Cryptography Notes
- Book: Understanding Cryptography – Paar/Pelzi
- Course: Introduction to Cryptography (YouTube) – Paar
- Website: zkhack.dev - by Boneh?
- Course: Cryptography 1 - Boneh
-
Exercises: Cryptopals
- Quantum computers break the hardness assumption of discrete log and
factoring primes.
- RSA is broken.
- SHA256 has a sqrt() (quadratic) improvement - i.e. 256 -> 128.
-
Quantum computers are struggling with quantum error correction.
- ElGamal encryption system (1985) [wiki][55555]
- (n.b. not ElGamal signature scheme)
- DHKE-based pubkey encryption scheme
- uses cyclic groups, typically integers modulo a prime
- relies on discrete log hardness
- multiplicatively homomorphic (
E(c1) * E(c2) = E(c1*c2)
) - not used in modern FHE though, no addition and grows fast
- key generation is exponentiation in the group, h = g^x
- encryption is,
- map message -> group element, m
- pick random integer y
- s = h ^ y (shared secret s)
- ciphertext is two parts; g^y and m * s
- c1, c2, m can be used to reconstruct s & y, so new one generated every message
- decryption
- depends on which cyclic group used, but generally modular
multiplicative inverse (using extended euclidean)
- then map back to original message