Cryptography
Disclaimer: I was inspired by article of Jeff Delaney, creator of fireship.io
All of code used in this article is availabe on my GitHub.
What is cryptography?
Cryptography is the field of knowledge, with branches both in IT and mathematics, about transmiting information in a way that is protected against unauthorized access.
This is obviously very short and simple definition but I guess it gives you the most important concept about cryptography - it is used for secure communication.
Let's dive deeper into it. Here is my simple program to demonstrate most important cryptography concepts. Written using Node.js native crypto module and TypeScript.
You can create CryptographyService like this:
1const cryptoService = new CryptographyService({ 2 algorithm: Algorithms.AES_192_CBC, 3 hash: Hashes.SHA256, 4})
1export enum Algorithms { 2 AES_256_CBC = 'aes-256-cbc', 3 AES_192_CBC = 'aes-192-cbc', 4 AES_128_CBC = 'aes-128-cbc' 5} 6 7export enum Hashes { 8 SHA256 = 'sha256', 9 RIPEMD_60 = 'ripemd160' 10}
Cryptography Concepts
1. Hash
Process that takes an input value of any length and outputs a fixed length value. Hashing algorithms like SHA produce a random, unique, fixed-length string from a given input.
1const hash1 = await cryptoService.createHash('chomik123!') 2const hash2 = await cryptoService.createHash('chomik123!') 3 4console.log(hash1 === hash2) // true
2. Salt
Random string added to the input before hashing to make the hash more unique and harder to guess
1const text = 'Chomcio' 2const saltedText = await cryptoService.generateSalt(16, text) 3const match = await cryptoService.matchSalt(saltedText, text) 4 5console.log(match) // true
3. HMAC
Keyed hash of data that allows you to verify both the authenticity and originator of the data.
1const hmac1 = await cryptoService.createHmac('chomcio123!', 'secret_hamster') 2const hmac2 = await cryptoService.createHmac('chomcio123!', 'secret_hamster') 3 4console.log(hmac1 === hmac2) // true
4. Symmetric Encryption
Ping a message confidential while allowing it to be reversible with the proper key. In symmetric encryption, the same key is used to encrypt and decrypt the message
1const message = 'Homster' 2 3const encryptedMessage = await cryptoService.symmetricEncrypt(message) 4const decryptedMessage = await cryptoService.symmetricDecrypt(encryptedMessage) 5 6console.log(message === decryptedMessage) // true
5. Keypairs
An algorithm like RSA that generates a keypair containing a public and private key. The private key should be kept secret, while the public key can be shared freely.
1const modulusLength = 2048 2 3const { 4 privateKey, 5 publicKey 6} = await cryptoService.generateKeyPair(modulusLength)
6. Asymmetric Encryption
Encryption that depends on two keys. Encrypt a message with the public key and decrypt it with the private key
1const message = 'Homster' 2 3const { 4 privateKey, 5 publicKey 6} = await cryptoService.generateKeyPair(2048) 7 8const encryptedMessage = await cryptoService.publicEncrypt(publicKey, message) 9 10const decryptedMessage = await cryptoService.privateDecrypt(privateKey, encryptedMessage) 11 12// we need to call toString method, 13// because decryptedMessage (and encryptedMessage) is Buffer 14console.log(decryptedMessage.toString() === message) // true
7. Signing
Process of creating a digital signature of a message. A signature is a hash of the original message which is then encrypted with the sender’s private key. The signature can be verified by the recipient using the public key of the sender, which guarantees the original message is authentic and unmodified
1const { 2 privateKey, publicKey 3} = await cryptoService.generateKeyPair(2048) 4 5const data = 'homster to be signed' 6const signature = await cryptoService.sign(data, privateKey) 7const verified = await cryptoService.verify(data, publicKey, signature) 8 9console.log(verified) // true
Conclusion
Cryptography is really important, especially nowadays. As developers we need to know how to use these concepts especially desiging vulnerable software such as banking apps, chat apps and many more.