openpgp-notes/book/source/03-cryptography.md

(cyrptography_chapter)=
# Cryptographic concepts/terms

```{admonition} VISUAL
:class: warning

- Introduce visualizations for cryptographic primitives
- Show example visualizations for operations? (encrypt/decrypt and signing/verification - only if we're going to reuse the visual primitives later)
```

## (Cryptographic) hash functions

[(Cryptographic) hash functions](https://en.wikipedia.org/wiki/Cryptographic_hash_function) map binary data of arbitrary length to a fixed size "hash" (hashes are also sometimes called "digests").

## Symmetric-key cryptography

[Symmetric-key cryptography](https://en.wikipedia.org/wiki/Symmetric-key_algorithm) uses the same cryptographic key for both encryption and decryption. Symmetric-key cryptographic systems support *encryption/decryption* operations.

Participants in symmetric-key operations need to exchange the shared secret over a secure channel.

```{admonition} VISUAL
:class: warning

- visualization? (maybe a black key icon, following wikipedia's example?)
```

Symmetric-key cryptography is much faster than public-key cryptography. Also, most current symmetric cryptographic algorithms are considered quantum-resistant.

So symmetric-key cryptography has major benefits, but exchanging the shared secret is a problem that needs to be solved separately.

[Hybrid cryptosystems](hybrid_cryptosystems) are one common approach to leverage the benefits of symmetric-key cryptography, while handling the shared secret with a separate mechanism (using public-key cryptography).

### Symmetric-key cryptography in OpenPGP

Symmetric cryptography is used in OpenPGP (as part of a hybrid cryptosystem).

Where symmetric keys are used in OpenPGP, they are referred to as "session keys."

### Authenticated encryption with associated data (AEAD)

[Authenticated encryption](https://en.wikipedia.org/wiki/Authenticated_encryption) is a class of cryptographic schemes that gives additional guarantees besides confidentiality.

In OpenPGP version 6, AEAD is used to solve the problem of "malleability": In past versions of the OpenPGP protocol, some malicious changes to ciphertext were undetectable. With AEAD undetected changes of ciphertext are not possible.

## Public-key, or asymmetric cryptography

[Public-key cryptography](https://en.wikipedia.org/wiki/Public-key_cryptography) systems use asymmetric pairs of related keys. Public-key cryptographic systems support *encryption/decryption* and *digital signature* operations.

Public-key cryptography doesn't require participants to have pre-arranged a shared secret.

### Asymmetric cryptographic key pairs

In many places, we'll deal with asymmetric cryptographic key pairs:

```{figure} diag/cryptographic_keys.png
---
---
An asymmetric cryptographic key pair
```

```{admonition} VISUAL
:class: warning

- Wiktor notes: red-green color-blindness affects 8,5% of the population.
- Heiko: maybe use colors + distinct shapes for the two key halves?
```

An asymmetric cryptographic key pair consists of a public and a private part. In this document, we'll show the public part of key pair in green, and the private part in red.

We'll usually visualize cryptographic key pairs in this more compact form:

```{figure} diag/keypair.png
---
---
Asymmetric key pair, more compact representation
```

Note that in many contexts, only the public part is present (more on that later):


```{figure} diag/keypair_pub.png
---
---
Only the public part of an asymmetric key pair
```

### Public-key cryptography in OpenPGP

OpenPGP makes heavy use of public-key cryptography, both for encryption and signing operations.

Note that, for historical reasons, OpenPGP often uses the terms "public/secret key" instead of "public/private key." The OpenPGP RFC and other documentation often use the non-standard term "secret key" instead of the more common "private key."

### Cryptographic digital signatures

[Digital signatures](https://en.wikipedia.org/wiki/Digital_signature) are a mechanism that is based on asymmetric cryptography. With this mechanism, one actor can make a signature over a digital message, and another actor can check the validity of that signature.

The signer uses digital signatures to make statements about the message. Third parties can then inspect these statements.

```{admonition} VISUAL
:class: warning

- add visualization showing: message + private key + sign = signature -> message + signature + public key + verify = ok?
```

In OpenPGP, digital signatures are used in two different contexts:

- [Certification statements](certifications_chapter)
- [Signatures over data](signing_data)

(hybrid_cryptosystems)=
## Hybrid cryptosystems

[Hybrid cryptosystems](https://en.wikipedia.org/wiki/Hybrid_cryptosystem) combine two cryptosystems and make use of their respective advantages:

