Cryptography terms

1 term of 1506 total

🔐 The mathematics keeping secrets in an adversarial world

Cryptography is the foundation of secure communication, authentication, and data integrity across the internet. This category covers symmetric and asymmetric encryption, hashing, digital signatures, TLS, key exchange protocols, and the common mistakes developers make when implementing or misapplying cryptographic primitives. Use libraries — but understand what they are doing.

More on Cryptography history · 6 references · key concepts

History

Cryptography evolved from ancient manual ciphers like Caesar's cipher into a rigorous mathematical discipline following Claude Shannon's 1949 information theory work, which established the theoretical foundations for secure communication. The field underwent a paradigm shift in the 1970s with the introduction of public-key cryptography (Diffie–Hellman, RSA) and digital signatures, moving beyond symmetric-key systems that required secure key distribution. The 1980s and 1990s saw standardization efforts (DES, then AES) and widespread adoption in commercial systems, while SSL/TLS emerged as the internet's primary security protocol. Modern cryptographic practice has become central to software development, addressing new challenges including quantum computing threats, forward secrecy in ephemeral sessions, and cryptographic agility in APIs. Today, developers rely on vetted libraries and standards rather than implementing cryptography from scratch, reflecting the maturation of both the field and recognition that secure-by-default practices require specialist infrastructure and continuous security auditing.

Key concepts

Cryptographic Hash Functions
Symmetric Encryption
Asymmetric Encryption
Public Key Infrastructure (PKI)
Digital Signatures
Encryption in Transit
Encryption at Rest
TLS Certificate Lifecycle

Best references

NIST Special Publication 800-175B: Guideline for Using Cryptographic Standards in the Federal Government – Cryptographic Mechanisms Authoritative U.S. government guidance on approved cryptographic algorithms and their proper application across all 17 terms in this category.
RFC 5246: The Transport Layer Security (TLS) Protocol Version 1.2 IETF standard specification covering encryption in transit, digital signatures, key derivation, and certificate lifecycle fundamentals.
RFC 6234: US Secure Hash and HMAC Algorithms Definitive technical reference for cryptographic hash function standards (SHA-1, SHA-2, SHA-3) and HMAC implementation.
OWASP Cryptographic Storage Cheat Sheet Practical guidance on encryption at rest, symmetric/asymmetric encryption selection, and common cryptographic implementation mistakes.
RFC 3394: Advanced Encryption Standard (AES) Key Wrap Algorithm Standard specification for key wrapping and secure key derivation, central to encryption at rest and PKI practices.
"Cryptography Engineering" by Schneier, Ferguson, and Kohno (2010) Seminal industry reference covering threat modeling, algorithm selection, and real-world cryptographic system design across all category topics.