Public key crytography and data integrity

Public Key Cryptography

Shared symmetric keys: A common secret value used by two parties for symmetric encryption.
Trapdoor function: A one-way function that is easy to invert only with special secret knowledge.
One-way function: A function that is easy to compute but hard to reverse.
Public-key algorithm: A cryptographic algorithm that uses paired public and private keys.
Asymmetric cryptography: Another term for public key cryptography.
Public key: The openly shared key used for encryption or signature verification.
Private key: The secret key used for decryption or signing.
Factoring: The problem of finding the prime factors of a composite number; basis of RSA.
Discrete logarithms: The problem of finding the exponent in modular arithmetic; basis of Diffie–Hellman and ECC.
RSA: A public key system based on factoring, used for encryption and digital signatures. Larger key sizes are needed as computing power grows.
ECC: Elliptic-curve cryptography, based on discrete logarithms over elliptic curves.
Digital signature: A cryptographic method for proving authenticity and integrity of data.
Signing: Creating a digital signature with a private key.
Verification: Checking a digital signature using the corresponding public key.

Diffie–Hellman Key Exchange: A protocol that allows two parties to establish a shared secret over an insecure channel.
Hybrid cryptosystem: Combines public key methods for key exchange with symmetric ciphers for encrypting data.
Forward secrecy: Ensures past session keys remain secure even if long-term keys are later compromised.
Session key: A temporary symmetric key used for one communication session.
Ephemeral key: A short-lived key created for a single run of a protocol and then discarded.

Cryptographic hash function: Maps input data to a fixed-length digest in a way that is hard to reverse.
Message digest: The fixed-size output of a hash function.
Preimage resistance: Hard to find an input that hashes to a given output.
Collision resistance: Hard to find two different inputs that produce the same hash.
Weak vs. strong collision resistance: Weak means hard to find a collision for a given input; strong means hard to find any two colliding inputs.
Avalanche effect: A small change in input causes a large, unpredictable change in the hash output.
Diffusion: Property where small changes in input cause widespread changes in output bits.
Pigeonhole principle: Explains why collisions must exist since many inputs map to fewer outputs.
Birthday paradox: Shows collisions are easier to find than expected; probability rises quickly with more inputs.
Recognize SHA-1, SHA-2 (SHA-256, SHA-512), SHA-3: Major standardized cryptographic hash functions.
Message authentication code (MAC): A keyed hash value used to ensure message integrity.
HMAC: A MAC constructed from a hash function and a secret key.
CBC-MAC / CMAC: MACs built from block cipher modes.

Digital certificates (X.509): Certificates that bind a public key to an identity such as a domain name.
Certification Authority (CA): A trusted entity that issues and signs digital certificates.
Trust store: A system-maintained collection of trusted root certificates.

Quantum computing threat: The possibility that future quantum computers could break today’s public key systems.
Shor’s algorithm: A quantum algorithm that efficiently solves factoring and discrete logarithm problems.
Grover’s algorithm: A quantum algorithm that speeds up brute-force search, reducing effective key sizes.
Post-quantum cryptography (PQC): New classical cryptosystems designed to resist both classical and quantum attacks.