adam's notes

Cryptographic Primitive

A cryptographic primitive is a basic building block (algorithm) of cryptography.

  • e.g., a single hash function, symmetric cipher, or asymmetric cipher
  • a primitive provides a security service:
    • data integrity
    • authentication
    • digital signature
    • non-repudiation
  • a complete cryptographic system or product uses multiple cryptographic primitives within a cipher suite
  • properties of different primitives, and of specific ciphers for each type, impose limitations on their use in different contexts and for different purposes
    • Public key cryptography
      • can authenticate a sender
      • they control a private key that produces messages in a way that no one else can
    • Hashing
      • proves integrity by computing a unique fixed-size message digest from any variable length input
    • these can be combined to make a digital signature

Types of Primitives

  • Encryption
    • uses an algorithm and a key to hide the meaning of a message
    • can be symmetric or asymmetric
    • provides the confidentiality security service
  • Cryptographic hash function
    • outputs a fixed-length string for a variable-length input string
    • provides the data integrity security service
  • Message Authentication Code (MAC)
    • uses a cryptographic hash function and symmetric encryption to provide the data integrity and authenticity security services
  • Digital signature
    • uses a cryptographic hash function and asymmetric encryption to provide the data integrity, authenticity, and non-repudiation security services
  • Shared-secret generation
  • Pseudorandom number generation
    • PRNG is a function that outputs a sequence of numbers, such that at any point, the next number cannot be predicted based on the previous numbers
    • true RNGs are difficult to realize on computers
      • because computers are deterministic
    • with each distinct initialization value (seed), a PRNG generates a distinct sequence of numbers
    • based on hash functions
    • security of a cryptographic algorithm relies on the randomness in the sequence of random numbers used

Cryptographic Primitives

Primitives and Their Security Service

ServiceEncryption1Hash functionMAC2Digital signature3
ConfidentialityYesNoNoNo
IntegrityNoNo4YesYes
AvailabilityNoNoNoNo
Message authenticationNoNoYesYes
Entity authenticationNoNoNoYes
Non-repudiationNoNoNoYes

Footnotes

  1. Both symmetric and asymmetric cryptography.

  2. Symmetric cryptography only.

  3. Asymmetric cryptography only.

  4. Integrity is verified only if either data or tag may be altered, but not both.

Graph View

Backlinks