commit fa558656e4557b081e0a92560017634c34daf446 Author: Charles Iliya Krempeaux Date: Fri Dec 22 13:19:20 2023 -0800 inital commits diff --git a/index.xhtml b/index.xhtml new file mode 100644 index 0000000..360ad71 --- /dev/null +++ b/index.xhtml @@ -0,0 +1,387 @@ + + + + +Cryptography + + +
+
+

Cryptography

+
+ by + +
+

+ Cryptography is about how to communicate securely — and how to do so even when there is a malicious person, people, organization(s), or other entities who are trying to stop you from doing so. +

+

+ Cryptography is an important part of privacy. +

+

+ Cryptography is also sometimes called cryptology. +

+
+

Goals

+

+ Cryptography is generally used to try provide three different but related things: +

+
    +
  • confidentiality,
  • +
  • integrity, and
  • +
  • authenticity.
  • +
+

+ These three goals form the foundation of the security that cryptography tries to provide. +

+
+
+
Confidentiality
+
+

+ Confidentiality is the goal that only the person, people, organization(s), or other entities you addressed the message to can read the message. +

+

+ Confidentiality about how to hide information so that only the person, etc you want to read, listen to, or watch, etc a message can do so. +

+

+ (In cryptography, things such as text, audio, and video all get called a "message".) +

+

+ For example, if I record a video on my mobile phone and send it to my wife, confidentiality has it so that only my wife can watch the video, and no one else. + Not even the people and organizations that provide the communication infrastructure that I use to send the video to my wife. +

+

+ Confidentiality is important for privacy. +

+
+ +
Integrity
+
+

+ Integrity is the goal that a message’s contents cannot be tampered with. +

+

+ For example, if I write this message to my wife — +

+
+

+ Meet me at park by the kids' school at 3pm. +

+
+

+ — integrity, for example, has it so someone else cannot change my message to: +

+
+

+ Meet me at in the dark scary alley behind the grocery store at 2pm. +

+
+

+ With integrity, the message my wife receives will be exactly what I sent her. +

+
+ +
Authenticity
+
+

+ Authenticity is the goal that if someone or something claims to be who someone or something, then you can tell if it is actually them. +

+

+ This could be with someone logging into a system. + Or it could be with who or what a message is claimed to be from. +

+

+ For example, if my wife receives a message, she can tell if the message is actually from me or not. +

+
+
+
+

Jargon

+

+ Like many specialties, cryptography has its own jargon + — + special words and special phrases that have special meanings in the specialty. +

+

+ Sometimes jargon is comprised of new words and new phrases. + But sometimes jargon is comprised of existing words and existing phrases, which are given new meanings! + (This latter form of jargon can not only confuse, but also mislead people who don't understand the jargon of the specialty.) +

+

+ Some of the basic jargon, in cryptography, includes the following words in phrases: + cipher, + cipher-text, + decrypt, + decryption, + digest, + encrypt, + encryption, + hash, + message, + party, and + plain-text. +

+

+ Some of the more advanced jargon, in cryptography, includes the following words in phrases: + avalanche-effect, + bcrypt, + brute-force-attack, + collision-attack, + decryption algorithm, + Ed25519, + EdDSA, + encryption algorithm, + GPG, + finger-print, + key, + MD5, + pass-phrase, + pass-word, + pepper, + PGP, + proof-of-work, + rainbow-table, + ROT-13, + RSA, + running key cipher, + salt, + scrypt, + scytale, + SHA-1, + SHA-2, + SHA-3, + shift-cipher, + sponge-function, + signature, + substitution cipher, + TLS, + transposition cipher, + web-of-trust, + etc etc etc. + (There are a lot more advanced jargon than what we listed.) +

+

+ Learning cryptography's jargon will help you understand cryptography + — + as specialists in cryptography will very very likely be using cryptography's jargon. +

+

+ Let's first focus on defining the basic jargon in cryptography. +

+

+ (These definitions won't be in alphabetical order. + But instead will be in an order that I think will make them easier to understand. + Some jargon is easier to understand once you understand other jargon.) +

