3.7. Summary

In this chapter, we looked at some basic cryptography that we will need in the rest of the text. In our examination of stream ciphers, we studied RC4a simple but very effective cipher that generates a pseudorandom key stream that is exclusive-ORed into the plaintext to encrypt it.

In our study of block ciphers, we looked at DES and Rijndael in detail and mentioned the 3DES and Blowfish ciphers. We saw how running ciphers in CBC mode can improve their security by obscuring data that occurs in more than one message.

One problem with stream and block ciphers is that the parties to the communication must share a secret key in advance. This problem can be avoided by using an asymmetric cipher, such as RSA or ElGamal. Because asymmetric ciphers have different keys for encryption and decryption, each party can publish its public (encryption) key so that anyone can use it to encrypt a message for them. Because a message can be decrypted only with the secret key, the communication is secure. We saw how the same ideas can be used by two parties to independently calculate a secret key without any previously shared information.

Next, we studied cryptographic hash functions and their use in message authentication codes. These ideas can be generalized to produce a digital signature that guarantees authenticity of a document and provides for nonrepudiation.

Finally, we took a brief look at certificates and public key infrastructures. A general PKI is very difficult to produce but can be effective for smaller, specific applications.