If you’re familiar with the laws of thermodynamics, you may recognize the second law as the one that deals with entropy. In the realm of physics, entropy represents the degree of disorder in a system. Because systems tend to degrade over time, thermodynamic energy becomes less available to do mechanical work. In cryptography, entropy has a distinct but similar meaning. In cryptography, entropy refers to the randomness collected by a system for use in algorithms that require random data.
Elliptic Curve Cryptography (ECC) is a modern public-key encryption technique famous for being smaller, faster, and more efficient than incumbents. Bitcoin, for example, uses ECC as its asymmetric cryptosystem because it is so lightweight. The mathematical entity that makes all of this possible is the elliptic curve, so read on to learn how these curves enable some of the most advanced cryptography in the world. What is elliptic curve cryptography used for?
With quantum computers getting more powerful each year, many worry about the safety of modern encryption standards. As quantum computers improve in performance and the number of qubits used for calculations increases, current cryptosystems are under threat. AES-256 is one of the most powerful symmetric ciphers, but will it remain secure in a post-quantum world? What will break post-quantum? Many asymmetric encryption algorithms have been mathematically proven to be broken by quantum computers using Shor’s algorithm.
Bcrypt is a key derivation function, which can be thought of as a special kind of hash function. Its purpose is to slowly convert a piece of input data to a fixed-size, deterministic, and unpredictable output. A common use case is to convert a password into an n-bit cryptographic key, which can then be used for safe authentication. What does a Bcrypt hash look like? Using Bcrypt on the password myPassword123 would produce something like the following:
Lattice-based cryptography, an important contender in the race for quantum-safe encryption, describes constructions of cryptographic primitives that involve mathematical lattices. Lattices, as they relate to crypto, have been coming into the spotlight recently. In January 2019, Many of the semifinalists in the NIST post-quantum-cryptography competition were based on lattices. Lattice-based cryptography has promising aspects that give us hope for cryptographic security in a post-quantum world. What is a Lattice? According to Wikipedia, a lattice is the set of all integer linear combinations of basis vectors:
Adi Shamir’s Secret Sharing is a cryptographic algorithm that allows distinct parties to jointly share ownership of a single secret by holding shares. The original secret can only be reconstructed by using a minimum number of shares, which allows different parties to cooperate without the need to fully trust one another. Example Problem To illustrate, let’s imagine that a family of four all share a single Bitcoin wallet. This Bitcoin wallet contains a single private key that all members of the family co-own.
We just launched our new Practical Cryptography course, a code-in-the-browser tutorial where students build cryptographic functions in the Go programming language. Practical Cryptography stands out among online cryptography courses because it not only teaches crypto fundamentals, but it allows users to get hands-on experience building out the code. What’s Included? The course has four modules covering the following topics: Cryptography History and Overview Stream Ciphers and XOR math Block Ciphers and Key Schedules Hashes and Key Derivation Functions We are already planning a sequel to this course which will cover public-key cryptography and some other more advanced concepts.
If you’ve seen The Imitation Game or studied computer science in school, you have likely heard of Enigma, Alan Turing, or some of the other advances in cryptography that took place during the Second World War. During this time and until the 1970s, governments from around the world had near-total control of all cryptographic systems. It was nearly impossible to learn about encryption without going through a government agency. One of the major contributing factors to cryptography becoming a discipline within the public domain was Whitfield Diffie and Martin Hellman’s invention of public-key cryptography in 1976.
HMACs and MACs are authentication codes and are often the backbone of JWT authentication systems. A Message Authentication Code (MAC) is a string of bits that depends on a secret key and is sent with a message to prove the message wasn’t tampered with. HMACs are a more strict version of MACs that offer additional security benefits. MAC - Message Authentication Code MACs are exactly what they sound like; small codes that allow receivers of messages to know who the sender was (authentication).
PGP, or its open-source alternative, GPG, is a program used to encrypt data such that only an authorized party can decrypt it. In this introduction, we will cover its use-cases and a high-level overview of the algorithms involved. Both programs (and others) adhere to the OpenPGP protocol. Because it is an implementation agnostic protocol, people can use the software they are most comfortable with and still send secure messages to each other.