Cryptography Notes

Cryptography

• It is the science of encoding/encrypting and decoding/decrypting information

• Symmetric key algorithms are the ones in which the key to encrypt is the same used to decrypt

• Asymmetric Key algorithms are the ones in a pair of keys is used one to decrypt and one to decrypt

  • Public key is used to encrypt messages
  • Private key is used to decrypt messages
  • Messages encrypted by public key can only be decrypted by the corresponding private key pair
  • It uses prime number math magic that makes it hard for someone to figure out the private key

• Caesar Cipher or Caesar Shift Take a letter and substitute that letter with another fixed number of positions down the alpaphet, the key is the value that determines the number of fixed positions used for the translation, if the end of the alphabet is reached we loop back to the start. It is a symmetric key algorithm

• RSA Common used algorithm to encrypt data, is an asymmetric key algorithm, usually used to share key

• Asymmetric algorithms cost more that Symmetric algorithms

Introduction to Crypto

Hash functions:

• It's a math transformation/function that takes an arbitrary size input an produces fixed size output (a.k.a digest, tag, hash)
• The output is deterministic it will always produce the same output to the same given input, it doesn't change over time

A secure cryptographic hash function has these extra properties:

• Computationally efficient: It must compute the output in a reasonable amount of time

• Collision free or Collision resistant:

  • A collision can't be found, theoretically they do exists but its really difficult to find one (difficult in this context means it should take a lot of time to find)
  • If x and y are such that, x != y then is hard to find H(x) == H(y)
  • It's hard to find two distinct inputs that map to the same output

• Hiding:

  • Knowing the has function H(x) it's infeasible/very difficult to find the input x or anything related to the input.
  • Knowing the output it should be very difficult to find any information about the input
  • To accomplish hiding we concatenate the input with a value from a distribution/set that has min-entropy (H(r | x)), which means the values are very spread out causing that it will be very difficult to find the input

• Puzzle-friendly:

  • Implies that no solving strategy is much better that trying random values as input
  • The output should look random

Financial systems:

• Credit based: entity A receives something and promises to pay to entity B, A has a debt
• Cash based: ever entity use a standard exchange mean that has value (money)

Digital signature

• An application of hash functions is digital signatures
• A digital signature is associated with a cryptographic hash function
• Digital signature schemes: RSA, DSS
• The mathematical mechanism that binds the entity identity to some information, its like signing a paper it binds your identity to that paper
• A digital signature depends on the message, it changes depending on the message (see Sm in image below)

Digital signature flow

• Entity A generates two keys
  • Private key or Signing key (sk)
  • Public key or Verification key (vk)
  • It should be hard to determine the sk if you only have the vk
• Entity A applies a math transformation using the message and sk the output is the signature
• You can verify this a message from entity A using the message itself, the signature and vk
• Hash-sign: Usually the message is passed through a hash function first to encrypt it and then the resulting digest is signed

Extra

• P2P network: individual hosts that agree on a protocol
• The hash functions used in hash tables are not the same as cryptographic hash functions
• Your wallet address is just your public verification key (public key or verification key)
• The transaction fee is set by the payer to incentivize nodes to add the payer transaction to a transaction block

Hash pointer: it's a kind of data structure that has a pointer to some info and the hash of the info

tamper evidence: if somebody tries to alter data that is earlier in the log we can detect it

Encoding

• ASCII was invented to represent English letters, which was able to represent every character using a number between 32 and 127, since this was stored on a byte, top 128 characters were used for different people/orgs/industries for their own purposes

• In the ANSI standard, everybody agreed on what to do below 128

• For characters from 128 and on up there were different systems called code pages

• Unicode was an effort to create a single character set that included every reasonable writing system on the plane

• In Unicode, a letter maps to something called a code point which is still just a theoretical concept. How that code point is represented in memory or on disk is another story.

• Encoding like UTF dictates how a character is stored in memory so for a particular character you need to know its encoding

• almost every encoding in common use does the same thing with characters between 32 and 127,