openpgp-notes/book/source/03-cryptography.md

83 lines
2.9 KiB
Markdown
Raw Normal View History

(cyrptography_chapter)=
# Cryptographic concepts/terms
```{admonition} TODO
:class: warning
2023-09-21 13:09:48 +02:00
- Introduce cryptographic primitives/terms at a very superficial level
- Introduce visualizations for cryptographic primitives
2023-09-26 20:06:44 +02:00
- Show example visualizations for operations? (encrypt/decrypt and signing/verification - only if we're going to reuse the visual primitives later)
```
2023-09-26 20:06:44 +02:00
## (Cryptographic) hash functions
2023-09-26 20:06:44 +02:00
https://en.wikipedia.org/wiki/Cryptographic_hash_function
## Symmetric-key cryptography
[Symmetric-key cryptography](https://en.wikipedia.org/wiki/Symmetric-key_algorithm) uses the same cryptographic key for both encryption and decryption. Symmetric-key cryptographic systems support *encryption/decryption* operations.
Participants in symmetric-key operations need to exchange the shared secret over a secure channel.
```{admonition} TODO
:class: warning
- visualization? (maybe a black key icon, following wikipedia's example?)
```
### Symmetric-key cryptography in OpenPGP
Symmetric cryptography is used in OpenPGP as part of a [hybrid cryptosystem](https://en.wikipedia.org/wiki/Hybrid_cryptosystem).
Where symmetric keys are used in OpenPGP, they are referred to as "session keys."
### Authenticated encryption with associated data (AEAD)
## Public-key, or asymmetric cryptography
[Public-key cryptography](https://en.wikipedia.org/wiki/Public-key_cryptography) systems use asymmetric pairs of related keys. Public-key cryptographic systems support *encryption/decryption* and *digital signature* operations.
Public-key cryptography doesn't require participants to have pre-arranged a shared secret.
### Asymmetric cryptographic key pairs
In many places, we'll deal with asymmetric cryptographic key pairs:
```{figure} diag/cryptographic_keys.png
---
---
2023-09-26 20:06:44 +02:00
An asymmetric cryptographic key pair
```
2023-09-26 20:06:44 +02:00
An asymmetric cryptographic key pair consists of a public and a private part. In this document, we'll show the public part of key pair in green, and the private part in red.
2023-09-26 20:06:44 +02:00
We'll usually visualize cryptographic key pairs in this more compact form:
```{figure} diag/keypair.png
---
---
2023-09-26 20:06:44 +02:00
Asymmetric key pair, more compact representation
```
Note that in many contexts, only the public part is present (more on that later):
```{figure} diag/keypair_pub.png
---
---
2023-09-26 20:06:44 +02:00
Only the public part of an asymmetric key pair
```
2023-09-26 20:06:44 +02:00
### Cryptographic digital signatures
2023-09-26 20:06:44 +02:00
### Public-key cryptography in OpenPGP
2023-09-26 20:06:44 +02:00
OpenPGP makes heavy use of public-key cryptography.
2023-09-25 16:43:26 +02:00
2023-09-26 20:06:44 +02:00
Note that, for historical reasons, OpenPGP often uses the terms "public/secret" instead of "public/private." The OpenPGP RFC and other documentation often use the non-standard term "secret key" instead of the more common "private key."
2023-09-26 20:06:44 +02:00
## Hybrid cryptosystems
2023-09-25 16:43:26 +02:00
2023-09-26 20:06:44 +02:00
[Hybrid cryptosystems](https://en.wikipedia.org/wiki/Hybrid_cryptosystem) combine public-key cryptosystems with symmetric-key cryptosystems in a way that makes use of their respective advantages.