A Deep Dive into Encoding, Ciphers, and Modern Cryptography

Method Purpose Example Reversible Key
Encoding Transformation for safe transmission(Conversion) Base 64 Yes No
Encryption Securing data from unauthorized access(Secrecy) AES, RSA Yes(With Key) Yes
Hashing Ensuring Data integrity(Integrity) SHA-256, MD5 No No

Encoding: Representing Data in Different Forms

Base Encoding

Base encoding methods are used to represent binary data in a readable format.

Base16 (Hex) Encoding

Base sensitive encoding is the standard case-insensitive hex encoding and is commonly referred to as Hex. Hex (Base16) represents data in 0-9 and A-F. It doesn’t need padding. It is often prefixed with 0x or \x. Widely used in cryptography like MD5, SHA-256 and memory dumps, packet analyzers like Wireshark

Transformation Steps

  • Convert input text to binary.
  • Convert each 4-bit binary group to its hex equivalent (0-9, A-F).
  • Concatenate hex values to form the final encoded output.

Base 32

Base32 uses 32 characters (A-Z, 2-7) and is case-insensitive. It always includes = padding. Commonly used in OTP secrets, Encoding data in QR codes

Transformation Steps

  • Convert input text to binary.
  • Split binary into 5-bit chunks.
  • Map each chunk to Base32 characters (A-Z 2-7).
  • If input isn’t a multiple of 5 bits, add = padding.

Base 64

Base64 is widely used to encode binary data for text-based transmission. It uses 64 characters (A-Z, a-z, 0-9, +, /) and =` padding. It is widely used to encode images in emails(MIME format), JWT tokens in the header, etc.

Transformation Steps

  • Convert input text into binary.
  • Divide the binary stream into 6-bit chunks.
  • Map each chunk to a Base64 character set (A-Z a-z 0-9 + /).
  • If input isn’t a multiple of 3 bytes, add = padding.

Base 58

Commonly used in Bitcoin for encoding addresses and other data. This eliminates confusing characters (0, O, I, l).

Transformation Steps

  • Convert input text into a large integer.
  • Repeatedly divide by 58 and store remainders.
  • Map remainders to Base58 character set.

Base 85

Commonly used in Adobe PDFs and PostScripts. Can be identified by looking at the encoded data. It contains some common punctuation that we commonly do not see in other bases

Transformation Steps

  • Convert input text to binary.
  • Split into 32-bit blocks.
  • Map each block to Base85 characters (85 distinct printable ASCII characters).
  • No padding needed.

Traditional Ciphers: Concealing Text Using Substitutions and Transpositions

Ciphers are used to alter text to change its meaning

Caesar Cipher

Simple encryption technique where each letter in the plaintext is shifted a fixed number of positions down the alphabet

Example

  • “HELLO” (Shift +3) → “KHOOR”

Vigenère Cipher

First described in 1553. It was unbreakable for over 300 years, hence it is also called the indecipherable Cipher.

Encoding Method

  • Map the message to the associated number of the English Alphabet
  • Map the key to the secret key. Repeat the key till the message is filled
  • Add the concerned alphabet position of both and the mod 26 of the number
  • Convert that number to the corresponding English alphabet and we get the encoded message
  • To decrypt, do the same but subtract the numbers instead of adding

A-Z encoding decoding

ROT13 Cipher

ROT13 uses the same mechanism as the Caesar cipher but moves each letter 13 places forward.

Example

  • “HELLO” becomes “URYYB” (13 places from H is U, so on and forth.)

Binary Manipulation

Bit Shifting

Bit shifting is a low-level operation that moves bits left («) or right (»).

Example

  • 10101010 → Left shift 1 → 01010100

Decryption

  • Shift bits in the opposite direction.

XOR Encoding

Commonly used in malware obfuscation. Each bit is flipped using a key.

Example

  • 10101010 XOR 11001100 → 01100110

Decryption

  • XOR again with the same key.

