Cryptographies

How does HTTPS encryption work?

Jan 26, 2023 by Lane Wagner

Hypertext Transfer Protocol Secure or HTTPS is an extension of the HTTP protocol. HTTPS secures the data transfer between client and server by encrypting all of the information communicated.

What is Cryptography? A Complete Overview

Sep 08, 2021 by Lane Wagner

What is cryptography? 🔗 Simply put, Cryptography provides a method for secure communication. It stops unauthorized parties, commonly referred to as adversaries or hackers, from gaining access to the secret messages communicated between authorized parties. The method that cryptography provides is called encryption.

Intro to the One-Time Pad Cipher

Jun 28, 2021 by Lane Wagner

In cryptography, the one-time pad, or OTP is a way of encrypting information so securely that it’s impossible to be cracked. That said, OTP has a major drawback in that it requires both parties to have access to the same key before a message is encrypted.

What Is Entropy In Cryptography?

Sep 28, 2020 by Lane Wagner

If you’re familiar with the laws of thermodynamics, you may recognize the second law as the one that deals with entropy. In the realm of physics, entropy represents the degree of disorder in a system. Because systems tend to degrade over time, thermodynamic energy becomes less available to do mechanical work.

Elliptic Curve Cryptography: A Basic Introduction

Sep 17, 2020 by Lane Wagner

Elliptic Curve Cryptography (ECC) is a modern public-key encryption technique famous for being smaller, faster, and more efficient than incumbents. Bitcoin, for example, uses ECC as its asymmetric cryptosystem because it is so lightweight. The mathematical entity that makes all of this possible is the elliptic curve, so read on to learn how these curves enable some of the most advanced cryptography in the world.

Is AES-256 Quantum Resistant?

Sep 10, 2020 by Lane Wagner

With quantum computers getting more powerful each year, many worry about the safety of modern encryption standards. As quantum computers improve in performance and the number of qubits used for calculations increases, current cryptosystems are under threat. AES-256 is one of the most powerful symmetric ciphers, but will it remain secure in a post-quantum world?

Bcrypt Step by Step

Aug 24, 2020 by Lane Wagner

Bcrypt is a key derivation function, which can be thought of as a special kind of hash function. Its purpose is to slowly convert a piece of input data to a fixed-size, deterministic, and unpredictable output. A common use case is to convert a password into an n-bit cryptographic key, which can then be used for safe authentication.

(Very) Basic Intro to Lattices in Cryptography

Aug 21, 2020 by Lane Wagner

Lattice-based cryptography, an important contender in the race for quantum-safe encryption, describes constructions of cryptographic primitives that involve mathematical lattices. Lattices, as they relate to crypto, have been coming into the spotlight recently. In January 2019, Many of the semifinalists in the NIST post-quantum-cryptography competition were based on lattices. Lattice-based cryptography has promising aspects that give us hope for cryptographic security in a post-quantum world.

Shamir's Secret Sharing Step-By-Step

Aug 18, 2020 by Lane Wagner

Adi Shamir’s Secret Sharing is a cryptographic algorithm that allows distinct parties to jointly share ownership of a single secret by holding shares. The original secret can only be reconstructed by using a minimum number of shares, which allows different parties to cooperate without the need to fully trust one another.

HMAC and MACs - The Inner Workings of JWTs

Aug 05, 2020 by Lane Wagner

HMACs and MACs are authentication codes and are often the backbone of JWT authentication systems. A Message Authentication Code (MAC) is a string of bits that depends on a secret key and is sent with a message to prove the message wasn’t tampered with. HMACs are a more strict version of MACs that offer additional security benefits.

(Very) Basic Intro to PGP (GPG)

Jul 27, 2020 by Lane Wagner

PGP, or its open-source alternative, GPG, is a program used to encrypt data such that only an authorized party can decrypt it. In this introduction, we will cover its use-cases and a high-level overview of the algorithms involved.

(Very) Basic Intro to the Scrypt Hash

Jul 25, 2020 by Lane Wagner

Scrypt is a slow-by-design key derivation function designed to create strong cryptographic keys. Simply put, the purpose of the Scrypt hash is to create a fingerprint of its input data but to do it very slowly. A common use-case is to create a strong private key from a password, where the new private key is longer and more secure. Here at boot.dev, we use a similar KDF for securing user passwords.

What is SHA-256?

