As I’ve started to write about Cryptographic Hash Functions I’ve recognized, that it’s might be important to have a clear understanding of the cryptography basics at all. Hash function is one of the important cryptography building blocks, but let me first go a step back and draw the overall picture…

Let’s recap what the main goals of using cryptography in IT systems are:

  • Authentication - Receiving party can verify the source of the message. For example verifying the authenticity of a website with a digital certificate.
  • Integrity - Here protecting information from being modified by unauthorized parties.
  • Confidentiality - More commonly, the biggest concern is to keep information private. Cryptographic systems were originally developed to function in this capacity.
  • Non-repudiation - It provides protection against denial of one of the entities involved in the communication. Often, cryptographic tools are required to prove that a unique user has made a transaction request. It must not be possible for the user to refute his or her actions.


In cryptography, a cryptosystem is a suite of cryptographic algorithms needed to implement a particular security service. Typically, a cryptosystem consists of algorithms for key generation, encryption, and decryption. Encryption and decryption algorithms referred to as ciphers.


A cipher (or cipher) is an algorithm (Series of well-defined steps - a procedure) for performing encryption or decryption. Such procedure is depending on a piece of auxiliary information, called a key. In the end without the knowledge of the key, it should be unfeasible to decrypt the resulting ciphertext into readable plaintext.

Ciphers can be categorized in the following way:

Symmetric vs Asymmetric

  • symmetric key algorithms When the same key is used for both encryption and decryption,
  • asymmetric key algorithms When there is a key-pair (mathematically connected) where one key is used for encryption and another for decryption and vice versa.

Block vs Stream

  • block ciphers work on blocks of symbols usually of a fixed size
  • stream ciphers work on on a continuous stream of symbols.


If you are going to explore cryptography literature, you’ll find often a mention of a nonce without further explanation. But in fact following is meant:

A cryptographic nonce is an arbitrary number that may only be used once. It is often a random or pseudo-random number issued in an authentication protocol to ensure that old communications cannot be reused in replay attacks.

Detailed Articles

Because every topic may have many many details, I prefer to split them up into separate Articles you can find listed below

  1. Cryptographic Hash Functions
  2. Symmetric key algorithms
  3. Message Authentication
  4. Asymmetric key algorithms (not ready)
  5. X.509 Certificates (not ready)
  6. TLS/SSL and Secret agreement (Not ready)