I’ve made it a goal to learn as much about cryptography as I can. I’m talking about the mathematics that enable it, of course, the stuff that has always terrified me. As a programmer, I’ve (mostly) never shrunk from a challenge, but the sheer amount of preparatory work necessary to even understand a post on Stack Overflow or Stack Exchange had me shivering in my timbers.
But this is all about to change, and I’ve selected my entry point to be The Handbook of Applied Cryptography. I really enjoy reading Bruce Schneier and subscribe to his CryptoGram, so I’m sure I’ll augment my studies with his writings in the near future, as well.
This will be the first in a series of articles on cryptography as I attempt to go as far as I can on my own steam. My goal is to document the content that seems most meaningful and instructive to me. It’s not intended to be exhaustive.
Although it may seem boring and perhaps even intimidating, there’s no getting around that one needs to build a solid foundation before getting to the really interesting topics. I think this is true in any endeavor, and so I found myself facing frightening terms and symbols as soon as I opened the book.
So, as a reference and a cheat sheet, here are some of the terms that I’ve encountered. Some of the definitions I’ve lifted whole cloth from the aforementioned book, and I in no way am trying to pass them off as my own.
Let’s dig in….
 Basic Terminology
 Function Terminology
 Encryption Domains and Codomains
 Encryption and Decryption Transformations
 Communication Participants
 Channels
 Cryptology
Basic Terminology

Cryptography  The study of mathematical techniques related to aspects of information security such as confidentiality, data integrity, entity authentication, and data origin authentication.

Cryptographic primitives  Basic cryptographic tools used to provide information security. Examples include encryption schemes, hash functions and digital signature schemes.

Cipher  An encryption scheme.

Set  Consists of distinct elements which are known as elements of the set. For example, a set
X
might consist of the elementsa
,b
andc
and is denotedX = {a,b,c}
. 
Information security service  A method to provide some specific aspect of security. For example, integrity of transmitted data is a security objective, and a method to ensure this aspect is an information security service.

Symmetrickey encryption  An encryption scheme is said to be symmetrickey if for each associated encryption/decryption key pair
(e, d)
, it is computationally “easy” to determined
knowing onlye
, and to determinee
fromd
. 
Publickey encryption  An encryption scheme where for each associated encryption/decryption pair
(e,d)
, one keye
(the public key) is mad publicly available, while the otherd
(the private key) is kept secret. For the scheme to be secure, it must be computationally infeasible to computed
frome
. 
Digital signature  A cryptographic primitive which is fundamental in authentication, authorization and nonrepudiation, its purpose is to provide a means for an identity to bind its identity to a piece of information.

Hash function  Often informally called a oneway hash function, it is a computationally efficient function mapping binary strings of arbitrary length to binary strings of some fixed length, called hashvalues.
Function Terminology

Function  Alternatively referred to as a mapping or a transformation, a function is defined by two sets
X
andY
and a rulef
which assigns to each element inX
precisely one element inY
. The setX
is called the domain of the function andY
the codomain.
image of
x
 Ifx
is an element ofX
(usually writtenx ∈ X
), the image ofx
is the element inY
in which the rulef
associates withx
. The imagey
ofx
is denoted byy = f(x)
. 
preimage of
y
 Ify ∈ Y
, then a preimage ofy
is an elementx ∈ X
for whichf(x) = y
. 
image of
f
 DenotedIm(f)
. The set of all elements inY
which have at least one preimage.

Example Let f be the rule that for each x ∈ X, f(x) = r_{x}, where r_{x} is the remainder when x^{2} is divided by 11. X = {1,2,3,4,5,6,7,8,9,10} f(1) = 1 f(2) = 4 f(3) = 9 f(4) = 5 f(5) = 3 f(6) = 3 f(7) = 5 < The preimage of element 5 is 7. f(8) = 9 f(9) = 4 f(10) = 1 Im(f) = {1,3,4,5,9}
Types of Functions
Standard notation for a function
f
from setX
to setY
isf : X → Y
.
11

A function or transformation is 11 (onetoone) if each element in the codomain
Y
is the image of at most one element in the domainX
. 
A 11 function is bijective.

