From 4bf1ded00791ff9e51e514f95cd45e8f57ec5aca Mon Sep 17 00:00:00 2001 From: "Tammi L. Coles" Date: Thu, 26 Oct 2023 12:12:26 +0200 Subject: [PATCH 1/2] edit ch3 MAC section --- book/source/03-cryptography.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/book/source/03-cryptography.md b/book/source/03-cryptography.md index c63cb97..f26e32e 100644 --- a/book/source/03-cryptography.md +++ b/book/source/03-cryptography.md @@ -21,13 +21,13 @@ Here are two important properties of cryptographic hash functions: - ["Pre-image resistance"](https://en.wikipedia.org/wiki/Preimage_attack): Given a hash value, it should be very difficult to determine the original data it represents. - ["Collision resistance"](https://en.wikipedia.org/wiki/Collision_resistance): It should be very difficult to find two distinct pieces of data that map to the same hash value. -## Message Authentication Codes +## Message authentication codes -[Message Authentication Codes](https://en.wikipedia.org/wiki/Message_authentication_code) (MAC, also called authentication tags) are small pieces of information, which can be used to verify the integrity and authenticity of a message. -They are calculated over the original message using a (symmetric) secret key. -The recipient of a message containing a MAC, who is also in posession of the secret key can verify that the message has not been tampered with. +A [message authentication code](https://en.wikipedia.org/wiki/Message_authentication_code) (MAC), also known as an authentication tag, is a small piece of information used to verify the integrity and authenticity of a message. -[HMAC](https://en.wikipedia.org/wiki/HMAC) is a hash-based message authentication code, which is used in the OpenPGP protocol. +It is derived from the original message using a (symmetric) secret key. The recipient of a message containing a MAC, who is also in possession of the secret key, can verify that the message has not been altered. + +[HMAC](https://en.wikipedia.org/wiki/HMAC) is a type of MAC that relies on a hash function. It is used in the OpenPGP protocol. ### Key Derivation Functions From a2aa3c910988e14241688c5f8cbf6510f1b06ae3 Mon Sep 17 00:00:00 2001 From: "Tammi L. Coles" Date: Thu, 26 Oct 2023 14:12:48 +0200 Subject: [PATCH 2/2] edit KDFs section --- book/source/03-cryptography.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/book/source/03-cryptography.md b/book/source/03-cryptography.md index f26e32e..5658494 100644 --- a/book/source/03-cryptography.md +++ b/book/source/03-cryptography.md @@ -29,14 +29,14 @@ It is derived from the original message using a (symmetric) secret key. The reci [HMAC](https://en.wikipedia.org/wiki/HMAC) is a type of MAC that relies on a hash function. It is used in the OpenPGP protocol. -### Key Derivation Functions +### Key derivation functions -Hash functions can also be used to construct [key derivation functions](https://en.wikipedia.org/wiki/Key_derivation_function) (KDF). -Those can for instance be used to derive symmetric key material from a password by repeatedly feeding it through a hash function. +A hash function can also be used to create a [key derivation function](https://en.wikipedia.org/wiki/Key_derivation_function) (KDF). +One application of KDFs is to generate symmetric key material from a password by iteratively passing it through a hash function. -A prominent example of a KDF which is relevant for the OpenPGP specification is the so-called [HKDF](https://en.wikipedia.org/wiki/HKDF) which is a key derivation function based on the HMAC message authentication code. +A notable KDF for the OpenPGP specification is the [HKDF](https://en.wikipedia.org/wiki/HKDF), which is a key derivation function based on the HMAC. -More information on KDFs and their use in the OpenPGP protocol can be found in chapters [5](encrypted_secrets) and 10 (SEIPDv2). +For detailed information on KDFs and their role in the OpenPGP protocol, see the [encrypted secrets](encrypted_secrets) chapter and the [SEIPDv2](SEIPDv2) section of the encryption chapter. ## Symmetric-key cryptography