一文入门Cipher Suites: Ciphers, Algorithms and Negotiating Security Settings

The Transport Layer Security (TLS) Protocol Version 1.2, Version 1.3

Cipher suites are named combinations of:

- Key Exchange Algorithms (RSA, DH, ECDH, DHE, ECDHE, PSK)
- Authentication/Digital Signature Algorithm (RSA, ECDSA, DSA)
- Bulk Encryption Algorithms (AES, CHACHA20, Camellia, ARIA)
- Message Authentication Code Algorithms (SHA-256, POLY1305)

DH for Diffie–Hellman key exchange, What is the Diffie–Hellman key exchange and how does it work?, “Diffie-Hellman Key Exchange” in plain English

- What is RSA encryption and how does it work?
- 常见加密算法分类,用途,原理以及比较
- 离散对数加密算法
- 证明与计算(2): 离散对数问题(Discrete logarithm Problem, DLP)

Signal protocol 开源协议理解

【翻译】WhatsApp 加密概述（技术白皮书）

Signal协议与系统分析一：需求与特性篇

Signal协议与系统分析二：三方密钥协商协议X3DH

理解椭圆函数加密（初等内容介绍）
理解零知识证明和协议

This document describes how to create and verify EdDSA-compatible signatures using public key and private key formats initially defined for the X25519 and X448 elliptic curve Diffie-Hellman functions. This document also describes “VXEdDSA” which extends XEdDSA to make it a verifiable random function, or VRF.

This document describes the “X3DH” (or “Extended Triple Diffie-Hellman”) key agreement protocol. X3DH establishes a shared secret key between two parties who mutually authenticate each other based on public keys. X3DH provides forward secrecy and cryptographic deniability.

This document describes the Double Ratchet algorithm, which is used by two parties to exchange encrypted messages based on a shared secret key. The parties derive new keys for every Double Ratchet message so that earlier keys cannot be calculated from later ones. The parties also send Diffie-Hellman public values attached to their messages. The results of Diffie-Hellman calculations are mixed into the derived keys so that later keys cannot be calculated from earlier ones. These properties give some protection to earlier or later encrypted messages in case of a compromise of a party’s keys.

This document describes the Sesame algorithm for managing message encryption sessions in an asynchronous and multi-device setting.

comments powered by Disqus