Table Of Content

Crypto 101 LaurensVanHoutven(lvh) 1 2 Copyright2013-2014,LaurensVanHoutven Thisbookismadepossiblebyyourdonations. Ifyouenjoyedit,please considermakingadonation,soitcanbemadeevenbetterandreach evenmorepeople. ThisworkisavailableundertheCreativeCommonsAttribution-NonCommercial 4.0International(CCBY-NC4.0)license. Youcanfindthefulltextof thelicenseathttps://creativecommons.org/licenses/by-nc/4.0/. Thefollowingisahuman-readablesummaryof(andnotasubstitute for)thelicense. Youcan: • Share: copy and redistribute the material in any medium or format • Adapt: remix,transform,andbuilduponthematerial The licensor cannot revoke these freedoms as long as you follow thelicenseterms: • Attribution: youmustgiveappropriatecredit,providealinkto thelicense,andindicateifchangesweremade. Youmaydoso inanyreasonablemanner,butnotinanywaythatsuggeststhe licensorendorsesyouoryouruse. • NonCommercial: youmaynotusethematerialforcommercial purposes. • No additional restrictions: you may not apply legal terms or technological measures that legally restrict others from doing anythingthelicensepermits. 3 You do not have to comply with the license for elements of the material in the public domain or where your use is permitted by an applicableexceptionorlimitation. No warranties are given. The license may not give you all of the permissionsnecessaryforyourintendeduse. Forexample,otherrights suchaspublicity,privacy,ormoralrightsmaylimithowyouusethe material. Pomidorkowi 4 Contents Contents 5 I Foreword 10 1 Aboutthisbook 11 2 Advancedsections 13 3 Development 14 4 Acknowledgments 15 II Buildingblocks 17 5 Exclusiveor 18 5.1 Description . . . . . . . . . . . . . . . . . . . . . . 18 5.2 AfewpropertiesofXOR . . . . . . . . . . . . . . . 19 5.3 BitwiseXOR . . . . . . . . . . . . . . . . . . . . . 20 5.4 One-timepads . . . . . . . . . . . . . . . . . . . . 21 5.5 Attackson“one-timepads” . . . . . . . . . . . . . . 23 5.6 Remainingproblems . . . . . . . . . . . . . . . . . 29 5 CONTENTS 6 6 Blockciphers 30 6.1 Description . . . . . . . . . . . . . . . . . . . . . . 30 6.2 AES . . . . . . . . . . . . . . . . . . . . . . . . . . 34 6.3 DESand3DES . . . . . . . . . . . . . . . . . . . . 38 6.4 Remainingproblems . . . . . . . . . . . . . . . . . 41 7 Streamciphers 42 7.1 Description . . . . . . . . . . . . . . . . . . . . . . 42 7.2 Anaiveattemptwithblockciphers . . . . . . . . . . 42 7.3 Blockciphermodesofoperation . . . . . . . . . . . 50 7.4 CBCmode . . . . . . . . . . . . . . . . . . . . . . 50 7.5 AttacksonCBCmodewithpredictableIVs . . . . . 52 7.6 AttacksonCBCmodewiththekeyastheIV . . . . 54 7.7 CBCbitflippingattacks . . . . . . . . . . . . . . . 56 7.8 Padding . . . . . . . . . . . . . . . . . . . . . . . . 59 7.9 CBCpaddingattacks . . . . . . . . . . . . . . . . . 60 7.10 Nativestreamciphers . . . . . . . . . . . . . . . . . 68 7.11 RC4 . . . . . . . . . . . . . . . . . . . . . . . . . . 70 7.12 Salsa20 . . . . . . . . . . . . . . . . . . . . . . . . 80 7.13 Nativestreamciphersversusmodesofoperation . . . 82 7.14 CTRmode . . . . . . . . . . . . . . . . . . . . . . 82 7.15 Streamcipherbitflippingattacks . . . . . . . . . . . 84 7.16 Authenticatingmodesofoperation . . . . . . . . . . 85 7.17 Remainingproblems . . . . . . . . . . . . . . . . . 85 8 Keyexchange 86 8.1 Description . . . . . . . . . . . . . . . . . . . . . . 86 8.2 AbstractDiffie-Hellman . . . . . . . . . . . . . . . 87 8.3 Diffie-Hellmanwithdiscretelogarithms . . . . . . . 91 8.4 Diffie-Hellmanwithellipticcurves . . . . . . . . . . 92 8.5 Remainingproblems . . . . . . . . . . . . . . . . . 94 9 Public-keyencryption 96 9.1 Description . . . . . . . . . . . . . . . . . . . . . . 96 CONTENTS 7 9.2 Whynotusepublic-keyencryptionforeverything? . 97 9.3 RSA . . . . . . . . . . . . . . . . . . . . . . . . . . 98 9.4 Ellipticcurvecryptography . . . . . . . . . . . . . . 104 9.5 Remainingproblem: unauthenticatedencryption . . 104 10 Hashfunctions 106 10.1 Description . . . . . . . . . . . . . . . . . . . . . . 106 10.2 MD5 . . . . . . . . . . . . . . . . . . . . . . . . . 