What is encryption
Cryptography is the mathematical science of codes and secret messages.
Throughout history, people have always used cryptography to exchange messages in the hope that they would be read only by the person to whom the message was addressed.
Today, there are computers that can encrypt for us.
Digital encryption technology has expanded far beyond simple secret messages; today, it is used for much more elaborate purposes, such as the ability to verify the author of a message or to surf the network anonymously via TOR.
In some circumstances, cryptography can be quite automated and simple.
But there are some cases where something in the cryptography process can go wrong and the more we are able to understand the processes, the more we will be able to stay safe in case of problems.
There are 3 main concepts that must be understood about cryptography:
1 Public and private keys
One of the most important concepts to understand in cryptography is the key.
The most common types of cryptography include a private key, which is kept safe on our computer and allows us to read messages that are only addressed to us.
A private key also allows us to insert a non-editable digital signature on the messages we send to other people.
A public key is instead a file that we can give to other people or publish it online and that allows others to communicate privately with us and check that the signature, which we saw just above, is ours and that has not been altered .
The public and private key always go in pairs, as if they were the two halves of an apple that fit perfectly, but they are not the same.
2 Certificates of security
Another extremely valuable concept to understand is the security certificate.
The browser on our computer can create encrypted connections on sites through the HTTPS protocol.
When the browser connects to a site via the encrypted connection, it examines the certificate to check the public keys of the domain name (such as fastbyte01.it).
Certificates are a way of trying to determine if we know the right public key of a person or a website, so that we can communicate with it in a secure way.
Sometimes you may receive some error messages related to certificates on some websites.
The most common cause for this type of error is due to the fact that the connection we are using is trying to break the secret communication between us and the website.
But there are other, rarer cases, in which the police or a hacker or a spy agency is trying to break the security of the connection.
Unfortunately it is extremely difficult to understand in which cases the reason is one or the other.
To be sure in this case it is always good not to click on a certificate notice if this is related to a site on which we have an account or on which we are reading sensitive information.
3 The fingerprint of the key
The word fingerprint (fingerprint, in Italian), has a lot of different meanings in the field of computer security.
One of the uses of this term is "key fingerprint" (in Italian), which is a string of characters like "42e 2309 bd20 0912 ff10 6c63 2192 1928" that would allow us to univocally and safely check that someone on the internet is using the right private key.
By checking that someone's key fingerprint is correct, we have a high degree of certainty that the person we're talking to is just that.
But this system, unfortunately, is not perfect, given that if the keys are copied or stolen, someone else might be able to use the same fingerprint.