Cryptography is the practice and study of encryption and decryption. Cryptography is an important part of what makes a Virtual Private Network (VPN) work. This appendix is a primer on how cryptography works. It defines the various terms used for the cryptographic processes so that you can better understand the technologies that are part of the VPN. Cryptography is an immensely complicated and varied field. The purpose of this appendix is to briefly describe the encryption technologies necessary to better understand VPNs and how they work. It is meant to be a supplement for the VPN material that appears throughout the book, primarily in Chapter 7, "Virtual Private Networks," and Chapter 16, "VPN Integration."
Quite a few specific terms are used regularly when speaking of cryptographic technologies. Throughout this appendix, we will define these terms and briefly explain them to facilitate the understanding of the VPN. Don't worrywe only cover those terms you actually need to know!
A discussion of cryptography rarely occurs without the mention of encryption keys. Keys are secret values used to encode and decode messages. These values can vary in length, with the length of the key corresponding directly to the security of the encoded message. Encryption keys come in symmetric and asymmetric varieties, which we will discuss in greater detail later in this appendix.
Cleartext and plain text are terms that define information before it is placed into an encrypted form. After the same information is encrypted, it is called ciphertext.
The formula or method by which information is encrypted is called the encryption algorithm, or cipher (also spelled cypher). An algorithm is a mathematical means by which cleartext is transformed into encoded ciphertext.