Why Weak Passwords Still Prevail and How Modern Cryptography Secures Your Data

Passwords are the most frequently used credential on the internet, yet many users still rely on weak passwords such as "123456", which is used by 2.5 million people and has been exposed over 23 million times, allowing hackers to crack them in less than a second.

Cryptography, a long‑standing discipline, aims to conceal the meaning of information rather than its existence and underpins modern computer and network security, including access control and data confidentiality. It is applied in everyday technologies such as chip cards, password‑protected computer access, and e‑commerce.

Symmetric Encryption

Symmetric encryption uses the same key for encryption and decryption, offering fast and efficient security. Common symmetric algorithms include:

Data Encryption Standard (DES) : 64‑bit key (56 bits effective), now deprecated due to weak security.

Triple DES (3DES) : Applies DES in an encrypt‑decrypt‑encrypt sequence, maintaining compatibility with DES.

Advanced Encryption Standard (AES) : Supports 128, 192, and 256‑bit keys, faster and more secure than 3DES.

International Data Encryption Algorithm (IDEA) : Uses a 128‑bit key.

Blowfish : Key length ranges from 32 to 448 bits.

Because each pair of users needs a unique shared key, the number of required keys grows quadratically (n·(n‑1)/2), creating significant management challenges.

Key Distribution Challenges

Traditional symmetric key distribution methods include physical transfer, third‑party delivery, encrypting a new key with an existing one, or using an already‑encrypted channel. These approaches become impractical as the number of users increases.

Diffie‑Hellman Key Exchange

The Diffie‑Hellman (DH) algorithm enables two parties to establish a shared secret over an insecure channel without prior shared information. Its security relies on the difficulty of solving discrete logarithms.

Alice and Bob agree on a large prime p and a primitive root g.

Alice selects a private random number A (1 ≤ A ≤ p‑1) and sends g^A mod p to Bob.

Bob selects a private random number B (1 ≤ B ≤ p‑1) and sends g^B mod p to Alice.

Both compute the shared secret: Alice computes (g^B)^A mod p, Bob computes (g^A)^B mod p, resulting in the same value.

Concrete Example (p = 37, g = 6)

Alice and Bob share prime 37 and primitive root 6.

Alice chooses private A = 10, computes 6^10 mod 37 = 36, and sends 36 to Bob.

Bob chooses private B = 11, computes 6^11 mod 37 = 31, and sends 31 to Alice.

Both compute the shared key: Alice computes 31^10 mod 37 = 36, Bob computes 36^11 mod 37 = 36.

The resulting shared secret is 36, which can be used as the symmetric encryption key.

Python Implementation of Primitive‑Root Calculation

While DH enables key agreement without prior secrets, it is vulnerable to man‑in‑the‑middle attacks. Modern security focuses on protecting the confidentiality of keys rather than the secrecy of algorithms; therefore, using well‑established algorithms and concentrating on secure key management is the recommended practice.