diff --git a/book/source/03-cryptography.md b/book/source/03-cryptography.md index 29a6398..ee968a5 100644 --- a/book/source/03-cryptography.md +++ b/book/source/03-cryptography.md @@ -5,11 +5,39 @@ - Introduce cryptographic primitives/terms at a very superficial level - Introduce visualizations for cryptographic primitives +- Show example visualizations for operations? (encrypt/decrypt and signing/verification - only if we're going to reuse the visual primitives later) ``` -## Public-key cryptography +## (Cryptographic) hash functions -https://en.wikipedia.org/wiki/Public-key_cryptography +https://en.wikipedia.org/wiki/Cryptographic_hash_function + +## Symmetric-key cryptography + +[Symmetric-key cryptography](https://en.wikipedia.org/wiki/Symmetric-key_algorithm) uses the same cryptographic key for both encryption and decryption. Symmetric-key cryptographic systems support *encryption/decryption* operations. + +Participants in symmetric-key operations need to exchange the shared secret over a secure channel. + +```{admonition} TODO +:class: warning + +- visualization? (maybe a black key icon, following wikipedia's example?) +``` + +### Symmetric-key cryptography in OpenPGP + +Symmetric cryptography is used in OpenPGP as part of a [hybrid cryptosystem](https://en.wikipedia.org/wiki/Hybrid_cryptosystem). + +Where symmetric keys are used in OpenPGP, they are referred to as "session keys." + +### Authenticated encryption with associated data (AEAD) + + +## Public-key, or asymmetric cryptography + +[Public-key cryptography](https://en.wikipedia.org/wiki/Public-key_cryptography) systems use asymmetric pairs of related keys. Public-key cryptographic systems support *encryption/decryption* and *digital signature* operations. + +Public-key cryptography doesn't require participants to have pre-arranged a shared secret. ### Asymmetric cryptographic key pairs @@ -18,17 +46,17 @@ In many places, we'll deal with asymmetric cryptographic key pairs: ```{figure} diag/cryptographic_keys.png --- --- -A cryptographic keypair +An asymmetric cryptographic key pair ``` -A cryptographic key pair consists of a public and a private part. In this document, we'll show the public part of a cryptographic key in green, and the private part in red. +An asymmetric cryptographic key pair consists of a public and a private part. In this document, we'll show the public part of key pair in green, and the private part in red. -We'll usually visualize cryptographic keypairs in this more compact form: +We'll usually visualize cryptographic key pairs in this more compact form: ```{figure} diag/keypair.png --- --- -A cryptographic keypair, more compact representation +Asymmetric key pair, more compact representation ``` Note that in many contexts, only the public part is present (more on that later): @@ -37,33 +65,17 @@ Note that in many contexts, only the public part is present (more on that later) ```{figure} diag/keypair_pub.png --- --- -Only the public part of a cryptographic keypair +Only the public part of an asymmetric key pair ``` +### Cryptographic digital signatures + ### Public-key cryptography in OpenPGP -OpenPGP makes heavy use of public-key cryptography. However, for historical reasons, OpenPGP uses the terms "public/secret" instead of "public/private." +OpenPGP makes heavy use of public-key cryptography. -So when reading the RFC, or other documentation, you will encounter the term "secret key," instead of the more common "private key." +Note that, for historical reasons, OpenPGP often uses the terms "public/secret" instead of "public/private." The OpenPGP RFC and other documentation often use the non-standard term "secret key" instead of the more common "private key." -## Symmetric encryption +## Hybrid cryptosystems -https://en.wikipedia.org/wiki/Symmetric-key_algorithm - -```{admonition} TODO -:class: warning - -- visualization? -``` - -### Symmetric cryptography in OpenPGP - -Symmetric encryption is a core concept in OpenPGP. It usually comes up involving the term "session key." - -"Session keys" in OpenPGP are symmetric cryptographic keys. - -## Hashing - -## Cryptographic signatures - -## AEAD +[Hybrid cryptosystems](https://en.wikipedia.org/wiki/Hybrid_cryptosystem) combine public-key cryptosystems with symmetric-key cryptosystems in a way that makes use of their respective advantages.