init

technology/Cryptography/AES.md

@@ -0,0 +1,71 @@
+---
+obj: concept
+---
+
+# AES
+The Advanced Encryption Standard (AES) is a widely adopted symmetric encryption algorithm used to secure sensitive data. It was established as a standard by the U.S. National Institute of Standards and Technology (NIST) in 2001, following a public competition to select a successor to the Data Encryption Standard (DES). AES is known for its efficiency, security, and versatility, making it a popular choice for various applications, including data encryption, secure communications, and cryptographic protocols.
+
+## Key Features
+### 1. **Symmetric Encryption**
+AES is a symmetric encryption algorithm, meaning the same key is used for both encryption and decryption. This key is kept secret between the communicating parties.
+
+### 2. **Block Cipher**
+AES operates on fixed-size blocks of data, encrypting and decrypting data in blocks of 128 bits. It supports key sizes of 128, 192, or 256 bits.
+
+### 3. **Key Expansion**
+The key expansion process in AES generates a set of round keys derived from the original key. These round keys are used in the multiple rounds of encryption and provide a high level of security.
+
+### 4. **Rounds of Encryption**
+AES performs a series of transformations known as rounds. The number of rounds depends on the key size: 10 rounds for a 128-bit key, 12 rounds for a 192-bit key, and 14 rounds for a 256-bit key.
+
+### 5. **Substitution-Permutation Network (SPN) Structure**
+AES employs an SPN structure, combining substitution (replacing each byte with another) and permutation (rearranging bytes) operations to achieve confusion and diffusion, enhancing the algorithm's security.
+
+## Encryption Process
+1. **Key Expansion:** Generate a set of round keys from the original key.
+2. **Initial Round:** Add the initial round key to the plaintext.
+3. **Main Rounds:** Perform a series of substitution, permutation, and mixing operations for the specified number of rounds.
+4. **Final Round:** The final round excludes the mixing operation.
+5. **Output:** The result is the ciphertext.
+
+## Decryption Process
+1. **Key Expansion:** Generate the round keys from the original key.
+2. **Initial Round:** Add the initial round key to the ciphertext.
+3. **Main Rounds:** Perform the inverse operations of the encryption process in reverse order.
+4. **Final Round:** The final round excludes the mixing operation.
+5. **Output:** The result is the decrypted plaintext.
+
+## Strengths of AES
+- **Security:** AES has withstood extensive cryptanalysis and is considered highly secure when implemented correctly.
+- **Efficiency:** It is computationally efficient and well-suited for both hardware and software implementations.
+- **Versatility:** AES is used in various applications, including securing data at rest, data in transit, and cryptographic protocols like TLS.
+
+## Variants of AES
+- **AES-128:** Uses a 128-bit key and 10 rounds of encryption.
+- **AES-192:** Uses a 192-bit key and 12 rounds of encryption.
+- **AES-256:** Uses a 256-bit key and 14 rounds of encryption.
+
+## Usage
+One can use AES with [OpenSSL](../applications/OpenSSL.md) or [GPG](../tools/GPG.md):
+
+### OpenSSL
+Encrypt:
+```shell
+openssl enc -aes-256-cbc -salt -in plaintext.txt -out encrypted_file.enc
+```
+
+Decrypt:
+```shell
+openssl enc -aes-256-cbc -d -in encrypted_file.enc -out decrypted_file.txt
+```
+
+### GnuPG
+Encrypt:
+```shell
+gpg -c --cipher-algo AES256 file.txt
+```
+
+Decrypt:
+```shell
+gpg -d file.txt.gpg -o decrypted_file.txt
+```

technology/Cryptography/Cryptography.md

@@ -0,0 +1,17 @@
+---
+obj: concept
+---
+
+# Cryptography
+Cryptography is the science and art of securing communication and information through the use of mathematical techniques and algorithms. It plays a crucial role in ensuring confidentiality, integrity, and authenticity of data in various applications, including communication systems, financial transactions, and information storage.
+
+## Cryptographic Algorithms
+### 1. **Symmetric-Key Algorithms**
+Symmetric-key algorithms use the same key for both encryption and decryption. They are efficient and fast, making them suitable for bulk data encryption. See [AES](AES.md).
+
+### 2. **Asymmetric-Key Algorithms**
+Asymmetric-key algorithms use a pair of public and private keys. The public key is shared openly, while the private key is kept secret. Data encrypted with the public key can only be decrypted with the corresponding private key, and vice versa. See [RSA](RSA.md).
+
+### 3. **Hash Functions**
+
+Hash functions take input data and produce a fixed-size hash value, typically a string of characters. They are fundamental for data integrity verification. See [SHA](SHA.md).

