Encrypt & Decrypt

basic info about cryptography

一文入门Cipher Suites: Ciphers, Algorithms and Negotiating Security Settings

The Transport Layer Security (TLS) Protocol Version 1.2, Version 1.3

Cipher suites are named combinations of:

  • Key Exchange Algorithms (RSA, DH, ECDH, DHE, ECDHE, PSK)
  • Authentication/Digital Signature Algorithm (RSA, ECDSA, DSA)
  • Bulk Encryption Algorithms (AES, CHACHA20, Camellia, ARIA)
  • Message Authentication Code Algorithms (SHA-256, POLY1305)

DH for Diffie–Hellman key exchange, What is the Diffie–Hellman key exchange and how does it work?, “Diffie-Hellman Key Exchange” in plain English

Signal protocol 开源协议理解
【翻译】WhatsApp 加密概述(技术白皮书)
Signal协议与系统分析一:需求与特性篇
Signal协议与系统分析二:三方密钥协商协议X3DH
理解椭圆函数加密(初等内容介绍) 理解零知识证明和协议


official doc

XEdDSA and VXEdDSA

This document describes how to create and verify EdDSA-compatible signatures using public key and private key formats initially defined for the X25519 and X448 elliptic curve Diffie-Hellman functions. This document also describes “VXEdDSA” which extends XEdDSA to make it a verifiable random function, or VRF.

X3DH

This document describes the “X3DH” (or “Extended Triple Diffie-Hellman”) key agreement protocol. X3DH establishes a shared secret key between two parties who mutually authenticate each other based on public keys. X3DH provides forward secrecy and cryptographic deniability.

Double Ratchet

This document describes the Double Ratchet algorithm, which is used by two parties to exchange encrypted messages based on a shared secret key. The parties derive new keys for every Double Ratchet message so that earlier keys cannot be calculated from later ones. The parties also send Diffie-Hellman public values attached to their messages. The results of Diffie-Hellman calculations are mixed into the derived keys so that later keys cannot be calculated from earlier ones. These properties give some protection to earlier or later encrypted messages in case of a compromise of a party’s keys.

Sesame

This document describes the Sesame algorithm for managing message encryption sessions in an asynchronous and multi-device setting.

 
comments powered by Disqus