A Beginner's Guide to Cryptography
Alice, Bob, Eve and Mathematics!
I spent last week in Cryptography class feeling lost. Here is how I finally made it make sense. But first, I will explain that cryptography is the science of protecting information. It uses mathematics to make sure data can only be read or changed by the right people.
Imagine three characters:
Alice → sender
Bob → receiver
Eve → attacker (eavesdropper)
With the goal:
Alice wants Bob to read a message,
Eve must not understand it, even if she sees everything.
There are two core problems:
Secrecy → how will Alice share the secret key with Bob if Eve is always watching the conversation?
Authenticity → proving who sent it.
Before the math, this is how humans first tried to hide secrets and why these methods failed.
The Classical Failure: Substitution
The earliest codes, like the Caesar Cipher, were simple: replace each letter with another one by shifting the alphabet.
The Weakness:
Human language has patterns. In English, the letter "E" appears most often. If Eve sees a scrambled message where the letter "X" appears 13% of the time, she can bet that "X" is actually "E." This is called Frequency Analysis.
To beat Eve, we need a way to scramble data that does not leave a pattern behind. That is when my New Best Friend, Modular Arithmetic, comes in.
To understand this, you should think of it simply as Clock Math.
On a 12-hour clock, if it is 9:00 and you add 5 hours, it becomes 2:00. In math, we write:
$$9 + 5 \equiv 2 \pmod{12}$$
It is done this way because in cryptography, we deal with huge numbers. Modular arithmetic keeps those numbers trapped inside a circle (the modulus). It ensures our encrypted data stays within a manageable size while completely shuffling the original values.
This brings us to:
The Split: Symmetric vs. Asymmetric
Up until the 1970s, the world only knew one way to keep secrets. But things have changed.
1. Symmetric Encryption (The "Private Key" Era) This is the traditional method. Alice and Bob share one single key. They use the same key to lock the message and the same key to unlock it.
The Analogy: It is like a hotel safe. You type in a code to lock it, and you must type in the same code to open it.
The Flaw: The Key Distribution Problem. If Alice is in Nigeria and Bob is in the US, how does Alice get the secret key to Bob? If she sends it over the internet, Eve might steal it. If Eve has the key, the lock is worthless.
2. Asymmetric Encryption (The "Public Key" Revolution) To solve the distribution problem, mathematicians invented a system with two keys.
The Public Key: This is like a mail slot. Alice can give this key to everyone. Anyone can use it to "lock" (encrypt) a message and drop it in the box.
The Private Key: This is the key that opens the back of the mailbox. Only Bob has this.
The Magic: Alice can now send a secret to Bob without ever meeting him or sharing a secret password beforehand. She just looks up his Public Key, encrypts the message, and sends it. Once sent, even she can’t reverse it; only Bob can.
So, we have now painted this brilliant idea: a "Magic Mailbox" (Asymmetric Encryption) where anyone can drop a message in, and only Bob can unlock it. But here is the problem:
Math usually works in two directions.
If you can add, you can subtract.
If you can multiply, you can divide.
To build a secure public key system, we need something easy to calculate but impossible to reverse. This is why DLP was introduced.
The Hard Problem: Discrete Logarithms
Let's compare "Normal Math" vs. "Crypto Math" to see why this is so hard for Eve to break.
In Normal Math, if I tell you
$$3^x = 81$$
you can easily figure out that
$$x = 4$$
This is a logarithm. It’s easy to solve.
But then**,** in Modular "Clock Math", if I tell you
$$3^x \equiv 13 \pmod{17}$$
finding
$$x$$
is suddenly much harder. You cannot just use a calculator’s log button. You essentially have to guess and check every possibility.
Now, imagine the numbers are larger than 17; let us say they are 600 digits long. It would take a supercomputer millions of years to check all the options. This is the trapdoor. We can easily calculate
$$3^{something}$$
but Eve cannot reverse it to find the ‘something’.
The First Breakthrough: Diffie-Hellman Key Exchange
Now that we have a "hard problem," how do we use it? The first major invention was the Diffie-Hellman Key Exchange.
This solves the Key Distribution Problem: How do Alice and Bob agree on a secret key if Eve is listening to the whole conversation?
Explaining this using ‘The Paint’ Analogy:
Since the math can be scary, think of it like mixing paint. Mixing is easy, but unmixing is impossible.
Public: Alice and Bob agree on a public color (let's say Yellow). Eve sees this.
Private: Alice picks a secret color (Red). Bob picks a secret color (Blue).
Mix & Send:
Alice mixes Yellow + Red = Orange. She sends Orange to Bob.
Bob mixes Yellow + Blue = Green. He sends Green to Alice.
Eve sees Yellow, Orange, and Green. But she cannot "unmix" the Orange to find Alice's Red or Bob’s Blue.
The Secret Key:
Alice takes Bob's Green and adds her secret Red. Result: Brown.
Bob takes Alice's Orange and adds his secret Blue. Result: Brown.
