vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2024-11-27 10:02:06 +01:00
Code Issues Projects Releases Packages Wiki Activity

ch3: improvements suggested by @vanitasvitae

Browse source 
fixes #34
This commit is contained in:
Heiko Schaefer 2023-10-04 10:46:25 +02:00
parent a59190bf4b
commit 55d1ce73a1
No known key found for this signature in database
GPG key ID: 4A849A1904CCBD7D
1 changed files with 9 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
book/source/03-cryptography.md
View file

@ -12,6 +12,11 @@
[(Cryptographic) hash functions](https://en.wikipedia.org/wiki/Cryptographic_hash_function) map binary data of arbitrary length to a fixed size "hash" (hashes are also sometimes called "digests"). [(Cryptographic) hash functions](https://en.wikipedia.org/wiki/Cryptographic_hash_function) map binary data of arbitrary length to a fixed size "hash" (hashes are also sometimes called "digests").
Hash functions are used in cryptography to produce shorthand "placeholders" for data. Two properties of cryptographic hash functions are particularly important:
- ["Pre-image resistance"](https://en.wikipedia.org/wiki/Preimage_attack): Given a hash value, it should be hard to find a message that maps to that hash value.
- ["Collision resistance"](https://en.wikipedia.org/wiki/Collision_resistance): It should be hard to find two messages that map to the same hash value.
## Symmetric-key cryptography ## Symmetric-key cryptography
[Symmetric-key cryptography](https://en.wikipedia.org/wiki/Symmetric-key_algorithm) uses the same cryptographic key for both encryption and decryption. Symmetric-key cryptographic systems support *encryption/decryption* operations. [Symmetric-key cryptography](https://en.wikipedia.org/wiki/Symmetric-key_algorithm) uses the same cryptographic key for both encryption and decryption. Symmetric-key cryptographic systems support *encryption/decryption* operations.
@ -36,7 +41,9 @@ However, exchanging the required shared secret is a problem that needs to be sol
Symmetric cryptography is used in OpenPGP as part of a hybrid cryptosystem. Symmetric cryptography is used in OpenPGP as part of a hybrid cryptosystem.
Where symmetric keys are used in OpenPGP, they are referred to as "session keys." Where symmetric keys are used in OpenPGP, they are called either "message keys" or "session keys[^sessionkey]."
[^sessionkey]: In OpenPGP version 6, when using the ["Version 2 Symmetrically Encrypted Integrity Protected Data Packet Format"](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-version-2-symmetrically-enc), a "message key" is derived from a "session key". Previously (up to OpenPGP version 4, and in version 6 when using ["Version 1 Symmetrically Encrypted Integrity Protected Data Packet Format"](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-10.html#name-version-1-symmetrically-enc)), the "session key" was used directly as a symmetric encryption key.
### Authenticated encryption with associated data (AEAD) ### Authenticated encryption with associated data (AEAD)
@ -48,7 +55,7 @@ In OpenPGP version 6, AEAD is used to solve the problem of "malleability": In pa
[Public-key cryptography](https://en.wikipedia.org/wiki/Public-key_cryptography) systems use asymmetric pairs of related keys. Public-key cryptographic systems support *encryption/decryption* and *digital signature* operations. [Public-key cryptography](https://en.wikipedia.org/wiki/Public-key_cryptography) systems use asymmetric pairs of related keys. Public-key cryptographic systems support *encryption/decryption* and *digital signature* operations.
Public-key cryptography doesn't require participants to pre-arrange a shared secret. Unlike symmetric cryptography, public-key cryptography doesn't require participants to pre-arrange a shared secret.
(asymmetric_key_pair)= (asymmetric_key_pair)=
### Asymmetric cryptographic key pairs ### Asymmetric cryptographic key pairs