Crypto 101 Lecture Notes

Introduction

• Purpose: Introduction to cryptography for programmers of any level.
• Goal: Understand how cryptosystems work and apply them in real software.
• Focus: Learn cryptography by breaking inferior systems to understand vulnerabilities.

Key Concepts in Cryptography

Exclusive OR (XOR)

• Description: Boolean binary operator, true when one input is true, not both.
• Properties:
  • XOR any bit with 0 gives the same bit.
  • XOR any bit with itself gives 0.
  • Order of operation doesn't matter (commutative).
• Applications: Encryption operation in one-time pads.

One-time Pads

• Concept: Uses a pad of random bits and XORs with plaintext.
• Security: Perfect security if pad is truly random and used only once.
• Vulnerabilities: Reusing pads or using non-random data.

Block Ciphers

• Description: Encrypts fixed-size blocks of data with a secret key.
• Common Algorithms: AES, DES, 3DES.
• AES:
  • Selected through a public competition, well-received in cryptography community.
  • Known for strong security with no practical attacks.

Modes of Operation

• ECB Mode: Encrypts identical plaintext blocks to identical ciphertext blocks, vulnerable to pattern attacks.
• CBC Mode: Uses an initialization vector (IV) to XOR with plaintext before encryption, vulnerable if IV is predictable.

Stream Ciphers

• Description: Encrypts streams of data, usually symmetric.
• Issues: ECB as a stream cipher is insecure due to block repetition.

Key Exchange

• Purpose: Allows two parties to share a secret over an insecure channel.
• Diffie-Hellman Protocol: Based on mathematical problems, allows shared secret computation without prior contact.

Public-Key Encryption

• Concept: Uses a pair of keys, one public, one private.
• RSA:
  • Common public-key encryption algorithm, relies on difficulty of factoring large numbers.
  • Not practical for encrypting large messages; used for key exchange.

Hash Functions

• Features: Converts input data into a fixed-size string of characters, which is a cryptographic hash.
• Properties: Hard to reverse-engineer (pre-image resistance), collision resistance.
• SHA Family: SHA-2 and SHA-3 are modern hash algorithms, SHA-1 is deprecated.

Message Authentication Codes (MAC)

• Function: Checks the authenticity and integrity of a message.
• HMAC: A secure MAC that uses hash functions.

Signature Algorithms

• Purpose: Verify authenticity of a digital message or document.
• Common Algorithms: RSA-based signatures, DSA, ECDSA.

Key Derivation Functions

• Function: Derive one or more secret keys from a secret value.
• Uses: Secure random number generation, generating multiple cryptographic keys.

Random Number Generators

• Types: True random number generators, cryptographically secure pseudorandom generators.
• Importance: Critical for the security of cryptographic systems.

Complete Cryptosystems

• SSL/TLS: Secures data in transit over a network, combines symmetric and asymmetric encryption.
• OpenPGP: Encrypts and signs data at rest, not dependent on a live connection.

Key Topics for Further Study

• AES: In-depth look at its components and security.
• Elliptic Curve Cryptography: More efficient than traditional discrete logarithms.
• SSL/TLS Attacks: BEAST, CRIME, BREACH illustrate vulnerabilities in encrypted channels.
• Secure Configurations and Certificate Authority systems: Important for ensuring robust encrypted communications.