Updated confidentiality

Frosne · Frosne · commit 3a9853f611f7 · 2025-11-19T14:23:12.000+01:00
diff --git a/index.bs b/index.bs
@@ -78,7 +78,11 @@ It is important to note that cryptographic standards are continuously evolving t
 Cryptography provides several fundamental security services, including confidentiality, integrity, data authenticity, non-repudiation, and authentication. Often, a single cryptographic mechanism can provide more than one service—for example, digital signatures can ensure both authenticity and non-repudiation—but no single mechanism can cover all services. Conversely, achieving a particular security service may require combining multiple cryptographic mechanisms; for instance, ensuring confidentiality typically requires both an encryption algorithm and a key management system. In the following sections, we will examine each of these security services in more detail.
 
 ## Confidentiality ## {#confidentiality}
-Confidentiality in cryptography aims to ensure that information is kept secret from unauthorized parties—only the intended recipient(s) can access and understand the message, while anyone else—even if they intercept it—cannot make sense of it. This is typically achieved through encryption, which converts readable data (plaintext) into ciphertext that can only be decrypted by authorized parties with the correct cryptographic key; a widely used example is the Advanced Encryption Standard (AES), standardized by the U.S. National Institute of Standards and Technology (NIST FIPS 197
+
+**Confidentiality** in cryptography aims to ensure that information is kept secret from unauthorized parties—only the intended recipient(s) can access and understand the message, while anyone else—even if they intercept it—cannot make sense of it. This is typically achieved through **encryption**, which converts readable data (**plaintext**) into **ciphertext** that can only be decrypted by authorized parties with the correct cryptographic key; a widely used example is the **Advanced Encryption Standard (AES)**, standardized by the U.S. National Institute of Standards and Technology ([NIST FIPS 197](https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf)).
+
+Maintaining confidentiality also requires proper key management and access control. Secure key management ensures that cryptographic keys are safely generated, stored, and distributed, while access control mechanisms restrict information to only those with permission, preventing unauthorized use or disclosure (see Section 4.2 for more details on key management).
+
 
 ## Integrity ## {#integrity}
 Integrity ensures that data remains unchanged and unaltered during transmission or storage. It is typically achieved through hashing algorithms. If the data is modified, the hash value will change, indicating that the integrity of the data has been compromised. Integrity is essential for ensuring that information remains accurate, preventing unauthorized modifications. The most used cryptographic algorithms for ensuring integrity are [hash functions](#hash-functions), such as SHA-256 (Secure Hash Algorithm 256-bit).
