Cryptography

if crypto to you only means blockchain#Cryptocurrency, please leave

A Crash Course in Everything Cryptographic – Noteworthy - The Journal Blog ❗!important
Crypto 101

Journey into cryptography | Computer science | Computing | Khan Academy
Cryptography I | Coursera
The Cryptopals Crypto Challenges
7 Cryptography Concepts EVERY Developer Should Know - YouTube

In cryptography, these entities are usually used:

Alice, Bob, Charles, Douglas: authentic users
Eve: eavesdropper
Mallory: MITM attacker
Satan: malicious user/hacker

Algorithms

Bit security measures the number of trials required to brute-force a key. 128 bit security means 2128 trials to break.

Cryptographic nonce - Wikiwand
Comparison of cryptography libraries - Wikiwand

cryptography - Do any security experts recommend bcrypt for password storage? - Information Security Stack Exchange
BCrypt Explained - DEV Community 👩‍💻👨‍💻

Computer and Network Security by Avi Kak

lukeed/salteen: A snappy and lightweight (259B) utility to encrypt and decrypt values with salt.

Authenticity

Message authentication code - Wikiwand MAC
Hash-based message authentication code - Wikiwand HMAC, hash with secret key
Moxie Marlinspike >> Blog >> The Cryptographic Doom Principle Encrypt-then-MAC

Securing Stream Ciphers (HMAC) - Computerphile - YouTube
SHA: Secure Hashing Algorithm - Computerphile - YouTube

Public Key Cryptography:
Digital Signatures: encrypt a known data (nounce or message hash) with sender's private key
Certificate Authorities: a trusted third party that will digitally sign and publish the public key bound to a user or entity

Storing password

How To Safely Store A Password | codahale.com bcrypt
Secure Salted Password Hashing - How to do it Properly
The difference between Encryption, Hashing and Salting

Serious Security: How to store your users’ passwords safely – Naked Security
How Dropbox securely stores your passwords | Dropbox Tech Blog

scrypt - Wikiwand
bcrypt - Wikiwand
Salt (cryptography) - Wikiwand

PBKDF2 - Wikiwand
PBKDF2 Hashing Algorithm. Before moving into the PBKDF2 hashing… | by Nishothan Vettivel | Medium
https://www.ietf.org/rfc/rfc2898.txt

Argon2 - Wikiwand
P-H-C/phc-winner-argon2: The password hash Argon2, winner of PHC
How to enable Argon2 KDF in Bitwarden - gHacks Tech News

Implementation

openssl

The Linux Crypto API for user applications
This is slower than OpenSSL

AES instruction set - Wikiwand

Key Exchange

End to End Encryption (E2EE) - Computerphile - YouTube
How Signal Instant Messaging Protocol Works (& WhatsApp etc) - Computerphile - YouTube

Secret Key Exchange (Diffie-Hellman) - Computerphile - YouTube
Diffie Hellman -the Mathematics bit- Computerphile - YouTube
Key Exchange Problems - Computerphile - YouTube
Double Ratchet Messaging Encryption - Computerphile - YouTube

Block Ciphers

contrast "stream ciphers", where encrypted strings are the same length as the plaintext

Symmetric-key algorithm - Wikiwand

Lecture3 Lecture 3: Block Ciphers and the Data Encryption Standard

Anatomy of a password disaster – Adobe’s giant-sized cryptographic blunder – Naked Security study of Adobe's leaked password database

Feistel Cipher - Computerphile - YouTube

Modes of operation

Block cipher mode of operation - Wikiwand

Block ciphers, as the name suggests, encrypts blocks. The methods of segmenting data into blocks is called "modes of operation".

Modes of Operation - Computerphile - YouTube
ECB: simply divides a message into 16 byte blocks, preserves pattern (for experts only: ECB should never be used except in some very specific cases)
CBC: first block XORed with Initialization Vector (IV) (nonce), every other block XORed with the ciphertext of the block preceding it; however this introduces dependency on previous block and encryption cannot be parallelized
CTR: uses counter and nounce (similar to IV) per block to allow each block to be encrypted concurrently

Authenticated encryption - Wikiwand protects against chosen ciphertext attack on decryption oracle
Authenticated Encryption in .NET with AES-GCM

AES

Advanced Encryption Standard - Wikiwand
Lecture 8: AES: The Advanced Encryption Standard
Protect your TCP tunnel by implementing AES encryption with Python [Tutorial] | Packt Hub

Crypto competitions: AES: the Advanced Encryption Standard
AES Explained (Advanced Encryption Standard) - Computerphile - YouTube
One Encryption Standard to Rule Them All! - Computerphile - YouTube
Almost All Web Encryption Works Like This (SP Networks) - Computerphile - YouTube

DES

Even Triple DES (3-DES) is not recommended

Commands

opessl openssl is for proof of concept

man enc  # show ciphers

# encryption
openssl aes-256-cbc -in attack-plan.txt -out message.enc

# decryption
openssl aes-256-cbc -d -in message.enc -out plain-text.txt

gpg

# encryption
gpg --cipher-algo AES256 --symmetric filename.tar.gz

# decryption
gpg --output filename.tar.gz --decrypt filename.tar.gz.gpg

AES Crypt
aescrypt

Stream Ciphers

Chacha Cipher

alternative to AES

Chacha Cipher - Computerphile - YouTube
ARX cipher: add, rotate, xor

Public Key Cryptography

Public-key cryptography - Wikiwand
Public Key crypto simply works with numbers. This means that any messages would have to be converted into a number before being encrypted.