Practical Cryptography — Part I
Introduction
This series is a compilation of my personal notes on cryptography from the perspective of an engineer. It will not be math-heavy and focuses on understanding cryptographic concepts, following a step-by-step approach.
Inspired by Svetlin Nakov, PhD for open-sourcing a lot of his knowledge.
Cryptography
It’s the technology used to protect information. It’s used everywhere in the digital world, whether you open a website or connect to a Wi-Fi network.
It deals with storing and transmitting data in a secure way, such that only the target recipients can read and process it.
This may involve encryption or decryption of data using different mechanisms like symmetric or asymmetric encryption schemes.
Encryption and Keys
In different cryptographic protocols, one or more keys are used to convert data from an encrypted form and back.
Symmetric cryptography techniques like AES uses the same key for both encryption and decryption processes. .
Asymmetric cryptography techniques like RSA uses a key-pair: A public key that is required for encryption and a corresponding private key that is required for decryption.
Keys are generally large numbers and are often derived from other numbers, passwords and phrases using key-derivation-algorithms like Scrypt.
Digital Signatures and Message Authentication
Digital signing of messages guarantees message authenticity, integrity and non-repudiation.
Digital signature algorithms like DSA use a public-key cryptosystem where the signature is signed by the private key and the signature is verified by the public key.
Example: To transfer a blockchain asset from one address to another, signed transactions are used.
Secure Random Numbers
Entropy refers to unpredictable randomness, say using CSPRNG. Cryptography uses a great deal of random numbers and entropy to make things difficult for hackers.
Key Exchange
To securely establish encrypted keys between two parties to transmit messages, key-exchange algorithms like Diffie-Hellman and ECDH are used.
They are usually performed when a new connection is established between two network nodes.
Cryptographic Hashes and Password Hashing
Hash functions transform messages to message digests, which are hash outputs of fixed length. These message digests can’t be reversed back to their original form and uniquely identify the input.
Password hashing protect passwords by securely transforming it to a hash, injecting random parameters (salt) and using multiple iterations to make password cracking slow.
Confusion and Diffusion
Confusion means that each bit in a cipher output depends on several parts of the key and input data, such that direct mapping can’t be established.
Diffusion refers to a scenario where changing one bit in the input changes half the bits in the output.
Next Post: Click Here.
