Differences in Cryptanalyst, Cryptographer or Cryptologist?
A cryptographer is responsible for developing ciphers, security systems, and algorithms in order to encrypt sensitive/valuable information. Cryptology is the study of codes, both creating and solving them. Cryptography is the art of creating codes. Cryptanalysis is the art of surreptitiously revealing the contents of coded messages, breaking codes, which were not intended for you as a recipient.
Therefore, a cryptanalyst is responsible for analyzing and decrypting hidden information. For example, he/she may decrypt ciphertexts, encrypted data or telecom protocols in various cryptographic security systems.
There are two parts to any encrypted message: the externals and the internals. Cryptanalysis must discover the internals, the process by which the encrypted message was created, by using the external characteristics of the message. Once a good cryptanalyst applies the externals analysis tools, recovers the key, and decrypts the message, he/she can then reconstruct the encryption process used for that message.
Cryptanalysis involves the study of ciphertext, ciphers, and cryptosystems with the aim of understanding how they work, then finding and improving techniques for defeating or weakening them. For example, cryptanalysts seek to decrypt ciphertexts without knowledge of the plaintext source, encryption key or the algorithm used to encrypt it. In addition, they target secure hashing, digital signatures, and other cryptographic algorithms.
Plaintext: A term used in cryptography that refers to a message before encryption or after decryption.
Ciphertext: Ciphertext is encrypted text. Plaintext is what you have before encryption, and ciphertext is the encrypted result. The term cipher is sometimes used as a synonym for ciphertext, but it more properly means the method of encryption rather than the result.
Hashing: Hashing is the transformation of a string of characters into a usually shorter fixed-length value or key that represents the original string.
What does a Cryptanalyst do?
By addressing this question, you will have a better understanding of the required degree(s) for the profession.
A cryptanalyst develops mathematical methods and codes that protect data from computer hackers. Government agencies and companies hire cryptanalysts to ensure their networks are secure and sensitive data transmitted through their computer networks are encrypted. The majority of encryption codes rely on computational number theories and number schemes. Cryptanalysts are usually mathematical experts who can create, set-up, and evaluate algorithms designed to solve number theory problems. If a hacker deciphers a code, it is the cryptanalyst’s responsibility to develop new methods for encrypting data as well as to encode messages to conceal sensitive data.
Judging from the above-stated responsibilities, the job involves mathematics and computer science. In fact, most cryptanalysts have at least a bachelor’s degree in mathematics, computer science, or computer engineering. Many have graduate degrees in mathematics.
The list of required mathematics is extensive. IT includes College Algebra, Trigonometry, Calculus I, II, III, Linear Algebra, Differential Equations, Partial Differential Equations, Elementary Number Theory, Introduction to Real Analysis, Analysis I and II, Methods of Complex Analysis, and Mathematical Cryptography.
Cryptanalysts use math to perform the following tasks:
- Study and test ideas and alternative theories
- Follow mathematical theorems and formulas
- Encode and encrypt systems and databases
- Perform cryptic computations and apply methods of numerical analysis
They use computer science/engineering for these tasks:
- Devise systems for companies to keep hackers out
- Provide security measures to protect the company and consumer
- Make graphs, tables, and charts of data
Typically, employers prefer a degree in Computer Engineering, Mathematics, Computer Science, or any other related subject. A technical degree is not required to land a cryptography job if you have plenty of experience and training in the field. For example, the NSA doesn’t mind if you have majored in either technical or non-technical degree as long as you possess the necessary experience. For example, one company may require an MS with 5+ years of experience, and the other may demand a technical Ph.D. On the other hand, some companies accept applicants with 3+ years of experience in security administration or engineering. As an entry-level job, you may have to put salary aside. Search for a Junior Cryptanalyst position straight out of university without any prior experience. This is the advice of Cyber Security Portal.
Individuals gravitating towards computer science as the degree of choice should concentrate on these subjects:
- C, Python, C++, Java or similar languages
- Computer Data structures
- Computer Algorithms
- Computer architecture
In addition to your college degree, the EC-Council offers a Certified Encryption Specialist (ECES) program. Available to professionals and students, you will learn the foundations of modern symmetric and key cryptography including the details of algorithms. A person successfully completing this course will be able to select the encryption standard that is most beneficial to their organization and understand how to effectively deploy that technology.
EC-Council is a source of world-class online training and certifications for anyone in the cybersecurity business.
Educational institutions, bank and trust companies, financial institutions, insurance companies, scientific institutions, and research agencies employ cryptanalysts. They also work for telecommunications companies, computer design firms, consulting firms, science and engineering firms, and all levels of government, including special services, and intelligence agencies.