Jul 08, 2020 by Lane Wagner

SHA-2 (Secure Hash Algorithm 2), of which SHA-256 is a part, is one of the most popular hash algorithms around. A cryptographic hash, also often referred to as a “digest”, “fingerprint” or “signature”, is an almost perfectly unique string of characters that is generated from a separate piece of input text. SHA-256 generates a 256-bit (32-byte) signature.

(Very) Basic Intro To White-Box Cryptography

Apr 27, 2020 by Lane Wagner

White-box cryptography combines methods of encryption and obfuscation to embed secret keys within application code. The goal is to combine code and keys in such a way that the two are indistinguishable to an attacker, and the new “white-box” program can be safely run in an insecure environment.

AES-256 Cipher – Python Cryptography Examples

Feb 06, 2020 by Lane Wagner

Want to encrypt text with a password or private key in Python? AES-256 is a solid symmetric cipher that is commonly used to encrypt data for oneself. In other words, the same person who encrypts the data also decrypts it, the way personal password managers work.

Will Banning Cryptography Keep the Country Safe?

Feb 05, 2020 by Lane Wagner

Politicians in the United States have been claiming recently that end-to-end encryption is certainly too dangerous to permit. This movement is serious. Congress even introduced a bill that would remove the protections that we currently have that allow us to legally encrypt information. Lindsey Graham is one such proponent of this restrictive legislation:

Is Open-Source Cryptography Really Secure?

Jan 30, 2020 by Lane Wagner

The purpose of cryptography is to keep information private, and the purpose of open-source is to make code public… So we shouldn’t open-source our cryptography algorithms right?

Hashing Passwords - Python Cryptography Examples

Jan 29, 2020 by Lane Wagner

Building a from-scratch server or using a lightweight framework is empowering. With that power comes responsibility, specifically the responsibility to securely store user’s passwords.

Why is Exclusive Or (XOR) Important in Cryptography?

Jan 18, 2020 by Lane Wagner

If you are getting into cryptography, or just trying to understand the fundamentals, you may have noticed that the exclusive or (XOR) operation is used quite often, especially in ciphers. XOR is a simple bitwise operation that allows cryptographers to create strong encryption systems, and consequently is a fundamental building block of practically all modern ciphers. Let’s dive into the details and see what makes XOR so important.

Cryptography Trends And News Going Into 2020

Jan 03, 2020 by Lane Wagner

Quantum Computing 🔗 Quantum computing may not be coming quite as fast as some in the field had certainly feared (or perhaps hoped). Google did, however, solve an impressive problem this year.

Intro to The AES-256 Cipher

Jan 02, 2020 by Lane Wagner

AES, or “Advanced Encryption Standard”, is an encryption specification that uses the Rijndael cipher as its symmetric key ciphering algorithm. AES encrypts a message with a private key, and no one but the key holder can decrypt the message. A great example of a good use-case for AES-256 is encrypting all the data on the hard drive of a computer when it’s not in use.

(Very) Basic Intro to Hash Functions (SHA-256, MD5, etc)

Jan 01, 2020 by Lane Wagner

Hash functions are used to securely store passwords, find duplicate records, quickly store and retrieve data, among other useful computational tasks. As a practical example, all user passwords on boot.dev are hashed using Bcrypt to ensure that if an attacker were ever to gain access to our database our user’s passwords wouldn’t be compromised.

Basic Intro to Key Derivation Functions

Dec 30, 2019 by Lane Wagner

A Key Derivation Function, or KDF, is a cryptographic algorithm that derives one or more secret keys from a secret value. If you’ve ever needed to store a password in a database or create a private key from a password, you may have used a KDF. Some examples of popular KDFs are Argon2, Scrypt, and PBKDF2.

Cryptology vs Cryptography - Definitions and Differences

Dec 16, 2019 by Lane Wagner

Many new developers are jumping right into writing code, usually for those fat paychecks, without learning much about the history of Computer Science. Alan Turing is recognized as the father of Computer Science, though many don’t know that his roots were in cryptology and mathematics. It was out of cryptology, cryptography, and mathematics that computer science was born.

Encoding vs Encryption - They Aren't the Same

Aug 14, 2019 by Lane Wagner

While encryption does involve various methods of encoding data, the two are absolutely not interchangeable. In fact, if you get them mixed up it can result in serious data breaches and security vulnerabilities.