We divide cryptographic algorithms into two broad categories.
- Symmetric ciphers (key ciphers) - Algorithms with only one key. If multiple participants know the key, it is also known as a shared key.
- Asymmetric cryptography (public key cryptography) - Participants have asymmetric visibility of the key. For example, some participants only know the public key, while others know both the public key and the private key.
Although symmetric and asymmetric cryptography are not the only two types of primitives in cryptography, since it is difficult to divide other subcategories of cryptography, most of the book is devoted to symmetric and asymmetric cryptographic primitives. Today's widely used cryptographic algorithms are contained in these two types of primitives. Another way of partitioning cryptographic primitives is as follows.
- Construction based on mathematical theory - The construction of this cryptographic algorithm is based on mathematically difficult problems such as factorization. Digital signatures and asymmetric encryption based on the RSA algorithm belong to this structure.
- Heuristic-Based Construction - The construction of this algorithm relies on the observation and statistical analysis of the cryptanalyst. The AES algorithm is a typical case of this construction.
This classification method also takes into account the algorithm efficiency factor, and the construction based on mathematical theory is usually much slower than the cryptographic algorithm based on heuristic construction. We can draw the conclusion that most symmetric ciphers are constructed based on heuristics, while asymmetric ciphers are mainly constructed based on mathematical theories.
It is difficult for us to strictly classify all the algorithms involved in cryptography. In fact, every book or course defines and classifies cryptography differently. In fact, these definitions and classifications are not important to us, because we only consider these cryptographic primitives as unique tools with their own security claims. In turn, we can treat these tools as basic primitives for constructing security protocols. Understanding how these tools work and the security statements they provide is critical to implementing protocol security. With this in mind, the first part of the book focuses on commonly used cryptographic primitives and their security properties.
Many of the concepts in this book can be difficult to understand on first use. But just like learning and understanding other knowledge, the more we know about these concepts and the more times we see them in specific contexts, the more we can abstract them and understand them more naturally. The purpose of this book is to help readers establish an abstract thinking model of cryptographic algorithm construction, and understand the methods of combining various cryptographic algorithms to form security protocols. This book will repeatedly mention the interfaces constructed by various cryptographic primitives, and give examples of their actual use in the real world.
Cryptography used to be defined simply as something like Alice and Bob wanting to exchange secret information. Of course, the definition of cryptography has changed now. Today, cryptography has evolved into a very complex discipline around new discoveries, breakthroughs and practical needs. In the final analysis, the real purpose of cryptography is to enhance the security of the protocol, so that the protocol can still operate safely in the presence of an adversary.
In order to understand exactly how cryptography makes a protocol secure, it is crucial to clarify the set of security goals that the protocol is trying to achieve. The cryptographic primitives involved in this book satisfy at least one of the following properties.
- Confidentiality - hiding and protecting information that you don't want others to see. For example, encryption can mask messages in transit.
- Authenticity - Determining the identity of the other party to a communication. For example, authentication techniques allow us to be sure that a received message was indeed sent by Alice.
Of course, this is just a simplification of the algorithmic functions that cryptography can provide. In most cases, the security definition of each cryptographic primitive contains a detailed description of the function of the algorithm. Depending on how the cryptographic primitives are used, the resulting security properties of the protocol will vary.
In this book, we'll learn about some new cryptographic primitives and ways to combine them to achieve security properties such as confidentiality or authentication. Recognize the fact that cryptography is the art of securing protocols in the presence of adversaries. Although this book has not given a clear definition of "adversary", we can regard participants, observers, and intermediaries who attempt to destroy the agreement as opponents. These characters reflect the possible identities of the real-life adversaries. After all, cryptography is a practical field, and the villains it ultimately fights are flesh and blood.
Symmetric Ciphers: An Overview of Symmetric Encryption
Symmetric encryption (Symmetric Encryption) is one of the important concepts of cryptography. Symmetric cryptography plays a pivotal role in cryptography, and most cryptographic algorithms or protocols in this book use symmetric cryptography. We now introduce the new concept of symmetric encryption with the help of the first protocol we will introduce. Imagine a scenario where Alice needs to send a letter to Bob, who lives outside the castle. As shown in Figure 1.1, Alice asks her faithful messenger (Messenger) to ride his steed across the dangerous land ahead to deliver an important message to Bob. However, Alice is skeptical of the messenger; despite the faithful service of her messenger for many years, she still wants the message of this delivery to be kept secret from all passive observers, including the messenger. Come to think of it, the letter might contain some gossip about the kingdom.