technology/Cryptography/RSA.md

@@ -0,0 +1,63 @@
+---
+obj: concept
+---
+
+# RSA
+RSA (Rivest-Shamir-Adleman) is a widely used asymmetric encryption algorithm that enables secure communication and digital signatures. Named after its inventors, Ron Rivest, Adi Shamir, and Leonard Adleman, RSA relies on the mathematical properties of large prime numbers for its security.
+
+## Key Concepts
+### 1. **Asymmetric Encryption**
+RSA is an asymmetric algorithm, meaning it uses a pair of keys: a public key for encryption and a private key for decryption. The public key is widely distributed, while the private key is kept secret.
+
+### 2. **Key Generation**
+- **Key Pair:** The RSA key pair consists of a public key and a corresponding private key.
+- **Public Key:** Composed of a modulus $N$ and an exponent $e$.
+- **Private Key:** Composed of the same modulus $N$ and a private exponent $d$.
+- **Key Generation Process:**
+    1. Select two large prime numbers, $p$ and $q$.
+    2. Compute $N = pq$.
+    3. Compute $ϕ(N) = (p - 1)(q - 1)$.
+    4. Choose $e$ such that $1 < e < ϕ(N)$ and $e$ is coprime to $ϕ(N)$.
+    5. Calculate $d$ as the modular multiplicative inverse of $e$ modulo $ϕ(N)$.
+    6. The public key is $(N, e)$ and the private key is $(N, d)$.
+
+### 3. **Encryption and Decryption**
+- **Encryption:** Given the public key $(N,e)$, a plaintext message $M$ is encrypted as $C = M^e \mod N$.
+- **Decryption:** Using the private key $(N,d)$, the ciphertext $C$ is decrypted as $M = C^d \mod N$.
+
+### 4. **Digital Signatures**
+RSA is commonly used for digital signatures to verify the authenticity and integrity of messages. The sender signs a message with their private key, and the recipient can verify the signature using the sender's public key.
+
+## Security Considerations
+- The security of RSA relies on the difficulty of factoring the product of two large prime numbers $(N = porque)$.
+- The key length is crucial for security; longer keys provide higher security but may be computationally more expensive.
+
+## Using RSA in Practice
+Using RSA can be done either with [OpenSSL](../applications/OpenSSL.md) or [GPG](../tools/GPG.md).
+
+### 1. **Key Generation:**
+```shell
+# Generate a 2048-bit RSA private key
+openssl genpkey -algorithm RSA -out private_key.pem -aes256
+
+# Derive the corresponding public key
+openssl rsa -pubout -in private_key.pem -out public_key.pem
+```
+
+### 2. **Encryption and Decryption:**
+```shell
+# Encrypt a message with the public key
+openssl rsautl -encrypt -in plaintext.txt -out ciphertext.enc -pubin -inkey public_key.pem
+
+# Decrypt the ciphertext with the private key
+openssl rsautl -decrypt -in ciphertext.enc -out decrypted.txt -inkey private_key.pem
+```
+
+### 3. **Digital Signatures:**
+```shell
+# Sign a message with the private key
+openssl dgst -sha256 -sign private_key.pem -out signature.bin message.txt
+
+# Verify the signature with the public key
+openssl dgst -sha256 -verify public_key.pem -signature signature.bin message.txt
+```

technology/Cryptography/SHA.md

@@ -0,0 +1,17 @@
+---
+obj: concept
+---
+
+# SHA
+SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designed by the United States National Security Agency (NSA) and first published in 2001. They are built using the Merkle–Damgård construction, from a one-way compression function itself built using the Davies–Meyer structure from a specialized block cipher.
+
+SHA-2 includes significant changes from its predecessor, SHA-1. The SHA-2 family consists of six hash functions with digests (hash values) that are 224, 256, 384 or 512 bits: SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256. SHA-256 and SHA-512 are novel hash functions computed with eight 32-bit and 64-bit words, respectively. They use different shift amounts and additive constants, but their structures are otherwise virtually identical, differing only in the number of rounds. SHA-224 and SHA-384 are truncated versions of SHA-256 and SHA-512 respectively, computed with different initial values. SHA-512/224 and SHA-512/256 are also truncated versions of SHA-512, but the initial values are generated using the method described in Federal Information Processing Standards (FIPS) PUB 180-4.
+
+SHA has libraries for many programming languages and can be used with [OpenSSL](../applications/OpenSSL.md) or the `shasum` command.
+
+## Purpose
+Hash functions play a crucial role in [cryptography](Cryptography.md) and information security. They take an input (or message) and produce a fixed-size string of characters, which is typically a digest or hash value. The primary purposes of SHA hash functions include:
+
+1. **Data Integrity**: Hash functions ensure the integrity of data by generating a unique hash value for a given input. Any change in the input data will result in a completely different hash, making it easy to detect alterations.
+2. **Digital Signatures**: SHA is often used in conjunction with digital signatures to create a secure and verifiable way of confirming the origin and integrity of a message or document.
+3. **Password Storage**: Hash functions are employed to store passwords securely. Instead of storing the actual password, systems store the hash of the password, making it more challenging for attackers to obtain the original passwords.