The Math Version:
Instead of paint, we use the discrete log logic:
- Alice sends
$$g^a \pmod p$$
- Bob sends
$$g^b \pmod p$$
- They combine them to create the shared secret
$$g^{ab} \pmod p$$
Because of the Discrete Logarithm Problem, Eve sees the partial calculations, but she is mathematically "stuck", unable to solve for the secret exponents.
$$a b$$
This allows Alice and Bob to whisper a secret in a crowded room without anyone else understanding it.
Diffie-Hellman Key Exchange, lets Alice and Bob agree on a secret key. But there is a small catch: Diffie-Hellman is a conversation.
For the "paint mixing" to work, Alice and Bob have to be online at the same time to swap their "mixed colors." But what if Alice wants to send a secure email to Bob while he is asleep? She cannot ask him to "mix paint" with her.
She needs a way to lock a message that Bob can open later, without any help from him in the moment.
This brings us Integer Factorization and RSA.
The New "Hard Problem"
Previously, our security came from the Discrete Log Problem (it is hard to find the exponent).
But now, we switch to a new hard problem: Integer Factorization.
The Easy Direction: If I give you two huge prime numbers, p and q, it is super easy to multiply them:
p times q = N
The Hard Direction: If I give you just the result
$$N$$
and it is 600 digits long, it is computationally impossible to figure out which p and q created it.
The Trapdoor: Euler's Theorem
To understand RSA, we have to upgrade our "Clock Math" toolkit.
Fermat's Little Theorem, which says numbers "reset" to 1 when raised to the power of
$$p-1$$
But that only worked for prime numbers. RSA uses N (which is not prime), so Fermat's rule breaks.
Euler found that for a composite number N (p times q), the "reset button" is not at
$$N-1$$
It is at a special number called Phi, written as
$$\phi(N)$$
$$\phi(N) = (p-1)(q-1)$$
The Secret: If you know p and q, calculating this "reset button"
$$\phi(N)$$
is easy. If you do not know p and q, finding
$$\phi(N)$$
is impossible.
How RSA Works (The Mailbox)
Step 1: The Setup (Bob builds the Lock)
Bob picks two secret primes (p, q) and multiplies them to get his Public Modulus (N).
He publishes N as his Public Key. (The Mailbox Slot).
He keeps p and q secret. (The Key to the Back Door).
Step 2: The Encryption (Alice drops a letter)
Alice takes her message m. She uses Bob's N and a standard exponent e to lock it:
$$c \equiv m^e \pmod N$$
She sends c to Bob.
Step 3: The Decryption (Bob opens the back door)
Bob receives c. Because he knows p and q, he knows the secret "reset" value
$$\phi(N)$$
He uses this to calculate a decryption key d that perfectly undoes Alice's work.
$$m \equiv c^d \pmod N$$
We have been able to send secret messages to strangers (RSA).
But there is still a massive hole in our security.
The Problem: RSA allows anyone to use Bob’s Public Key to send him a message. If Bob receives an encrypted email that says "Let's meet at midnight - Alice," how does he know it actually came from Alice? Eve could have looked up Bob’s Public Key and sent that message to trick him.
This is where Digital Signatures come in. We need to prove Authenticity (who sent it) and Integrity (it has not been changed).
RSA in Reverse
The most clever part is that Digital Signatures does not require entirely new math. It just uses the RSA tools already built, but backwards.
Encryption (Privacy):
You use the Public Key to LOCK the message.
Only the Private Key can UNLOCK it.
Result: Only the owner can read it.
Signing (Authenticity):
Alice uses her Private Key to LOCK (sign) a "hash" of the message.
Anyone can use her Public Key to UNLOCK (verify) it.
Result: If it unlocks correctly, the math proves that only Alice could have locked it.
How RSA Signatures Work
Let us look at the math again. Remember the RSA trapdoor from before?
$$(m^e)^d \equiv m \pmod N$$
In encryption, we do the e (public) part first, then the d (private) part.
In digital signatures, Alice does the d (private) part first.
The Signature: Alice takes her document m. She uses her secret key d to calculate a signature S:
$$S \equiv m^d \pmod N$$
She sends the document m and the signature S to Bob.
The Verification: Bob receives the message. He wants to check if it is real. He grabs Alice's Public Key (N, e) and calculates:
$$V \equiv S^e \pmod N$$
If V turns out to be equal to m, the signature is valid.
Why this works: The math
$$S^e \equiv (m^d)^e \equiv m^{de} \equiv m \pmod N$$
confirms that the person who created S must have possessed the secret d.
Things get interesting and more serious from here. What we have built so far is strong, but is it perfect?
How do we measure the "odds" of someone breaking our code? And how do we make these massive keys small enough to run on our phones without draining the battery?
I will not be covering those topics here, but I recommend you check out
"Journey into Cryptography" series on the Khan Academy’s YouTube channel.
His visual explanations are the best I have found for making these tough concepts click.
Because after all, Cryptography is just logic dressed up in fancy notation. If you can understand the why (the story of Alice, Bob, and Eve), the how (the math) becomes a lot less terrifying.
