# Notes on ‘Applied Cryptography, Chapter 1 - Foundations’

*2017-08-05*

Classic book by Bruce Schneier. The bible for people who want to implement cryptograpy. Published in 1993. There’s a newer version out there but I’ll settle with the old one for now.

Since this is an encyclopedic book, I’ll try to keep my notes brief and the reading cursory. The goal is to have a very basic overview. Let’s get started.

In the interest of shipping thing quickly and not letting things pile up, I’ll make these chapter notes public as they come. I might merge them at some later point.

## Chapter 1 - Foundations

Basic definitions. A person wants to send a message to
someone else and make sure noone can see the message. The
*sender* *encrypt* their message using a
*key*, turning the *plaintext* to
*ciphertext*. The *receiver* then
*decrypts* the ciphertext into plaintext. The plaintext
can be text or binary (such as as representing a movie) or
anything. There are various subdisciplines depending on if you
are making, breaking, or analyzing crypto. But let’s just call
it cryptography to keep it simple.

There is *symmetric* crypto and *asymmetric
crypto*. Symmetric crypto encrypts and decrypts the
ciphertext using the same key. The most basic example of crypto
is probably a Ceasar cipher, where each letter in the plaintext
is moved forward 13 characters. So the message “HI” would become
encrypted as “UV”.

Asymmetric crypto has two different keys, one for encrypting and one for decrypting. The public key can be exposed to everyone. It is expensive to go from public -> private key (decrypt), but cheap to go from private to public (encrypt).

Here is how we usually illustrate crypto functions in informal math notation. E - encrypt, D - decrypt, K - key, P - plaintext, C - ciphertext.

```
E_K(P) => C
D_K(C) => P
```

Properties that cryptography can maintain. One is
*confidentiality*, which is that noone can read the
message. Others are:

authentication (receiver knows this message could only have come from sender)

integrity (guarantee no one has messed with message)

non-repudiation (sender can’t claim they didn’t send message)

Obscurity vs security. Key premise is that all the
information about an algorithm is publicly available. Obscurity
is putting message in a really clever hiding place but really it
is insecure if attacker has to it. The design of the safe
*and the safe itself* should be available to attacker in
order to talk about security. This has proven to be the case in
multiple cases in history, and obscurity is no substitute for
security.

Stream vs block ciphers. Stream ciphers operate on one bit at a time, such as a Ceasar cipher, whereas a block cipher operates on some block of data as a whole.

One-time pads as the perfect cryptography. Requires long keys as each stream key (?) is unique for each letter. If you have a string “FAC” and encrypt “YES” you would get (H+Y)+(F+E)+(C+S). There is too much randomness in this attack. But requires long key exchange ahead of time, so very low bandwidth. Rumored to be used for for US-Soviet red line, and some Soviet spies.

Interesting properties of public key cryptography (or
asymmetric crypto). As A, if we sign with person B’s public key
only they can decrypt the message. If we sign with our private
key, “decrypting” with our public key can work as a form of
*digital signature*. No one else can produce ciphertext
that produces a desired, specific, plaintext when run through
the public key. Obviously everyone has access to this message
since the public key is public.

Crypto analysis. There are different types of attacks which
allow us to break the crypto. They work at different levels,
such as completely breaking the algorithm for decrypting an
arbitrary key, to being able to recover a specific message. The
most out of the box, and probably most real-world relevant one,
is a rubber-hose attack which is when someone threatens you to
give up your key until you comply. It’s not mentioned here, but
this touches on issues such as *plausible deniability*,
etc.