openpgp-notes/book/source/03-cryptography.md
Heiko Schaefer 3ef4f265d1
ch1/2: add/improve links
Tighten "Building blocks" section.

(Processing input from Wiktor)
2023-09-28 12:00:45 +02:00

2.9 KiB

(cyrptography_chapter)=

Cryptographic concepts/terms

:class: warning

- Introduce cryptographic primitives/terms at a very superficial level
- Introduce visualizations for cryptographic primitives
- Show example visualizations for operations? (encrypt/decrypt and signing/verification - only if we're going to reuse the visual primitives later)

(Cryptographic) hash functions

https://en.wikipedia.org/wiki/Cryptographic_hash_function

Symmetric-key cryptography

Symmetric-key cryptography uses the same cryptographic key for both encryption and decryption. Symmetric-key cryptographic systems support encryption/decryption operations.

Participants in symmetric-key operations need to exchange the shared secret over a secure channel.

:class: warning

- visualization? (maybe a black key icon, following wikipedia's example?)

Symmetric-key cryptography in OpenPGP

Symmetric cryptography is used in OpenPGP as part of a hybrid cryptosystem.

Where symmetric keys are used in OpenPGP, they are referred to as "session keys."

Authenticated encryption with associated data (AEAD)

Public-key, or asymmetric cryptography

Public-key cryptography systems use asymmetric pairs of related keys. Public-key cryptographic systems support encryption/decryption and digital signature operations.

Public-key cryptography doesn't require participants to have pre-arranged a shared secret.

Asymmetric cryptographic key pairs

In many places, we'll deal with asymmetric cryptographic key pairs:

---
---
An asymmetric cryptographic key pair

An asymmetric cryptographic key pair consists of a public and a private part. In this document, we'll show the public part of key pair in green, and the private part in red.

We'll usually visualize cryptographic key pairs in this more compact form:

---
---
Asymmetric key pair, more compact representation

Note that in many contexts, only the public part is present (more on that later):

---
---
Only the public part of an asymmetric key pair

Cryptographic digital signatures

Public-key cryptography in OpenPGP

OpenPGP makes heavy use of public-key cryptography.

Note that, for historical reasons, OpenPGP often uses the terms "public/secret" instead of "public/private." The OpenPGP RFC and other documentation often use the non-standard term "secret key" instead of the more common "private key."

Hybrid cryptosystems

Hybrid cryptosystems combine public-key cryptosystems with symmetric-key cryptosystems in a way that makes use of their respective advantages.