8.2 Crypto Terminology
Digital Signature
- An electronic proof of origin that validates AUTHENTICATION (created by a known sender) of the sender, Integrity(Was not altered in transit) of the message and non repudiation (the sender cannot deny having sent the message) - Confirm the author of the message - Asymmetric Cryptographic
Unicode
- Computing industry standard for the consistent encoding, representation, and handling of text expressed in most of the world's writing systems.
Cryptography
- Constructing and analyzing protocols that prevent third parties or the public from reading private messages - AKA Cryptology
UTF-8
- Dominant character encoding for the World Wide Web - Capable of encoding all possible characters defined by Unicode
Base64
- Group of similar binary-to-text encoding schemes - Represent binary data in an ASCII string format
Hash Algorithm
- It is a function that can be used to map out data of random size to data of fixed size. - HASH values, HASH codes and HASH sums are returned by functions during hashing. These are different types of hashing algorithms used in computing, but some have been discarded over time.
Hash Function
- It is any function that can be used to map data of arbitrary size to data of fixed size. - The values returned by a hash function are called Hash Values, HASHA CODES, DIGESTS, or simply HASHES. One use is a data structure called a hash table, widely used in computer software for rapid data lookup.
Cryptographic Primitives
- Pseudo Random Number Generator (PRNG) - One Way Hash Function - Digital Signature - Symmetric (AKA Private Key) Cryptography - Asymmetric (AKA Public Key) Cryptography
One Way Hash Function
- also known as a message digest, fingerprint or compression function - is a mathematical function which takes a variable-length input string and converts it into a fixed-length binary sequence.
Pseudo Random Number Generator (PRNG)
- is an algorithm for generating a sequence of numbers whose properties approximate the properties of sequences of random numbers.
Encryption
- is for maintaining data CONFIDENTIALITY and requires the use of a key (kept secret) in order to return to plaintext.
Encoding
- is for maintaining data USABILITY and can be reversed by employing the same algorithm that ENCODED the content, i.e. no key is used.
Hashing
- is for validating the INTEGRITY of content by detecting all modification thereof via obvious changes to the hash output.
Checksum
- is the outcome of running an algorithm, called a cryptographic hash function, on a piece of data, usually a single file.
Obfuscation
- is used to prevent people from understanding the meaning of something, and is often used with computer code to help prevent successful reverse engineering and/or theft of a product's functionality.
Cryptanalysis
-Analyzing information systems in order to study the hidden aspects - Used to breach cryptographic security systems and gain access to the contents of encrypted messages, even if cryptographic key is unknown
Why use hash functions instead of encryption?
1. Hashing is faster than encryption. 2. Library code for hashing is more available. 3. Can easily replace one hash function for another. 4. US export restrictions on encryption
Hashing
It is a one-way function that changes a plain text to a unique digest that is irreversible.
Cryptographic Hash Function
It is a special class of hash function that has certain properties that make it suitable for use in cryptography.
What are hash functions used for?
Storing passwords (for confidentiality) a. Needs one-wayness Comparing files (for integrity) b. Needs weak-collision resistance Auction bids c. Needs one-wayness d. Needs collision resistance
Entropy
Unpredictability
