pk.org: CS 419/Lecture Notes

Public key crytography and data integrity

Terms and concepts you should know

Paul Krzyzanowski – September 21, 2025

Public Key Cryptography

Shared symmetric keys
A common secret value used by two parties for symmetric encryption.
One-way function
A function that is easy to compute but hard to reverse.
Trapdoor function
A one-way function that is easy to invert only with special secret knowledge.
Public-key algorithm
A cryptographic algorithm that uses paired public and private keys.
Asymmetric cryptography
Another term for public key cryptography.
Public key
The openly shared key used for encryption or signature verification.
Private key
The secret key used for decryption or signing.
Factoring
The problem of finding the prime factors of a composite number; basis of RSA.
Discrete logarithms
The problem of finding the exponent in modular arithmetic; basis of Diffie–Hellman and ECC.
RSA
A public key system based on factoring, used for encryption and digital signatures. Larger key sizes are needed as computing power grows.
ECC
Elliptic-curve cryptography, based on discrete logarithms over elliptic curves.

Diffie–Hellman and Hybrid Systems

Diffie–Hellman Key Exchange
A protocol that allows two parties to establish a shared secret over an insecure channel.
Hybrid cryptosystem
Combines public key methods for key exchange with symmetric ciphers for encrypting data.
Forward secrecy
Ensures past session keys remain secure even if long-term keys are later compromised. Usually provided by ephemeral Diffie-Hellman key exchange (ephemeral = D-H public/private keys are generated fresh for each session)
Long-term key
A cryptographic key pair intended for extended use (months or years), typically bound to an identity and used for tasks like authentication or signing.
Ephemeral key
A short-lived asymmetric key generated for a single protocol run (e.g., in Diffie–Hellman). It is discarded afterward to provide forward secrecy.
Session key
A temporary symmetric key derived during a protocol run, used to encrypt and authenticate traffic in one communication session.

Hash Functions and Integrity

Cryptographic hash function
Maps input data to a fixed-length digest in a way that is hard to reverse.
Message digest
The fixed-size output of a hash function; sometimes we just call it a hash.
Preimage resistance
Hard to find an input that hashes to a given output.
Second preimage resistance
Hard to find a different input that produces the same hash as a specific given input.
Collision resistance
Hard to find two different inputs that produce the same hash.
Avalanche effect
A small change in input causes a large, unpredictable change in the hash output.
Uniformity
Property outputs are evenly distributed across the entire output space.
Pigeonhole principle
Explains why collisions must exist since many inputs map to fewer outputs.
Birthday paradox
Shows collisions are easier to find than expected; probability rises quickly with more inputs.
Recognize SHA-1, SHA-2 (SHA-256, SHA-512), SHA-3
Major standardized cryptographic hash functions.

Integrity: MACs and Digital Signatures

Message authentication code (MAC)
A keyed hash value used to ensure message integrity.
HMAC
A MAC constructed from a hash function and a secret key.
CBC-MAC / CMAC
MACs built from block cipher modes.
Digital signature
A value computed with a private key that proves the origin and integrity of data.
Signing
Creating a digital signature with a private key.
Verification (Validation)
Checking a digital signature using the corresponding public key.
Non-repudiation
Assurance that a signer cannot later deny creating a valid digital signature.

Authentication and Trust

Digital certificates (X.509)
Certificates that bind a public key to an identity such as a domain name.
Certification Authority (CA)
A trusted entity that issues and signs digital certificates.
Trust store
A system-maintained collection of trusted root certificates.
Certificate chain
A sequence of certificates from the server’s certificate up to a trusted root CA, used to validate authenticity.

Quantum and Post-Quantum

Quantum computing threat
The possibility that future quantum computers could break today’s public key systems.
Shor’s algorithm
A quantum algorithm that efficiently solves factoring and discrete logarithm problems.
Grover’s algorithm
A quantum algorithm that speeds up brute-force search, reducing effective key sizes.
Post-quantum cryptography (PQC)
New classical cryptosystems designed to resist both classical and quantum attacks.

TLS and Secure Communication

TLS (Transport Layer Security)
A protocol that provides secure communication over the internet using authentication, encryption, and integrity checks.
TLS Handshake
The process by which client and server agree on protocol versions, negotiate cryptographic algorithms, authenticate the server (and optionally client), and establish shared session keys.
Handshake transcript
The record of all handshake messages exchanged; used in signature and MAC calculations to prevent tampering.
ServerHello / ClientHello
Initial handshake messages where both sides advertise supported versions, cipher suites, and options.
Cipher suite
A named set of algorithms specifying key exchange, encryption, and authentication methods used in a TLS session.
HKDF (HMAC-based Key Derivation Function)
A standardized function that uses HMAC to derive multiple cryptographic keys from a shared secret, widely used in TLS to expand ephemeral secrets into session keys.
AEAD (Authenticated Encryption with Associated Data)
An encryption mode (e.g., AES-GCM, ChaCha20-Poly1305) that ensures both confidentiality and integrity while also authenticating associated unencrypted data like headers.
Authentication tag
A short value (MAC) included with each encrypted TLS record to confirm data integrity and authenticity.