Modern Cryptography

Most commonly used encryption methods are:

Algorithm Type Key Lengths Use Case
AES (Advanced Encryption Standard) Symmetric 128, 192, 256 bits Secure communication, file encryption, TLS
RSA (Rivest-Shamir-Adleman) Asymmetric 1024, 2048, 4096 bits Secure key exchange, digital signatures
ECC (Elliptic Curve Cryptography) Asymmetric 160-521 bits No
Blowfish/ChaCha20) Symmetric 128-256 bits No

Terms

  • Symmetric - Same key is used for encryption & decryption. It is fast
  • Asymmetric - Public Key is used for encryption and Private Key is used for decryption. It is slower than symmetric.
  • key Length - Key length is measured in bits and it is the number of bits used to represent a cryptographic key. A longer key provides stronger security and is hard to crack.

Advanced Encryption Standard (AES)

AES is a symmetric encryption algorithm and block cipher that encrypts data in 128-bit blocks used by the concerned keys. The number at the end means which bit keys are used for encryption or decryption. AES-128 uses a 128-bit key, 192 uses a 192-bit key and so forth. AES is commonly used in TLS/SSL encryption(HTTPS websites), Disk encryption(BitLocker, VeraCrypt), Wi-Fi security (BitLocker, VeraCrypt)

Working

  • AES follows a Substitution-Permutation Network (SPN) approach
  • AES operates by taking a block of plaintext and subjecting it to a series of alternating rounds involving substitution and permutation boxes.
  • This encryption method is classified as a substitution-permutation network (SPN) block cipher algorithm, with the size of the boxes varying between 128, 192, or 256 bits.

Rivest-Shamir-Adleman (RSA)

The RSA algorithm (Rivest-Shamir-Adleman) is a public key or Asymmetric key cryptosystem that uses a pair of keys to secure digital communication and transactions over insecure networks, such as the internet. It has two keys, a private key and public key. RSA is mainly used in Secure key exchange in TLS/SSL, Digital signatures for verifying authenticity, Email encryption (PGP, GPG).

Working

Encryption

Two large prime numbers are selected and used to generate the public and private keys. (p and q). Public Key can be shared with anyone who needs to encrypt the message to sent to the recipient. Private key is only known by the recipient for decryption.

  • Say we have two users named Alice and Bob. Alice needs to send a secure message to Bob. Since the recipient here is Bob, Alice needs Bob’s public key to encrypt her message before sending.
        * Bob selects two prime numbers p=5 and q=11
        * n=p*q; n=public key; n=55 (n will be available public and can be seen by Alice)
        * (p-1)*(q-1); (4)*(10)=40
        * e - coprime to (p-1)*(q-1); So I can choose any coprime of 40, I choose 3; e=3 (e will be available public and can be seen by Alice)
      Bob needs to tell Alice the values of n and e to send the message
        * Encrypted message = (Secret message)^e (mod n)
        * Let's say **Secret message**=7 ; so **Encrypted message**= 7^3 mod(55) = 13

Decryption

Bob needs to find the number d. c is the encrypted secret message

        * d*e=1(mod(p-1)(q-1)); 3*d=1(mod 40); d=27
        * Secret message = (Encrypted message)^d (mod n)
        * **Secret message**=(13)^27 (mod 55) = 7

Hybrid Encryption: Combining RSA & AES

Since RSA is slow, real-world encryption uses hybrid cryptography

  • Generate a random AES key.
  • Encrypt data with AES (fast).
  • Encrypt the AES key with RSA (secure key exchange).
  • Transmit the encrypted AES key + ciphertext.

Hybrid Encryption in TLS

  • Client: Generates AES key, encrypts with RSA.
  • Server: Decrypts AES key with private key, then uses AES for communication

Elliptic Curve Cryptography (ECC)

ECC is an advanced form of asymmetric encryption that provides the same security as RSA with much smaller keys. It is faster than RSA, using smaller keys and is commonly used in TLS1.3, Bitcoin etc.. It depends on the mathematical properties of elliptic curves, which are curves defined by a specific equation (y² = x³ + ax + b) over finite fields.

Key Size (ECC) Equivalent RSA Key Size
160-bit 1024-bit
256-bit 3072-bit
384-bit 7680-bit

Thanks for reading!!