+
+

Plain-Text, Cipher-Text, Encryption, Decryption

+

+ What plain-text and cipher-text as well as encryption and decryption are is probably most easily understood with some examples. +

+ +
+

Example №1

+

+ If I write this message to my wife — +

+
+

+ COULD YOU PICK UP THE KIDS FROM SCHOOL TODAY AT 2PM, PLEASE? +

+
+

+ — that is plain-text. +

+

+ I might not want anyone else to be able to read that message (other than my wife). + So I can hide that message from others by turning that plain-text message into a cipher-text message to try to accomplish that. +

+

+ The process of turning a plain-text message into a cipher-text message is called encryption. +

+

+ What would a cipher-text message for that plain-text message look like‽ + — + well, it depends on what encryption algorithm we use. +

+

+ For a very very simple example, if we were using the ROT-13 encryption algorithm, then the cipher-text would be: +

+
+

+ PBHYQ LBH CVPX HC GUR XVQF SEBZ FPUBBY GBQNL NG 2CZ, CYRNFR? +

+
+

+ (We will look closer at ROT-13 later.) +

+

+ For my wife to read my message, she would have to turn that cipher-text back into plain-text. +

+

+ The process of turning a cipher-text message into a plain-text message is called decryption. +

+
+
+

Example №2

+

+ Let's look at another example. + We will use the same plain-text — +

+

+ I.e. again I will write this message to my wife — +

+
+

+ COULD YOU PICK UP THE KIDS FROM SCHOOL TODAY AT 2PM, PLEASE? +

+
+

+ — and again that will be the plain-text. +

+

+ And again, I will not want anyone else to be able to read that message (other than my wife). + So I will hide that message from others by turning that plain-text message into a cipher-text message to try to accomplish that. +

+

+ But this time we will use a different encryption algorithm. +

+

+ With this example, we will use another very very simple encryption algorithm — we will use a substitution cipher. + To use a substitution cipher as your encryption algorithm you need to pick a substitution-alphabet. + The substitution-alphabet we will use is — +

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
normal English alphabetABCDEFGHIJKLMNOPQRSTUVWXYZ
cipher alphabetQKTNHFPRMSUJWCBDZGXIVYOEAL
+

+ (We will look closer at substitution ciphers later. + Don't worry if, for example, what a substitution-alphabet is doesn't make sense yet.) +

+

+ With this, if we encrypt our plain-text, our cipher-text would be: +

+
+

+ TBVJN ABV DMTU VD IRH UMNX FGBW XTRBBJ IBNQA QI 2DW, DJHQXH? +

+
+

+ And again, for my wife to be able to read my message, she would need to have to decrypt the cipher-text back into the plain-text to get: +

+
+

+ COULD YOU PICK UP THE KIDS FROM SCHOOL TODAY AT 2PM, PLEASE? +

+
+
+
+

+ So, now that you have seen those examples, let's define those terms. +

+
+
Plain-Text
+
+

+ Plain-Text is the original message. +

+

+ In cryptography, text, audio, and video all get called a "plain-text". + Which can be a bit confusing and even misleading as, in regular language, the word "text" tends not to include audio and video. + But in cryptography it does. +

+

+ Usually when cryptography specialists talk about plain-text, they are doing so in relation to cipher-text. +

+
+ +
Cipher-Text
+
+

+ To make a plain-text message confidential, we turn it into a cipher-text. +

+

+ We turn a plain-text message into a cipher-text message to hide the message so that only the person, etc you want to read, listen to, or watch, etc the message can do so. +

+
+ +
Encryption
+
+

+ Encryption is the process of turning plain-text into a cipher-text. +

+

+ What the cipher-text ends up being depends on what encryption algorithm you end up using. +

+
+ +
Decryption
+
+

+ Decryption is the process of turning cipher-text back into plain-text. +

+
+
+
+
+
+ +