Interactive playground
Experiment with different ciphers, attack RSA with brute force, analyze password strength, and see why some encryption methods are weaker than others. Each tool is educational and shows exactly why cryptography matters.
Caesar Cipher
The oldest cipher. Shift each letter by a fixed amount. E.g., shift 3: A→D, B→E, etc.
Weakness:
Caesar is trivial to break. Try all 25 shifts and one will be readable. This is why modern encryption uses much larger key spaces.Quick check
Why can't you brute-force modern RSA keys?
You've mastered cryptography fundamentals!
You now understand symmetric and asymmetric encryption, RSA and its mathematical basis, Diffie-Hellman key exchange, hash functions, and zero-knowledge proofs. These concepts protect trillions of dollars, secure your passwords, and enable privacy online.
Key takeaways:
- ✓Modern crypto relies on mathematical hardness, not secrecy
- ✓Symmetric is fast, asymmetric solves key distribution
- ✓Large keys (2048+ bits) are computationally impossible to break
Next steps:
- →Learn about TLS/SSL (uses all concepts combined)
- →Explore blockchain and cryptocurrency
- →Research quantum-resistant cryptography