openpgp-notes/book/source/03-cryptography.md
2023-10-04 10:56:10 +02:00

6 KiB

(cyrptography_chapter)=

Cryptographic concepts and terms

:class: warning

- Introduce visualizations for cryptographic primitives
- Show example visualizations for operations? (encrypt/decrypt and signing/verification - only if we're going to reuse the visual primitives later)

(Cryptographic) hash functions

(Cryptographic) hash functions map binary data of arbitrary length to a fixed size "hash" (hashes are also sometimes called "digests").

Hash functions are used in cryptography to produce shorthand "placeholders" for data. Two properties of cryptographic hash functions are particularly important:

Symmetric-key cryptography

Symmetric-key cryptography uses the same cryptographic key for both encryption and decryption. Symmetric-key cryptographic systems support encryption/decryption operations.

Participants in symmetric-key operations need to exchange the shared secret over a secure channel.

:class: warning

- visualization? (maybe a black key icon, following wikipedia's example?)

Benefits and downsides

Symmetric-key cryptography has major benefits: it is much faster than public-key cryptography (see below). Also, most current symmetric cryptographic algorithms are considered quantum-resistant.

However, exchanging the required shared secret is a problem that needs to be solved separately.

Hybrid cryptosystems (see below) are one common approach to leverage the benefits of symmetric-key cryptography, while handling the shared secret with a separate mechanism (using public-key cryptography).

Symmetric-key cryptography in OpenPGP

Symmetric cryptography is used in OpenPGP as part of a hybrid cryptosystem.

Where symmetric keys are used in OpenPGP, they are called either "message keys" or "session keys1."

Authenticated encryption with associated data (AEAD)

Authenticated encryption is a class of cryptographic schemes that gives additional guarantees besides confidentiality.

In OpenPGP version 6, AEAD is used to solve the problem of "malleability": In past versions of the OpenPGP protocol, some malicious changes to ciphertext were undetectable. With AEAD, undetected changes of ciphertext are not possible.

Public-key, or asymmetric cryptography

Public-key cryptography systems use asymmetric pairs of related keys. Public-key cryptographic systems support encryption/decryption and digital signature operations.

Unlike symmetric cryptography, public-key cryptography doesn't require participants to pre-arrange a shared secret.

(asymmetric_key_pair)=

Asymmetric cryptographic key pairs

In many places, we'll deal with asymmetric cryptographic key pairs:

---
---
An asymmetric cryptographic key pair
:class: warning

- Wiktor notes: red-green color-blindness affects 8,5% of the population.
- Heiko: maybe use colors + distinct shapes for the two key halves?

An asymmetric cryptographic key pair consists of a public and a private part. In this document, we'll show the public part of a key pair in green, and the private part in red.

Note that in many contexts, only the public part is present (more on that later):

---
---
Only the public part of an asymmetric key pair

Public-key cryptography in OpenPGP

OpenPGP makes heavy use of public-key cryptography, both for encryption and signing operations.

Note that, for historical reasons, the OpenPGP RFC and other documentation often use the non-standard term "secret key" instead of the more common "private key."

So in OpenPGP, the pair of terms "public/secret key" is sometimes used instead of the more common "public/private key."

Cryptographic digital signatures

Digital signatures are a mechanism that is based on asymmetric cryptography. With this mechanism, one actor can make a signature over a digital message, and another actor can check the validity of that signature.

The signer uses digital signatures to make statements about the message. Third parties can then inspect these statements.

:class: warning

- add visualization showing: message + private key + sign = signature -> message + signature + public key + verify = ok?

In OpenPGP, digital signatures are used in two different contexts:

(hybrid_cryptosystems)=

Hybrid cryptosystems

Hybrid cryptosystems combine two cryptosystems and make use of their respective advantages:

  • A public-key cryptosystem is used to safely handle shared secrets over insecure channels (in OpenPGP: so-called "session keys")
  • A symmetric-key cryptosystem is used to efficiently encrypt and decrypt long messages (using an OpenPGP "session key" as the shared secret)

  1. In OpenPGP version 6, when using the "Version 2 Symmetrically Encrypted Integrity Protected Data Packet Format", a "message key" is derived from a "session key". Previously (up to OpenPGP version 4, and in version 6 when using "Version 1 Symmetrically Encrypted Integrity Protected Data Packet Format"), the "session key" was used directly as a symmetric encryption key. ↩︎