ch3: edits

book/source/03-cryptography.md

@@ -5,11 +5,39 @@
 
 - Introduce cryptographic primitives/terms at a very superficial level
 - Introduce visualizations for cryptographic primitives
+- Show example visualizations for operations? (encrypt/decrypt and signing/verification - only if we're going to reuse the visual primitives later)
 ```
 
-## Public-key cryptography
+## (Cryptographic) hash functions
 
-https://en.wikipedia.org/wiki/Public-key_cryptography
+https://en.wikipedia.org/wiki/Cryptographic_hash_function
+
+## Symmetric-key cryptography
+
+[Symmetric-key cryptography](https://en.wikipedia.org/wiki/Symmetric-key_algorithm) uses the same cryptographic key for both encryption and decryption. Symmetric-key cryptographic systems support *encryption/decryption* operations.
+
+Participants in symmetric-key operations need to exchange the shared secret over a secure channel.
+
+```{admonition} TODO
+:class: warning
+
+- visualization? (maybe a black key icon, following wikipedia's example?)
+```
+
+### Symmetric-key cryptography in OpenPGP
+
+Symmetric cryptography is used in OpenPGP as part of a [hybrid cryptosystem](https://en.wikipedia.org/wiki/Hybrid_cryptosystem).
+
+Where symmetric keys are used in OpenPGP, they are referred to as "session keys."
+
+### Authenticated encryption with associated data (AEAD)
+
+
+## Public-key, or asymmetric cryptography
+
+[Public-key cryptography](https://en.wikipedia.org/wiki/Public-key_cryptography) systems use asymmetric pairs of related keys. Public-key cryptographic systems support *encryption/decryption* and *digital signature* operations.
+
+Public-key cryptography doesn't require participants to have pre-arranged a shared secret.
 
 ### Asymmetric cryptographic key pairs
 
@@ -18,17 +46,17 @@ In many places, we'll deal with asymmetric cryptographic key pairs:
 ```{figure} diag/cryptographic_keys.png
 ---
 ---
-A cryptographic keypair
+An asymmetric cryptographic key pair
 ```
 
-A cryptographic key pair consists of a public and a private part. In this document, we'll show the public part of a cryptographic key in green, and the private part in red.
+An asymmetric cryptographic key pair consists of a public and a private part. In this document, we'll show the public part of key pair in green, and the private part in red.
 
-We'll usually visualize cryptographic keypairs in this more compact form:
+We'll usually visualize cryptographic key pairs in this more compact form:
 
 ```{figure} diag/keypair.png
 ---
 ---
-A cryptographic keypair, more compact representation
+Asymmetric key pair, more compact representation
 ```
 
 Note that in many contexts, only the public part is present (more on that later):
@@ -37,33 +65,17 @@ Note that in many contexts, only the public part is present (more on that later)
 ```{figure} diag/keypair_pub.png
 ---
 ---
-Only the public part of a cryptographic keypair
+Only the public part of an asymmetric key pair
 ```
 
+### Cryptographic digital signatures
+
 ### Public-key cryptography in OpenPGP
 
-OpenPGP makes heavy use of public-key cryptography. However, for historical reasons, OpenPGP uses the terms "public/secret" instead of "public/private."
+OpenPGP makes heavy use of public-key cryptography.
 
-So when reading the RFC, or other documentation, you will encounter the term "secret key," instead of the more common "private key."
+Note that, for historical reasons, OpenPGP often uses the terms "public/secret" instead of "public/private." The OpenPGP RFC and other documentation often use the non-standard term "secret key" instead of the more common "private key."
 
-## Symmetric encryption
+## Hybrid cryptosystems
 
-https://en.wikipedia.org/wiki/Symmetric-key_algorithm
-
-```{admonition} TODO
-:class: warning
-
-- visualization?
-```
-
-### Symmetric cryptography in OpenPGP
-
-Symmetric encryption is a core concept in OpenPGP. It usually comes up involving the term "session key."
-
-"Session keys" in OpenPGP are symmetric cryptographic keys.
-
-## Hashing
-
-## Cryptographic signatures
-
-## AEAD
+[Hybrid cryptosystems](https://en.wikipedia.org/wiki/Hybrid_cryptosystem) combine public-key cryptosystems with symmetric-key cryptosystems in a way that makes use of their respective advantages.