Basic concepts of cryptography

Cryptography (from the Greek. - Hidden and - I write) - the science of mathematical methods to ensure confidentiality (the inability to read information by an outsider) and authenticity (integrity and authenticity of authorship, as well as the impossibility of refusing authorship) information.

Initially, cryptography studied information encryption methods — a reversible transformation of open (source) text based on a secret algorithm and / or key into an encrypted text (ciphertext). Traditional cryptography forms a section of symmetric cryptosystems in which encryption and decryption is performed using the same secret key. In addition to this section, modern cryptography includes asymmetric cryptosystems, digital signature systems (EDS), hash functions, key management, obtaining hidden information, quantum cryptography.

Key - secret information used by a cryptographic algorithm for encrypting / decrypting messages, setting and verifying a digital signature, calculating authentication codes (MAC). When using the same algorithm, the result of encryption depends on the key. For modern strong cryptography algorithms, the loss of a key leads to the practical impossibility of decrypting information.

Symmetric cipher is an encryption method in which the same cryptographic key is used for encryption and decryption.
Before the invention of asymmetric encryption schemes, symmetric encryption was the only method that existed.
The algorithm key must be kept secret by both parties. The algorithm key is selected by the parties prior to the start of the message exchange.

Asymmetric cipher - a cipher that uses different keys for encryption and decryption, called respectively open (public, public) and private (private) key.

Asymmetric ciphers are rather slow, but they do not have the problem of symmetric ciphers with key distribution. The public key can be freely distributed over unsecured channels, as they can only encrypt, but not decrypt the text.

The possibility of creating such ciphers appeared with the development of the theory of numbers, and their practical application with the development of computing technology, because of the need for computations over very long numbers (thousands of binary digits).

Hybrid.

Public key ciphers also have flaws. First, encryption / decryption operations require significantly more computational resources and, accordingly, are performed more slowly than with the use of symmetric ciphers. Secondly, public key algorithms have certain features that make them difficult to use and make it undesirable to use these algorithms for encrypting large amounts of data. Public key ciphers, however, are effective in distributing keys of symmetric ciphers and it is for this purpose that they are used in hybrid cryptosystems.

The hybrid cipher uses both a symmetric cipher and a public key cipher. First, a random key is generated for a symmetric cipher, called a session key. The message is encrypted with a symmetric cipher using a session key. Then the session key is encrypted with the recipient's public key. A session key encrypted with a public key cipher and a message encrypted with a symmetric cipher are automatically merged together. The recipient uses his secret key to decrypt the session key and then uses the received session key to decrypt the message. Since the key of the symmetric cipher is transferred in a secure manner, a new session key is generated for each message. Additionally, it becomes possible to encrypt a message for several recipients at once, and several copies of the session key encrypted with the public keys of different recipients are added to the message encrypted with the session key. Both PGP and GnuPG use exactly the hybrid scheme.

It should be remembered that a hybrid cipher is no more stable than the weakest cipher it uses. Those. if a weak symmetric cipher is used, then it does not make sense to use a public key cipher with a huge key length.

Electronic signature — an electronic document requisite designed to protect this electronic document from forgery, obtained as a result of cryptographic transformation of information using the private key of an electronic digital signature and allowing to identify the owner of the signature key certificate, and also to establish the absence of distortion of information in the electronic document also provides non-repudiation to the signer.
General scheme
The electronic signature scheme usually includes: an algorithm for generating user key pairs;
signature calculation function;
signature verification function.

The function of calculating the signature on the basis of the document and the user's private key calculates the signature itself. Depending on the algorithm, the signature calculation function may be deterministic or probabilistic. Deterministic functions always calculate the same signature using the same input data. Probabilistic functions introduce an element of chance into a signature, which enhances the cryptographic strength of digital signature algorithms. However, a probable source of randomness is necessary for probabilistic schemes (either a hardware noise generator or a cryptographically reliable pseudo-random bit generator), which complicates the implementation.

Currently, deterministic schemes are practically not used. Even in the initially deterministic algorithms, modifications have now been made that turn them into probabilistic ones (for example, the second version of the PKCS # 1 standard has added an OAEP to the RSA signature algorithm, which includes noise reduction, among other things).

The signature verification function checks whether the given signature matches the given document and the user's public key. The user's public key is available to everyone, so anyone can verify the signature on this document.

Since the documents to be signed are variable (and quite large) in length, in EDS schemes, the signature is often put not on the document itself, but on its hash. To calculate the hash, cryptographic hash functions are used, which guarantees detection of document changes during signature verification. Hash functions are not part of the EDS algorithm, so any reliable hash function can be used in the scheme.

EDS algorithms are divided into two large classes: ordinary digital signatures and digital signatures with document recovery. Regular digital signatures must be docked to the document being signed. For example, algorithms based on elliptic curves (ECDSA, GOST R 34.10-2001, DSTU 4145-2002) belong to this class. Digital signatures with document recovery contain the document being signed: during the signature verification process, the document body is also automatically calculated. This class includes one of the most popular algorithms - RSA.

It is necessary to distinguish the electronic digital signature and the message authenticity code, despite the similarity of the tasks to be solved (ensuring the integrity of the document and the non-repudiation of authorship). EDS algorithms belong to the class of asymmetric algorithms, while authenticity codes are calculated using symmetric schemes.
Security
Digital signature provides:
American Digital Signature Standards: DSA, ECDSA
Russian digital signature standards: GOST R 34.10-94 (currently not valid), GOST R 34.10-2001
Ukrainian digital signature standard: DSTU 4145-2002
The PKCS # 1 standard describes, in particular, an electronic digital signature scheme based on the RSA algorithm.

ElGamal
Rabin's Probabilistic Signature Scheme Key Management

An important problem of all public-key cryptography, including EDS systems, is the management of public keys. It is necessary to ensure that any user has access to the authentic public key of any other user, to protect these keys from being substituted by the attacker, and also to organize the revocation of the key if it is compromised.

The task of protecting keys from spoofing is solved with the help of certificates. The certificate allows you to certify the data entered in it about the owner and his public key with the signature of a trustee. In centralized certificate systems (for example, PKI) certification centers are used that are supported by trusted organizations. In decentralized systems (for example, PGP), a cross-trust network is built by each user by cross-signing certificates of familiar and trusted people.

Key management is handled by certificate distribution centers. Having addressed to such a center, a user can obtain a certificate of a certain user, and also check if this or that public key has been revoked.