108 10.3 SHA-1 . . . . . . . . . . . . . . . . . . . . . . . . 108 10.4 SHA-2 . . . . . . . . . . . . . . . . . . . . . . . . 108 10.5 KeccakandSHA-3 . . . . . . . . . . . . . . . . . . 109 10.6 BLAKEandBLAKE2 . . . . . . . . . . . . . . . . 109 10.7 Passwordstorage . . . . . . . . . . . . . . . . . . . 109 10.8 Lengthextensionattacks . . . . . . . . . . . . . . . 114 10.9 Hashtrees . . . . . . . . . . . . . . . . . . . . . . . 116 10.10Remainingissues . . . . . . . . . . . . . . . . . . . 116 11 Messageauthenticationcodes 117 11.1 Description . . . . . . . . . . . . . . . . . . . . . . 117 11.2 CombiningMACandmessage . . . . . . . . . . . . 120 11.3 Anaiveattemptwithhashfunctions . . . . . . . . . 122 11.4 HMAC . . . . . . . . . . . . . . . . . . . . . . . . 126 11.5 One-timeMACs . . . . . . . . . . . . . . . . . . . 128 11.6 Carter-WegmanMAC . . . . . . . . . . . . . . . . 132 11.7 Authenticatedencryptionmodes . . . . . . . . . . . 133 11.8 OCBmode . . . . . . . . . . . . . . . . . . . . . . 135 11.9 GCMmode . . . . . . . . . . . . . . . . . . . . . . 138 12 Signaturealgorithms 139 12.1 Description . . . . . . . . . . . . . . . . . . . . . . 139 12.2 RSA-basedsignatures . . . . . . . . . . . . . . . . . 140 12.3 DSA . . . . . . . . . . . . . . . . . . . . . . . . . . 140 12.4 ECDSA . . . . . . . . . . . . . . . . . . . . . . . . 145 12.5 Repudiableauthenticators . . . . . . . . . . . . . . . 145 CONTENTS 8 13 Keyderivationfunctions 147 13.1 Description . . . . . . . . . . . . . . . . . . . . . . 147 13.2 Passwordstrength . . . . . . . . . . . . . . . . . . . 149 13.3 PBKDF2 . . . . . . . . . . . . . . . . . . . . . . . 149 13.4 bcrypt . . . . . . . . . . . . . . . . . . . . . . . . . 149 13.5 scrypt . . . . . . . . . . . . . . . . . . . . . . . . . 149 13.6 HKDF. . . . . . . . . . . . . . . . . . . . . . . . . 149 14 Randomnumbergenerators 154 14.1 Introduction . . . . . . . . . . . . . . . . . . . . . . 154 14.2 Truerandomnumbergenerators . . . . . . . . . . . 155 14.3 Cryptographicallysecurepseudorandomgenerators . 158 14.4 Yarrow . . . . . . . . . . . . . . . . . . . . . . . . . 159 14.5 BlumBlumShub . . . . . . . . . . . . . . . . . . . 159 14.6 Dual_EC_DRBG . . . . . . . . . . . . . . . . . . . . . 160 14.7 MersenneTwister . . . . . . . . . . . . . . . . . . . 168 IIICompletecryptosystems 176 15 SSLandTLS 177 15.1 Description . . . . . . . . . . . . . . . . . . . . . . 177 15.2 Handshakes . . . . . . . . . . . . . . . . . . . . . . 178 15.3 Certificateauthorities . . . . . . . . . . . . . . . . . 179 15.4 Self-signedcertificates . . . . . . . . . . . . . . . . 180 15.5 Clientcertificates . . . . . . . . . . . . . . . . . . . 180 15.6 Perfectforwardsecrecy . . . . . . . . . . . . . . . . 181 15.7 Attacks . . . . . . . . . . . . . . . . . . . . . . . . 182 15.8 HSTS . . . . . . . . . . . . . . . . . . . . . . . . . 186 15.9 Certificatepinning . . . . . . . . . . . . . . . . . . 188 15.10Secureconfigurations . . . . . . . . . . . . . . . . . 188 16 OpenPGPandGPG 190 16.1 Description . . . . . . . . . . . . . . . . . . . . . . 190 CONTENTS 9 16.2 Theweboftrust . . . . . . . . . . . . . . . . . . . . 191 17 Off-The-RecordMessaging(OTR) 194 17.1 Description . . . . . . . . . . . . . . . . . . . . . . 194 IV Appendices 197 A Modulararithmetic 198 A.1 Additionandsubtraction . . . . . . . . . . . . . . . 199 A.2 Primenumbers . . . . . . . . . . . . . . . . . . . . 201 A.3 Multiplication . . . . . . . . . . . . . . . . . . . . . 203 A.4 Divisionandmodularinverses . . . . . . . . . . . . 203 A.5 Exponentiation . . . . . . . . . . . . . . . . . . . . 205 A.6 Exponentiationbysquaring . . . . . . . . . . . . . . 206 A.7 Montgomeryladderexponentiation . . . . . . . . . 208 A.8 Discretelogarithm . . . . . . . . . . . . . . . . . . 214 B Ellipticcurves 217 B.1 Theellipticcurvediscretelogproblem . . . . . . . . 219 C Side-channelattacks 221 C.1 Timingattacks . . . . . . . . . . . . . . . . . . . . 221 C.2 Powermeasurementattacks . . . . . . . . . . . . . . 221 Bibliography 222 Glossary 228 Acronyms 235 Part I Foreword 10

