Appendix C

Public Key Cryptography in a Nutshell

This appendix is not intended to be a comprehensive overview of public key cryptography.¹ There are a number of great books covering cryptography for practitioners as well as researchers [115, 156, 190, 257, 293]. The purpose of this appendix is to introduce the reader to some of the basic concepts of public key cryptography and hopefully provide enough information to enable readers who are new to cryptography to gain a better understanding of this book without having to go elsewhere. Public key cryptography is a technology that is central to the design of advanced malicious software.

C.1 Overview of Cryptography

Cryptology is the study of the hidden word. It is broken down into two subfields called cryptography and cryptanalysis. Cryptography is the science of developing cryptosystems that encipher and decipher data, among other things. Cryptanalysis is the study of breaking cryptosystems. A cryptanalyst is one who seeks to break or find weaknesses in the ciphers that are developed by a cryptographer. One who dabbles in both subfields may be justly referred to as a cryptologist.

Classical cryptography dates back thousands of years and has been employed for such things as concealing command and control information during times of war. Command and control information must be secured, even against the messengers that carry it, so that it does not fall into enemy hands while in transit. In this respect the most basic use of cryptography ...