1 Introduction

 

This chapter covers

  • What is cryptography, and why is it important?
  • Where and how is cryptography used?
  • How does this book cover cryptography?
  • How does our approach differ from other books that cover this topic?

Getting cryptography right is paramount for ensuring digital security in the modern world. The mathematical ideas and theory behind cryptography are hard to break, whereas the implementations (transforming mathematical ideas to reality via engineering processes, e.g., programming code and designing hardware) have orders of magnitude more vulnerabilities that are much easier to exploit. For these reasons, malicious actors regularly target flaws in implementations to “break” crypto. We wanted to capture these attacks with an organized approach so that engineers working in information security can use this book to build an elementary intuition about how cryptographic engineering usually falls prey to adversaries.

In the upcoming chapters, we will dive into the technical details of how cryptography is implemented and exploited. But before that, let’s first go through a high-level view of what cryptography is.

1.1 What is cryptography?

Cryptography builds on top of computer science to provide algorithms, tools, and practices for accomplishing the following security goals (see figure 1.1):

1.2 How does cryptography work?

1.2.1 Confidentiality

1.2.2 Integrity

1.2.3 Authenticity

1.3 Attacks on cryptographic theory vs. attacks on implementations

1.4 What will you learn in this book?

Summary