mirror of
https://codeberg.org/openpgp/notes.git
synced 2024-11-26 17:42:06 +01:00
ch3: streamline the text that connects the "hybrid cryptosystems" concept to its use in openpgp
This commit is contained in:
parent
d7bcc75249
commit
7f68db756c
1 changed files with 3 additions and 9 deletions
|
@ -131,14 +131,8 @@ Digital signatures in OpenPGP are used in two primary contexts:
|
||||||
(hybrid_cryptosystems)=
|
(hybrid_cryptosystems)=
|
||||||
## Hybrid cryptosystems
|
## Hybrid cryptosystems
|
||||||
|
|
||||||
OpenPGP uses a hybrid cryptosystem. [Hybrid cryptosystems](https://en.wikipedia.org/wiki/Hybrid_cryptosystem) combine the use of symmetric and asymmetric (public-key) cryptography to capitalize on the strengths of each, namely symmetric cryptography's speed and efficiency and public-key cryptography's mechanism for secure key exchange.
|
[Hybrid cryptosystems](https://en.wikipedia.org/wiki/Hybrid_cryptosystem) combine the use of symmetric and asymmetric (public-key) cryptography to capitalize on the strengths of each, namely symmetric cryptography's speed and efficiency and public-key cryptography's mechanism for secure key exchange.
|
||||||
|
|
||||||
```{admonition} TODO
|
### Usage and terminology in OpenPGP
|
||||||
:class: warning
|
|
||||||
|
|
||||||
Move this to the chapter that details it:
|
OpenPGP uses a hybrid cryptosystem for encryption. Shared secrets are generated uniquely for each session, and are called "session keys." For more on this, see the chapters {ref}`encryption_chapter` and {ref}`decryption_chapter`.
|
||||||
|
|
||||||
Within OpenPGP's hybrid system, so-called "session keys" are central. They are generated uniquely for each session and are instrumental in both encrypting and decrypting the actual message content, using the efficiency of symmetric-key cryptography.
|
|
||||||
|
|
||||||
Using asymmetric (public-key) cryptography, the session keys are also encrypted. This ensures that only the intended recipient, the holder of the corresponding private key, can decrypt and gain access to the session key. With the decrypted session key, they can then use the session key to decrypt the actual message.
|
|
||||||
```
|
|
||||||
|
|
Loading…
Reference in a new issue