- A public-key cryptosystem is used to safely handle shared secrets over insecure channels (in OpenPGP: so-called "session keys")
- A symmetric-key cryptosystem is used to efficiently encrypt and decrypt long messages (using an OpenPGP "session key" as the shared secret)
ch1/2: add/improve links Tighten "Building blocks" section. (Processing input from Wiktor) 2023-09-28 11:16:05 +02:00			`(cyrptography_chapter)=`
Rename ch3->ch2; add a new possible ch3 based on a suggestion by Lars 2023-09-16 17:59:34 +02:00			`# Cryptographic concepts/terms`

ch3: Flesh out more of the text 2023-09-28 17:53:56 +02:00			```{admonition} VISUAL
mark "TODO"-blocks with admonition markup (also see https://codeberg.org/openpgp/notes/issues/3) 2023-09-26 13:22:12 +02:00			`:class: warning`
ch3: add note 2023-09-21 13:09:48 +02:00
mark "TODO"-blocks with admonition markup (also see https://codeberg.org/openpgp/notes/issues/3) 2023-09-26 13:22:12 +02:00			`- Introduce visualizations for cryptographic primitives`
ch3: edits 2023-09-26 20:06:44 +02:00			`- Show example visualizations for operations? (encrypt/decrypt and signing/verification - only if we're going to reuse the visual primitives later)`
ch4: work on structure Move introduction of asymmetric key pairs and diagrams to ch3. 2023-09-25 14:10:54 +02:00			```

ch3: edits 2023-09-26 20:06:44 +02:00			`## (Cryptographic) hash functions`
ch4: work on structure Move introduction of asymmetric key pairs and diagrams to ch3. 2023-09-25 14:10:54 +02:00
ch3: Flesh out more of the text 2023-09-28 17:53:56 +02:00			`[(Cryptographic) hash functions](https://en.wikipedia.org/wiki/Cryptographic_hash_function) map binary data of arbitrary length to a fixed size "hash" (hashes are also sometimes called "digests").`
Add input from Wiktor 2023-09-28 16:02:30 +02:00
ch3: edits 2023-09-26 20:06:44 +02:00			`## Symmetric-key cryptography`

			`[Symmetric-key cryptography](https://en.wikipedia.org/wiki/Symmetric-key_algorithm) uses the same cryptographic key for both encryption and decryption. Symmetric-key cryptographic systems support encryption/decryption operations.`

			`Participants in symmetric-key operations need to exchange the shared secret over a secure channel.`

ch3: Flesh out more of the text 2023-09-28 17:53:56 +02:00			```{admonition} VISUAL
ch3: edits 2023-09-26 20:06:44 +02:00			`:class: warning`

			`- visualization? (maybe a black key icon, following wikipedia's example?)`
			```

ch3: Flesh out more of the text 2023-09-28 17:53:56 +02:00			`Symmetric-key cryptography is much faster than public-key cryptography. Also, most current symmetric cryptographic algorithms are considered quantum-resistant.`
Add input from Wiktor 2023-09-28 16:02:30 +02:00
ch3: Flesh out more of the text 2023-09-28 17:53:56 +02:00			`So symmetric-key cryptography has major benefits, but exchanging the shared secret is a problem that needs to be solved separately.`

			`[Hybrid cryptosystems](hybrid_cryptosystems) are one common approach to leverage the benefits of symmetric-key cryptography, while handling the shared secret with a separate mechanism (using public-key cryptography).`
Add input from Wiktor 2023-09-28 16:02:30 +02:00
ch3: edits 2023-09-26 20:06:44 +02:00			`### Symmetric-key cryptography in OpenPGP`

ch3: Flesh out more of the text 2023-09-28 17:53:56 +02:00			`Symmetric cryptography is used in OpenPGP (as part of a hybrid cryptosystem).`
ch3: edits 2023-09-26 20:06:44 +02:00
			`Where symmetric keys are used in OpenPGP, they are referred to as "session keys."`

			`### Authenticated encryption with associated data (AEAD)`

ch3: Flesh out more of the text 2023-09-28 17:53:56 +02:00			`[Authenticated encryption](https://en.wikipedia.org/wiki/Authenticated_encryption) is a class of cryptographic schemes that gives additional guarantees besides confidentiality.`
Add input from Wiktor 2023-09-28 16:02:30 +02:00
ch3: Flesh out more of the text 2023-09-28 17:53:56 +02:00			`In OpenPGP version 6, AEAD is used to solve the problem of "malleability": In past versions of the OpenPGP protocol, some malicious changes to ciphertext were undetectable. With AEAD undetected changes of ciphertext are not possible.`
ch3: edits 2023-09-26 20:06:44 +02:00
			`## Public-key, or asymmetric cryptography`

			`[Public-key cryptography](https://en.wikipedia.org/wiki/Public-key_cryptography) systems use asymmetric pairs of related keys. Public-key cryptographic systems support encryption/decryption and digital signature operations.`

			`Public-key cryptography doesn't require participants to have pre-arranged a shared secret.`
ch4: work on structure Move introduction of asymmetric key pairs and diagrams to ch3. 2023-09-25 14:10:54 +02:00
			`### Asymmetric cryptographic key pairs`

			`In many places, we'll deal with asymmetric cryptographic key pairs:`

ch3/4: Include diagrams as figures with caption Fixes #28 2023-09-25 19:39:25 +02:00			```{figure} diag/cryptographic_keys.png
			`---`
			`---`
ch3: edits 2023-09-26 20:06:44 +02:00			`An asymmetric cryptographic key pair`
ch3/4: Include diagrams as figures with caption Fixes #28 2023-09-25 19:39:25 +02:00			```
ch4: work on structure Move introduction of asymmetric key pairs and diagrams to ch3. 2023-09-25 14:10:54 +02:00
Add input from Wiktor 2023-09-28 16:02:30 +02:00			```{admonition} VISUAL
			`:class: warning`

			`- Wiktor notes: red-green color-blindness affects 8,5% of the population.`
			`- Heiko: maybe use colors + distinct shapes for the two key halves?`
			```

