Crittography CheatSheet
π§ CHEATSHEET: Cryptography
π 1. The 3 Pillars at a Glance
Asymmetric Algorithm
Core Purpose: Key exchange and Digital Signatures.
Length: RSA 4096 bits / ED25519 256 bits.
Metaphor: The mailbox system (Public slot vs Private key).
Symmetric Algorithm
Core Purpose: Fast encryption for large files and data bulk.
Length: 256-bit key.
Metaphor: High-security safe with a single shared combination key.
Cryptographic Hash
Core Purpose: Integrity check and unique digital fingerprinting.
Length: Output is always locked at 256 bits.
Metaphor: The kitchen blender (Bake the cake, but you can’t unbake it).
π 2. The Asymmetric Key Mechanism
Golden Rule: They form an inseparable pair. What one key locks, only the other can unlock. It is a strictly one-way street.
Encryption: Performed using the recipient’s Public Key. The data becomes unreadable.
Decryption: Performed using your own Private Key.
Side effect: The sender becomes blind to the text one millisecond after encryption. They cannot decrypt their own message.
Signing: Pass the file through the blender (SHA-256) β get the Hash β lock it with your own Private Key.
Verifying: Recipient receives the payload β recalculates the Hash β uses the sender’s Public Key to verify the seal.
Note: If even a single bit of the file is changed, the hash output collapses completely (Avalanche Effect).
πΆ 3. Bidirectional Communication (RX / TX) Between A and B
To establish secure transmission, a dual asymmetric track is required:
- TX Channel (From A to B): A encrypts for B using B’s Public Key. B decrypts using their Private Key.
- RX Channel (From B to A): B responds to A using A’s Public Key. A decrypts using their Private Key.
Asymmetric keys are computationally slow. They are only used during the initial split seconds (Handshake) to exchange the symmetric key:
A generates a temporary AES-256 key β Encrypts it with B's Public Key β B decrypts it with their Private Key.
From that millisecond onward, they use only AES-256 for data transmission (secure, lightweight, and instant).
π¦Ή 4. The Real Weakest Links (Where Hackers Actually Attack)
Hackers do not attack the pure mathematics of AES-256 (requires too much energy). They target environment loopholes:
- πΉ Private Key Theft: Deploying malware or Trojans on the victim’s PC to harvest the key directly from the hard drive or memory storage.
- πΉ Man-in-the-Middle (MitM): An attacker intercepts the handshake sequence and hands A a fake public key while pretending to be B. (Resolved via HTTPS Certificates).
- πΉ Timing Attacks: Measuring the CPU processing time down to the nanosecond to guess whether the secret key bits are 0s or 1s. (Mitigated by constant-time execution).
π 5. The Quantum Future
A specialized quantum routine capable of resolving prime factorization (RSA) and discrete logarithms (ECC). It converts an exponentially difficult problem into a linear one, breaking traditional asymmetric frameworks in seconds. It uses quantum superposition and the Quantum Fourier Transform (QFT) to isolate hidden periods. It requires massive, stable quantum systems that are not yet production-ready.
The upcoming defense standards drop prime numbers and curves completely. They replace them with the architectural complexity of multi-dimensional matrix lattices, which quantum workflows cannot bypass.
- ML-KEM (formerly Kyber): Used for secure key exchange mechanisms (already live across Chrome and Signal).
- ML-DSA (formerly Dilithium): Used to create future-proof quantum-resistant digital signatures.
Command to generate hybrid SSH keys (Present + Quantum Future):
ssh-keygen -t mlkem768-ed25519
0 Comments