Historically, cryptology corresponds to the science of secrecy, i.e. encryption. Today, it has expanded to include proving who is the author of a message and whether or not it has been modified, through digital signatures and hash functions.
Etymologically, cryptology is the science (λόγος) of secrecy (κρυπτός). It combines cryptography (“secret writing”) and cryptanalysis (study of attacks against cryptographic mechanisms).
Today, cryptology is no longer limited to ensuring the confidentiality of secrets. It has been extended to mathematically ensuring other notions: ensuring the authenticity of a message (who sent this message?) or ensuring its integrity (has it been modified?).
To ensure these uses, cryptology includes four main functions: hashing with or without a key, digital signature and encryption.
Why does cryptology exist?
1)To ensure the integrity of the message: hashing
Cryptology makes it possible to detect whether the message, or the information, has been unintentionally modified. Thus, a “hash function” will make it possible to associate a single footprint to a message, file or directory that can be calculated and verified by everyone. This fingerprint is often materialized by a long series of numbers and letters preceded by the name of the algorithm used, for example “SHA2” or “SHA256”.
Encryption, which ensures confidentiality, i.e., that only the right people can access it (see “To ensure the confidentiality of the message”), should not be confused with hashing, which ensures that the message is intact, i.e., that it has not been modified.
Mincing, for what purpose?
To save your photos on your hosting space (such as a “cloud”) and check that your download went well?
To synchronize your folders and detect which ones need to be backed up again and which ones have not been modified?
There are also “key hash functions” that make it possible to calculate the fingerprint differently depending on the key used. With these, to calculate a fingerprint, we use a secret key. For two different keys, the fingerprint obtained on the same message will be different. So for Alice and Bob to calculate the same fingerprint, they both have to use the same key.
It is among these key hash functions that we find those used to securely store passwords.
What is the purpose of the key hash?
Does your preferred service recognize your password when you log in?
Do you want to be able to detect if someone changes documents without telling you?
2) To ensure the authenticity of the message: the signature
As with an administrative document or a paper-based contract, the “signature” mechanism – digital – makes it possible to verify that a message has indeed been sent by the holder of a “public key”. This cryptographic process allows anyone to verify the identity of the author of a document and also ensures that it has not been modified.
The digital signature, for what purpose?
Do you want to guarantee to be the sender of an email?
Do you want to make sure that information comes from a reliable source?
To be able to sign, you must have a key pair:
One, called “public”, which can be accessible to everyone and in particular to you who is the recipient of the messages;
The other, called “private”, which should only be known to the sender.
In practice, the latter generates his signature with his private key, which is known only to him. Anyone with access to this public key can verify the signature without exchanging secrets.