ch3: edits 2023-09-26 20:06:44 +02:00			`An asymmetric cryptographic key pair consists of a public and a private part. In this document, we'll show the public part of key pair in green, and the private part in red.`
ch4: work on structure Move introduction of asymmetric key pairs and diagrams to ch3. 2023-09-25 14:10:54 +02:00
ch3: edits 2023-09-26 20:06:44 +02:00			`We'll usually visualize cryptographic key pairs in this more compact form:`
ch4: work on structure Move introduction of asymmetric key pairs and diagrams to ch3. 2023-09-25 14:10:54 +02:00
ch3/4: Include diagrams as figures with caption Fixes #28 2023-09-25 19:39:25 +02:00			```{figure} diag/keypair.png
			`---`
			`---`
ch3: edits 2023-09-26 20:06:44 +02:00			`Asymmetric key pair, more compact representation`
ch3/4: Include diagrams as figures with caption Fixes #28 2023-09-25 19:39:25 +02:00			```
ch4: work on structure Move introduction of asymmetric key pairs and diagrams to ch3. 2023-09-25 14:10:54 +02:00
			`Note that in many contexts, only the public part is present (more on that later):`

ch3/4: Include diagrams as figures with caption Fixes #28 2023-09-25 19:39:25 +02:00
			```{figure} diag/keypair_pub.png
			`---`
			`---`
ch3: edits 2023-09-26 20:06:44 +02:00			`Only the public part of an asymmetric key pair`
mark "TODO"-blocks with admonition markup (also see https://codeberg.org/openpgp/notes/issues/3) 2023-09-26 13:22:12 +02:00			```
ch4: work on structure Move introduction of asymmetric key pairs and diagrams to ch3. 2023-09-25 14:10:54 +02:00
ch3: Flesh out more of the text 2023-09-28 17:53:56 +02:00			`### Public-key cryptography in OpenPGP`

			`OpenPGP makes heavy use of public-key cryptography, both for encryption and signing operations.`

			`Note that, for historical reasons, OpenPGP often uses the terms "public/secret key" instead of "public/private key." The OpenPGP RFC and other documentation often use the non-standard term "secret key" instead of the more common "private key."`

ch3: edits 2023-09-26 20:06:44 +02:00			`### Cryptographic digital signatures`
ch4: work on structure Move introduction of asymmetric key pairs and diagrams to ch3. 2023-09-25 14:10:54 +02:00
ch3: Flesh out more of the text 2023-09-28 17:53:56 +02:00			`[Digital signatures](https://en.wikipedia.org/wiki/Digital_signature) are a mechanism that is based on asymmetric cryptography. With this mechanism, one actor can make a signature over a digital message, and another actor can check the validity of that signature.`
ch4: work on structure Move introduction of asymmetric key pairs and diagrams to ch3. 2023-09-25 14:10:54 +02:00
ch3: Flesh out more of the text 2023-09-28 17:53:56 +02:00			`The signer uses digital signatures to make statements about the message. Third parties can then inspect these statements.`
ch3: add section for signatures 2023-09-25 16:43:26 +02:00
ch3: Flesh out more of the text 2023-09-28 17:53:56 +02:00			```{admonition} VISUAL
			`:class: warning`

			`- add visualization showing: message + private key + sign = signature -> message + signature + public key + verify = ok?`
			```

			`In OpenPGP, digital signatures are used in two different contexts:`

			`- [Certification statements](certifications_chapter)`
			`- [Signatures over data](signing_data)`
mark "TODO"-blocks with admonition markup (also see https://codeberg.org/openpgp/notes/issues/3) 2023-09-26 13:22:12 +02:00
Add input from Wiktor 2023-09-28 16:02:30 +02:00			`(hybrid_cryptosystems)=`
ch3: edits 2023-09-26 20:06:44 +02:00			`## Hybrid cryptosystems`
ch3: add section for signatures 2023-09-25 16:43:26 +02:00
ch3: Flesh out more of the text 2023-09-28 17:53:56 +02:00			`[Hybrid cryptosystems](https://en.wikipedia.org/wiki/Hybrid_cryptosystem) combine two cryptosystems and make use of their respective advantages:`

			`- A public-key cryptosystem is used to safely handle shared secrets over insecure channels (in OpenPGP: so-called "session keys")`
			`- A symmetric-key cryptosystem is used to efficiently encrypt and decrypt long messages (using an OpenPGP "session key" as the shared secret)`