ebook img

Crypto101.pdf (PDFy mirror) PDF

3.3 MB·English
by  
#additional_collections #pdfymirrors
Save to my drive
Quick download
Download

Download Crypto101.pdf (PDFy mirror) PDF Free - Full Version

by Unknow| 3.3| English

Download Crypto101.pdf (PDFy mirror) by in PDF format completely FREE. No registration required, no payment needed. Get instant access to this valuable resource on PDFdrive.to!

Free Download PDF

About Crypto101.pdf (PDFy mirror)

No description available for this book.

Detailed Information

Author:Unknown
Language:English
File Size:3.3
Format:PDF
Price:FREE
Download Free PDF

Safe & Secure Download - No registration required

Why Choose PDFdrive for Your Free Crypto101.pdf (PDFy mirror) Download?

  • 100% Free: No hidden fees or subscriptions required for one book every day.
  • No Registration: Immediate access is available without creating accounts for one book every day.
  • Safe and Secure: Clean downloads without malware or viruses
  • Multiple Formats: PDF, MOBI, Mpub,... optimized for all devices
  • Educational Resource: Supporting knowledge sharing and learning

Free Books Similar to Crypto101.pdf (PDFy mirror)

Frequently Asked Questions

Is it really free to download Crypto101.pdf (PDFy mirror) PDF?

Yes, on https://PDFdrive.to you can download Crypto101.pdf (PDFy mirror) by completely free. We don't require any payment, subscription, or registration to access this PDF file. For 3 books every day.

How can I read Crypto101.pdf (PDFy mirror) on my mobile device?

After downloading Crypto101.pdf (PDFy mirror) PDF, you can open it with any PDF reader app on your phone or tablet. We recommend using Adobe Acrobat Reader, Apple Books, or Google Play Books for the best reading experience.

Is this the full version of Crypto101.pdf (PDFy mirror)?

Yes, this is the complete PDF version of Crypto101.pdf (PDFy mirror) by Unknow. You will be able to read the entire content as in the printed version without missing any pages.

Is it legal to download Crypto101.pdf (PDFy mirror) PDF for free?

https://PDFdrive.to provides links to free educational resources available online. We do not store any files on our servers. Please be aware of copyright laws in your country before downloading.

The materials shared are intended for research, educational, and personal use in accordance with fair use principles.

We use cookies

We use cookies to ensure you get the best browsing experience on our website. By clicking "Accept Cookies", you agree that we can store cookies on your device in accordance with our Terms and Privacy.