Inverse functions:

If
f
is a bijection fromX
toY
then it is a simple matter to define a bijectiong
fromY
toX
as follows: for eachy ∈ Y
defineg(y) = x
wherex ∈ X
andf(x) = y
. This functiong
obtained fromf
is called the inverse function off
and is denoted byg = f
^{−1}. 
The domain of
g
isY
and the codomain isX
.

bijection
If a function
f : X → Y
is 1−1 andIm(f) = Y
, then f is called a bijection. There are no unpaired elements.Bijective functions are onetoone (injective) as well as onto (surjective). Note that if
f
is a bijection, then so isf^{−1}
. In cryptography, bijections are used as the tool for encrypting messages and the inverse transformations are used to decrypt. Notice that if the transformations were not bijections then it would not be possible to always decrypt to a unique message.
oneway

A function
f
from a setX
to a setY
is called a oneway function iff(x)
is “easy” to compute for allx ∈ X
but for “essentially all” elementsy ∈ Im(f)
it is “computationally infeasible” to find anyx ∈ X
such thatf(x) = y
. 
Alternatively, for a random
y ∈ Im(f)
, it is computationally infeasible to find anyx ∈ X
such thatf(x) = y
.
Example Definef(x) = r_{x}
for allx ∈ X
wherer_{x}
is the remainder when 3^{x} is divided by 17. Now, given a number between between 1 andt
, determinex
providedf(x) = 8
. For small numbers, this is not a hard problem, as one can simply try every number in the range 1 through 16: f(1) = 3 f(2) = 9 f(3) = 10 f(4) = 13 f(5) = 5 f(6) = 15 f(7) = 11 f(8) = 16 f(9) = 14 f(10) = 8 < Dude! f(11) = 7 f(12) = 4 f(13) = 12 f(14) = 2 f(15) = 6 f(16) = 1 But, let's say the modulus is the product of two 100digit prime numbers? p = 56282904590578772918091824503812389276973148221339/ 23421169378062922140081498734424133112032854812293 q = 72126101472954749095445237850434924099693821481867/ 65460082500085393519556525921455588705423020751421 n = pq = 40594664876927152429464221872014903331305438593550203566566567434044\ 09274728618132558293704275021893950727842396795312164019235290143106\ 7647263568137200677133330187177812269497007251370100980768018353 The domain of the function now becomes: X = {1, 2, 3, ..., n  1} Good luck!
The important point here is that there is a difference in the amount of work to compute f(x)
and the amount of work to find x
given f(x)
.
What is needed is a shortcut or “trapdoor” where the latter becomes knowable, i.e., easy to reverse.
trapdoor oneway

A trapdoor oneway function is a oneway function
f : X → Y
with the additional property that given some extra information (called the trapdoor information) it becomes feasible to find for any giveny ∈ Im(f)
, anx ∈ X
such thatf(x) = y
. 
In the example above, the trapdoor is knowing the two prime factors. This is the integer factorization problem.
Oneway and trapdoor oneway functions are the basis for publickey cryptography.
permutations

Let
S
be a finite set of elements. A permutation p onS
is a bijection fromS
to itself (i.e.,p : S → S)
. 
Since permutations are bijections, they have inverses. The inverse of
p
isp^{1}
.
involutions

Involutions have the property that they are their own inverses.

Let
S
be a finite set and letf
be a bijection fromS
toS
(i.e.,f : S → S
). The functionf
is called an involution iff = f^{−1}
. An equivalent way of stating this isf(f(x)) = x
for allx ∈ S
.
Encryption Domains and Codomains
 Alphabet of definition  Is a finite set denoted by
A
. For example,A = {0,1}
is the binary alphabet and is a frequentlyused alphabet of definition.
Any alphabet can be encoded in terms of the binary alphabet.

