cryptography - dwilson2547/wiki_demo GitHub Wiki
Cryptography is the science of securing information by transforming it into a form that is unintelligible to unauthorized parties. It encompasses techniques for ensuring confidentiality, integrity, authentication, and non-repudiation in digital communication and data storage. Let’s explore cryptography in detail:
- 1. What Is Cryptography?
- 2. Goals of Cryptography
- 3. Core Techniques in Cryptography
- 4. Symmetric vs. Asymmetric Cryptography
- 5. How Cryptography Works in Practice
- 6. Common Cryptographic Algorithms
- 7. Real-World Applications
- 8. Cryptography in Code
- 9. Challenges and Considerations
- 10. The Future of Cryptography
Cryptography is the practice of:
- Enciphering (encrypting) data so it can only be read by intended recipients.
- Deciphering (decrypting) data back to its original form.
- Verifying the authenticity and integrity of data.
It is the foundation of secure communication, digital signatures, and data protection in the digital age.
| Goal | Description | Example |
|---|---|---|
| Confidentiality | Ensures only authorized parties can access data. | Encrypting emails or files. |
| Integrity | Ensures data hasn’t been altered. | Hashing files or using digital signatures. |
| Authentication | Verifies the identity of users or systems. | Digital certificates, passwords. |
| Non-repudiation | Prevents parties from denying their actions. | Digital signatures in contracts. |
-
Symmetric Encryption: Uses the same key for encryption and decryption.
- Example: AES (Advanced Encryption Standard).
-
Asymmetric Encryption: Uses a public key for encryption and a private key for decryption.
- Example: RSA, ECC (Elliptic Curve Cryptography).
- Converts data into a fixed-size string (hash) for integrity checks.
-
One-way function: Cannot reverse the hash to get the original data.
- Example: SHA-256, bcrypt.
- Uses asymmetric encryption to verify the authenticity and integrity of a message.
- The sender signs the message with their private key, and the recipient verifies it with the sender’s public key.
- Example: RSA signatures, ECDSA.
- Securely exchanges cryptographic keys over insecure channels.
- Example: Diffie-Hellman Key Exchange.
| Feature | Symmetric Cryptography | Asymmetric Cryptography |
|---|---|---|
| Key Type | Single shared key. | Public and private key pair. |
| Speed | Fast. | Slow. |
| Use Case | Encrypting large data (e.g., files, databases). | Key exchange, digital signatures. |
| Example Algorithms | AES, ChaCha20. | RSA, ECC, Diffie-Hellman. |
- Handshake: The client and server agree on a symmetric key using asymmetric encryption (e.g., RSA or Diffie-Hellman).
- Encryption: All communication is encrypted using the symmetric key (e.g., AES).
- Signing: The sender hashes the message and encrypts the hash with their private key.
- Verification: The recipient decrypts the signature with the sender’s public key and compares it to a newly computed hash of the message.
- Hashing: Store only the hash of a password (e.g., using bcrypt).
- Salting: Add a unique random value (salt) to each password before hashing to prevent rainbow table attacks.
| Category | Algorithm | Description |
|---|---|---|
| Symmetric Encryption | AES | Standard for encrypting data (128, 192, or 256-bit keys). |
| Asymmetric Encryption | RSA | Used for key exchange and digital signatures. |
| Hashing | SHA-256 | Produces a 256-bit hash for data integrity. |
| Key Exchange | Diffie-Hellman | Allows two parties to securely exchange keys. |
| Digital Signatures | ECDSA | Elliptic Curve Digital Signature Algorithm. |
| Application | Cryptographic Technique | Example |
|---|---|---|
| HTTPS | TLS (Symmetric + Asymmetric) | Securing web traffic. |
| Bitcoin | SHA-256, ECDSA | Blockchain and transaction signing. |
| Signal/WhatsApp | End-to-End Encryption (AES, ECC) | Secure messaging. |
| Password Managers | Hashing (bcrypt, Argon2) | Storing passwords securely. |
| VPNs | Symmetric Encryption (AES) | Securing internet traffic. |
from Crypto.Cipher import AES
from Crypto.Random import get_random_bytes
# Generate a random 256-bit key
key = get_random_bytes(32)
# Encrypt
cipher = AES.new(key, AES.MODE_EAX)
ciphertext, tag = cipher.encrypt_and_digest(b"Hello, world!")
print("Ciphertext:", ciphertext.hex())
# Decrypt
cipher = AES.new(key, AES.MODE_EAX, cipher.nonce)
plaintext = cipher.decrypt_and_verify(ciphertext, tag)
print("Plaintext:", plaintext.decode("utf-8"))from Crypto.PublicKey import RSA
from Crypto.Signature import pkcs1_15
from Crypto.Hash import SHA256
# Generate key pair
key = RSA.generate(2048)
private_key = key.export_key()
public_key = key.publickey().export_key()
# Sign a message
message = b"Hello, world!"
hash = SHA256.new(message)
signature = pkcs1_15.new(RSA.import_key(private_key)).sign(hash)
# Verify the signature
try:
pkcs1_15.new(RSA.import_key(public_key)).verify(hash, signature)
print("Signature is valid.")
except:
print("Signature is invalid.")- Key Management: Securely storing and distributing keys is critical.
- Quantum Computing: Future quantum computers may break widely used algorithms like RSA and ECC.
- Side-Channel Attacks: Attacks that exploit physical implementation (e.g., timing attacks).
- Algorithm Longevity: Regularly update algorithms to stay ahead of advancements in computing power.
- Post-Quantum Cryptography: Developing algorithms resistant to quantum computing (e.g., lattice-based cryptography).
- Homomorphic Encryption: Allows computation on encrypted data without decrypting it.
- Blockchain and Zero-Knowledge Proofs: Enhancing privacy and security in decentralized systems.
Would you like to explore a specific area of cryptography in more depth, such as post-quantum algorithms, how blockchain uses cryptography, or practical implementations in software development?