Cryptography Study Guide Notes

Randomness is crucial in cryptography for several applications, including:
- Secure key generation.
- Initialization Vectors (IVs).
- Nonces (number used once).
There are different types of randomness:
- True randomness: Generally considered the best and most unpredictable.
- Pseudo-randomness: Algorithms that generate seemingly random numbers but are deterministic.

A stream cipher encrypts data one bit or byte at a time.
It combines a keystream with the plaintext using the XOR operation.
Example of stream cipher encryption: $ciphertext = ''.join(chr(ord(p) ^ ord(k)) for p, k in zip(plaintext, key))$
- This code iterates through the plaintext and key, XORs the ordinal value of each character, and joins the resulting characters to form the ciphertext.

Hash algorithms map an input of arbitrary size to a fixed-size output (hash or digest).
They are primarily used for verifying data integrity.

A secure password management technique involves using salted hashes.
Salting adds a unique random value to each password before hashing, making it more resistant to rainbow table attacks.

The Diffie-Hellman key exchange protocol allows two parties to create a shared secret over an insecure channel.
The process involves:
- Two parties, typically called Alice and Bob, agree on a large prime number $p$ and a base $g$ .
- Alice chooses a secret integer $a$ and computes $A = g^a \, mod \, p$ .
- Bob chooses a secret integer $b$ and computes $B = g^b \, mod \, p$ .
- Alice sends $A$ to Bob, and Bob sends $B$ to Alice.
- Alice computes the shared key as $shared_key = B^a \, mod \, p$ .
- Bob computes the shared key as $shared_key = A^b \, mod \, p$ .
- These two keys are equal because $B^a \, mod \, p = (g^b)^a \, mod \, p = g^{ab} \, mod \, p = (g^a)^b \, mod \, p = A^b \, mod \, p$ .

RSA is an asymmetric encryption algorithm.
It uses a public key for encryption and a private key for decryption.
The security of RSA is based on the difficulty of factoring large prime numbers.

A blockchain is an immutable ledger.
Each block contains:
- The hash of the previous block.
- Data (e.g., transactions).
- A timestamp.
Issues with blockchains:
- Centralization of mining.
- RPCA (Remote Procedure Call Authentication).

Cryptography aims to provide:
- Confidentiality: Protecting data from unauthorized access.
- Integrity: Ensuring that data has not been altered.
- Authentication: Verifying the identity of a user or device.
- Key Management: Securely managing cryptographic keys.

ord(char): Converts a character to its integer representation.
chr(num): Converts an integer to its character representation.
secrets.randbelow(100): Securely generates a random integer less than 100.
Example of generating ciphertext from XORing plaintext with a key:
$ciphertext = ''.join(chr(ord(p) ^ ord(k)) for p, k in zip(plaintext, key))$

Encrypting a message using a randomly generated key of the same length as the message.
import random
key = random.randint(0, 255)
ciphertext = ''.join(chr(ord(c) ^ key) for c in message)

from Crypto.PublicKey import RSA

key = RSA.generate(2048)
public_key = key.publickey().export_key()
private_key = key.export_key()

SHA256

SHA (Secure Hash Algorithm): A family of cryptographic hash functions used to ensure data integrity and authenticity; commonly utilized in digital signatures and certificates.
from hashlib import sha256
digest = sha256(message.encode()).hexdigest()