Message space  Denoted by the set
M
, it consists of strings of symbols from an alphabet of definition. An element ofM
is called a plaintext message or simply a plaintext. 
Ciphertext space  Denoted by the set
C
, it consists of strings of symbols from an alphabet of definition, which may differ from the alphabet of definition forM
. An element ofC
is called a ciphertext.
Encryption and Decryption Transformations

Key space  Denoted by the set
K
. An element ofK
is called a key. 
Encryption function  Also known as an encryption transformation, it is denoted by
E_{e}
, where each elemente ∈ K
uniquely determines a bijection fromM
toC
. Note thatE_{e}
must be a bijection if the process is to be reversed and a unique plaintext message recovered for each distinct ciphertext. The process of applying the transformation
E_{e}
to a messagem ∈ M
is usually referred to as encrypting m or the encryption of m.
 The process of applying the transformation
More generality is obtained if
E_{e}
is simply defined as a 1 − 1 transformation fromM
toC
. That is to say,E_{e}
is a bijection fromM
toIm(E_{e})
whereIm(E_{e})
is a subset ofC
.

Decryption function  Also known as a decryption transformation, it is denoted by
D_{d}
, where each elementd ∈ K
uniquely determines a bijection fromC
toM
(i.e.,D_{d}
: C → M). The process of applying the transformation
D_{d}
to a ciphertextc
is usually referred to asdecrypting c
or thedecryption
ofc
.
 The process of applying the transformation

Encryption scheme  Sometimes referred to as a cipher, it consists of a set
{E_{e} : e ∈ K}
of encryptions transformations and a corresponding set{D_{d} : d ∈ K}
of decryption transformations with the property that for eache ∈ K
there is a unique keyd ∈ K
such thatD_{d} = E^{−1}
; that is,D_{d}(E_{e}(m)) = m
for allm ∈ M
.
To construct an encryption scheme requires one to select a message space
M
, a ciphertext spaceC
, a key spaceK
, a set of encryption transformations{E_{e} : e ∈ K}
, and a corresponding set of decryption transformations{D_{d} : d ∈ K}
.
An encryption scheme is said to be breakable if a third party, without prior knowledge of the key pair
(e, d)
, can systematically recover plaintext from corresponding ciphertext within some appropriate time frame.
 Key pair  In the preceding definition, the keys e and d are referred to as a key pair and sometimes denoted by
(e,d)
. Note that e and d could be the same.
Communication Participants

Entity  Also known as a party, it is someone or something which sends, receives or manipulates information. An entity may be a person, computer terminal, etc.

Sender  An entity in a twoparty communication which is the legitimate transmitter of information.

Receiver  An entity in a twoparty communication which is the intended recipient of information.

Adversary  An entity in a twoparty communication which is neither the sender nor receiver, and which tries to defeat the information security service being provided between the sender and receiver. Various other names are synonymous with adversary such as enemy, attacker, opponent, tapper, eavesdropper, intruder and interloper. An adversary will often attempt to play the role of either the legitimate sender or the legitimate receiver.
Channels

Channel  A means of conveying information from one entity to another.

Physically secure channel  Also known as a secure channel, is one which is not physical accessible to the adversary.

Unsecured channel  A channel from which parties other than those for which the information is intended can reorder, delete, insert or read.

Secured channel  A channel from which an adversary does not have the ability to reorder, delete, insert or read.
Cryptology
– Cryptanalysis  The study of mathematical techniques for attempting to defeat cryptographic techniques, and, more generally, information security services.
– Cryptanalyst  Someone who engages in cryptanalysis.
– Cryptology  The study of cryptography and cryptanalysis.
– Cryptosystem  A general term referring to a set of cryptographic primitives used to provide information security services. Most often the term is used in conjunction with primitives providing confidentiality, i.e., encryption.
Cryptographic techniques are typically divided into two generic types: symmetrickey and publickey.