What Alice needs is a protocol that simulates the process of Alice delivering the message to Bob herself. This is a problem that is practically impossible to solve unless we resort to cryptography (or teleportation). This requires the use of a new encryption algorithm invented by cryptographers many years ago, often called Symmetric Encryption Algorithm (Symmetric Encryption Algorithm).
Notice:
By the way, cryptographic algorithms are often also called cryptographic primitives. We can think of a cryptographic primitive as a minimal algorithmic construct in cryptography, which is often used together with other primitives to construct new protocols. The term "cryptographic primitives" often appears in relevant literature, and it is helpful to read the literature, but it really has no special meaning in itself, it is just a new term.
Next, let's see how to use this symmetric encryption algorithm to hide Alice's real message from the messenger. Now, suppose this cryptographic primitive is a black box (we cannot see its internals) that provides the following two functions.
- ENCRYPT;
- DECRYPT 。
The first function, ENCRYPT, takes a Secret Key and a Message as input, and it outputs a series of numbers that look like they were chosen at random, or, if we so choose, like noise. We call the output of this function the encrypted message. The principle of function ENCRYPT is shown in Figure 1.2.
The second function DECRYPT is the inverse function of the first function ENCRYPT, it takes the input key of ENCRYPT and the output encrypted message as input, and outputs the original message. The principle of the function DECRYPT is shown in Figure 1.3.
In order to use this new cryptographic primitive, Alice and Bob have to meet once in the real world to agree on the key they will use. Alice can then use the agreed key and function ENCRYPT to protect her message. She then sends the encrypted message to the courier, who forwards it to Bob. After Bob receives the encrypted message, he uses the same key and function DECRYPT as Alice to restore the original message. The specific process is shown in Figure 1.4.
In this messaging process, all the messenger has appears to be random messages, which will not provide him with any meaningful help in obtaining the hidden message. With the help of cryptography, we effectively turn an insecure protocol into a secure one. The new protocol allows Alice to deliver a confidential letter to Bob without anyone (except Bob) knowing the contents of the message.
In cryptography, a common way to make a protocol secure is to use a key to transform a message into noise, making the transformed message indistinguishable from a sequence of random numbers. In the next chapters, we will understand this process by learning more cryptographic algorithms.
By the way, symmetric encryption is part of Symmetric Cryptography or Secret Key Cryptography. Different functions of such cryptographic primitives tend to use the same key. In later chapters, we will also see that sometimes there is more than one key.
Asymmetric encryption: two keys are better than one
In the previous discussion of symmetric encryption, we mentioned that Alice and Bob need to meet to determine the symmetric encryption key they will use before they can safely deliver letters. This is a reasonable requirement, and many agreements actually have such a prerequisite requirement. However, such requirements quickly become impractical in protocols with many participants: do web browsers have to satisfy such requirements (i.e. Before connecting, the browsers must mutually determine the symmetric encryption key to use)?
Also known as the key distribution problem, this problem remained unsolved for quite some time until the late 1970s when cryptographers discovered another class of cryptography known as asymmetric cryptography, or public key cryptography. (Public Key Cryptography) algorithm, the key distribution problem can be solved. In asymmetric ciphers, different functions (ENCRYPT and DECRYPT ) use different keys (symmetric ciphers use only a single key). To illustrate how public-key cryptography can help people build trust, I'll introduce some asymmetric cryptographic primitives in this section. Note that these primitives are only an overview of the book's content, and we discuss these cryptographic primitives in more detail in subsequent chapters.
The above content comes from "Introduction to Cryptography in Simple"
Written by David Wong, a master of cryptography, and translated by a professional team, it explains cryptography in simple terms through illustrations and concise descriptions. The book is accompanied by color pictures, chapter exercises and answers to help you consolidate your knowledge points.
The book is divided into two parts. The first part introduces cryptographic primitives, involving basic concepts of cryptography, hash functions, message authentication codes, authenticated encryption, key exchange, asymmetric encryption and hybrid encryption, digital signatures and zero-knowledge proofs, random The second part involves content such as secure transmission, end-to-end encryption, user authentication, "encrypted currency", hardware cryptography, post-quantum cryptography, and new-generation cryptography.
This book is novel in form and easy to understand. It is very suitable for teachers and students in the field of cryptography and information security practitioners, and it is also suitable for readers who are interested in cryptography and its applications.