Please enable JavaScript.
Coggle requires JavaScript to display documents.
Cryptography, Asymmetric Encryption, Symmetric Key Encryption - Coggle…
Cryptography
Encryption
is the process of converting data from human-readable to non-human readable through the use of mathematical algorithms and keys
-
-
Hashing
-
hashing can confirm that the data hasn't been tampered with, but it's not an encryption
Encoding
is the process of applying a specific code (not necessarily mathematical) of letters, numbers, and symbols to plaintext to turn it into ciphertext.
-
-
Asymmetric Encryption
-
Practice
Steps
- Create public key: openssl rsa -in private_key.pem -outform PEM -pubout -out public_key.pem
- Create private key: openssl genrsa -out private_key.pem 2048
- encrypt using public key, decrypt using private key in code
Who will read a data encrypted needs generate a private key and a public, share a public key to the person who will encrypt the data
For JWT, a service responsible for generate and sign it use a private key, and others services will use a public key that only is capable to validate if the token JWT is valid or not. To ensure if it was emmited by who I expected that should be emmited
Digital Sinatures Steps
- Get a document and generate private and public key
- Sign the document with the private key using an algorithm (eg. RSA-SHA256)
- send the document + signature + share the public key
- Receive the document and verify the signature using the public key and the algorithm(the same used by the signature)
Here, because the public key is used to decrypt, this only provides data integrity, not confidentiality. The same for JWT.
-
each user has two keys – a public key and a private key. A public key can be used by anyone to encrypt a message so that it can only be deciphered by the intended recipient with a private key.
focus on protecting the confidentiality of a message, not necessarily protect the integrity of a message. So normally is used combined with hashing, to validade the integrity
Typically, is used to authenticate data using digital signatures (DSA)
Every public key is mathematically linked to only one private key. It's used a algorithim like RSA to generate both public and private key
eg. of uses: HTTPS sites (SSL), Bitcoin, SSH
-
-
Symmetric Key Encryption
-
e.g: Triple DES, DES(insecure) AES
-
t's more efficient to process and generate keys, but if has a leak of the key, the data can be decrypted, read, and re-encrypted with a new key
Types
Stream ciphers
-
A keystream is a sequence of pseudorandom digits that has the same length of the plaintext in order to uniquely encrypt each character based on the corresponding digit in the keystream.
Using the keystream and plaintext together, we then use XOR to actually perform the encryption by flipping bits of plaintext to get to the ciphertext.
-
-
One-Time Pad
each bit or character from the plaintext is combined by a modular addition with a bit or character from a secret random key (or ‘pad’) of the same length as or longer than the plaintext, resulting in the ciphertext.
-
-
-