These are classic crypto ciphers that are easy to break with a computer.
The reason they are worth studying is that they show you where the lines
are between "easy for a human" and "hard for a human" and "easy for a computer" and "hard for a computer".
They also highlight the need for public-testing of your crypto-schemes and honoring "Kerckhoffs' law".
It is also amusing to combine them and push the limit of what is "easy for a computer" in order to thumb
your nose at too legalistic of a person.
- Caesar
- Vigenere
- Substitution
- Pigpen
- Railway
- Column Transposition
- Playfair
- Hill
Randomness is crypto
- The C random number generator
- LCG (Minecraft seed cracking)
- LFSR
- Mersenne Twister (Python's RNG)
- Salsa20
- DIY PRNGs
This is the only historical cipher that is kind of still in use. To understand how it is both perfect and flawed is the perfect stepping stone from historical crypto into modern crypto. In studying the one-time pad you should look into Claude Shannon's formulation of Perfect Secrecy and the attack modes:
- XOR XOR XOR (ROX)
- Given Ciphertext
- Known Plaintext
- Chosen Plaintext
- Chosen Ciphertext
- Chosen Key
- Multiple X where X is one of the above
These are the ways that we take the One-Time pad and we make it actually work in a modern setting.
This is the workhorse of modern cryptography encrypting the vast majority of the world's internet traffic
(and even being used for ransomware). Knowing AES is probably enough although being aware of the
names triple DES, RC4, and Salsa20 are healthy. More important than the specific block cipher is
knowing the modes for block ciphers and their pros/cons:
- ECB (the worst mode)
- CBC
- OFB
- CTR
- GCM
- Bonus knowledge: IV/Nonce as a concept
- Padding Oracle
Hashes are one-way functions that we use for validating that someone has certainly input some secret knowledge.
This is how passwords and anti-tampering algorithms work:
- Salt (pepper)
- Stretching
- HMAC
- Forgeries
- Collisions
- Hash Extention Attack
Very distinct from those are the public-key schemes, I'm out of time so here they are:
- Diffie-Hellman (Pohlig-Hellman attack)
- Man-in-the-middle Attack (PKI: Public-key infrastructure, certificates, etc)
- RSA (Coppersmith, Weiner, and various other attacks)
- Elliptic Curve Crypto (singular curves, Pohlig-Hellman returns, Hensel Lifting)
- Post-Quantum (Lattice based: Ring-Learning With Errors)
- Shamir's Secret Sharing Scheme, or just issue shares with XOR
- shares are f(x_i) = y_i you get to know (x_i, y_i) f is a polynomial the secret if f(0) the degree of the polynomial is k the number of shares is n >= k+1