From ea65acfb8a5b752b185c8bd2dc261264b6bc4d57 Mon Sep 17 00:00:00 2001 From: Anna Weine Date: Wed, 19 Nov 2025 14:19:38 +0100 Subject: [PATCH 1/5] Updated Confidentiality subsection --- index.bs | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/index.bs b/index.bs index 23c0cac..f69b5aa 100644 --- a/index.bs +++ b/index.bs @@ -78,8 +78,7 @@ It is important to note that cryptographic standards are continuously evolving t Cryptography provides several fundamental security services, including confidentiality, integrity, data authenticity, non-repudiation, and authentication. Often, a single cryptographic mechanism can provide more than one service—for example, digital signatures can ensure both authenticity and non-repudiation—but no single mechanism can cover all services. Conversely, achieving a particular security service may require combining multiple cryptographic mechanisms; for instance, ensuring confidentiality typically requires both an encryption algorithm and a key management system. In the following sections, we will examine each of these security services in more detail. ## Confidentiality ## {#confidentiality} -Confidentiality ensures that information is protected from being disclosed to unauthorized parties. It is typically achieved through encryption, which transforms readable data into an unreadable data using a cryptographic key. Only authorized parties that know the correct key can decrypt and access the original information. -The most used cryptographic algorithms for ensuring confidentialityare [symmetric encryption](#symmetric-encryption) algorithms, such as AES (Advanced Encryption Standard). +Confidentiality in cryptography aims to ensure that information is kept secret from unauthorized parties—only the intended recipient(s) can access and understand the message, while anyone else—even if they intercept it—cannot make sense of it. This is typically achieved through encryption, which converts readable data (plaintext) into ciphertext that can only be decrypted by authorized parties with the correct cryptographic key; a widely used example is the Advanced Encryption Standard (AES), standardized by the U.S. National Institute of Standards and Technology (NIST FIPS 197 ## Integrity ## {#integrity} Integrity ensures that data remains unchanged and unaltered during transmission or storage. It is typically achieved through hashing algorithms. If the data is modified, the hash value will change, indicating that the integrity of the data has been compromised. Integrity is essential for ensuring that information remains accurate, preventing unauthorized modifications. The most used cryptographic algorithms for ensuring integrity are [hash functions](#hash-functions), such as SHA-256 (Secure Hash Algorithm 256-bit). From 3a9853f611f7a50584d53e7949b2bcd058a3a282 Mon Sep 17 00:00:00 2001 From: Anna Weine Date: Wed, 19 Nov 2025 14:23:12 +0100 Subject: [PATCH 2/5] Updated confidentiality --- index.bs | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/index.bs b/index.bs index f69b5aa..7bf4d00 100644 --- a/index.bs +++ b/index.bs @@ -78,7 +78,11 @@ It is important to note that cryptographic standards are continuously evolving t Cryptography provides several fundamental security services, including confidentiality, integrity, data authenticity, non-repudiation, and authentication. Often, a single cryptographic mechanism can provide more than one service—for example, digital signatures can ensure both authenticity and non-repudiation—but no single mechanism can cover all services. Conversely, achieving a particular security service may require combining multiple cryptographic mechanisms; for instance, ensuring confidentiality typically requires both an encryption algorithm and a key management system. In the following sections, we will examine each of these security services in more detail. ## Confidentiality ## {#confidentiality} -Confidentiality in cryptography aims to ensure that information is kept secret from unauthorized parties—only the intended recipient(s) can access and understand the message, while anyone else—even if they intercept it—cannot make sense of it. This is typically achieved through encryption, which converts readable data (plaintext) into ciphertext that can only be decrypted by authorized parties with the correct cryptographic key; a widely used example is the Advanced Encryption Standard (AES), standardized by the U.S. National Institute of Standards and Technology (NIST FIPS 197 + +**Confidentiality** in cryptography aims to ensure that information is kept secret from unauthorized parties—only the intended recipient(s) can access and understand the message, while anyone else—even if they intercept it—cannot make sense of it. This is typically achieved through **encryption**, which converts readable data (**plaintext**) into **ciphertext** that can only be decrypted by authorized parties with the correct cryptographic key; a widely used example is the **Advanced Encryption Standard (AES)**, standardized by the U.S. National Institute of Standards and Technology ([NIST FIPS 197](https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf)). + +Maintaining confidentiality also requires proper key management and access control. Secure key management ensures that cryptographic keys are safely generated, stored, and distributed, while access control mechanisms restrict information to only those with permission, preventing unauthorized use or disclosure (see Section 4.2 for more details on key management). + ## Integrity ## {#integrity} Integrity ensures that data remains unchanged and unaltered during transmission or storage. It is typically achieved through hashing algorithms. If the data is modified, the hash value will change, indicating that the integrity of the data has been compromised. Integrity is essential for ensuring that information remains accurate, preventing unauthorized modifications. The most used cryptographic algorithms for ensuring integrity are [hash functions](#hash-functions), such as SHA-256 (Secure Hash Algorithm 256-bit). From 445d4da88f1dadaec33027ae39fd62bcde6096c6 Mon Sep 17 00:00:00 2001 From: Anna Weine Date: Wed, 19 Nov 2025 14:26:21 +0100 Subject: [PATCH 3/5] Updated confidentiality --- index.bs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/index.bs b/index.bs index 7bf4d00..7364bb6 100644 --- a/index.bs +++ b/index.bs @@ -79,9 +79,9 @@ Cryptography provides several fundamental security services, including confident ## Confidentiality ## {#confidentiality} -**Confidentiality** in cryptography aims to ensure that information is kept secret from unauthorized parties—only the intended recipient(s) can access and understand the message, while anyone else—even if they intercept it—cannot make sense of it. This is typically achieved through **encryption**, which converts readable data (**plaintext**) into **ciphertext** that can only be decrypted by authorized parties with the correct cryptographic key; a widely used example is the **Advanced Encryption Standard (AES)**, standardized by the U.S. National Institute of Standards and Technology ([NIST FIPS 197](https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf)). +**Confidentiality** in cryptography aims to ensure that information is kept secret from unauthorized parties—only the intended recipient(s) can access and understand the message, while anyone else—even if they intercept it—cannot make sense of it. This is typically achieved through **encryption**, which converts readable data (**plaintext**) into **ciphertext** that can only be decrypted by authorized parties with the correct cryptographic key; a widely used example is the **Advanced Encryption Standard (AES)**, standardized by the U.S. National Institute of Standards and Technology [[FIPS-197]]. -Maintaining confidentiality also requires proper key management and access control. Secure key management ensures that cryptographic keys are safely generated, stored, and distributed, while access control mechanisms restrict information to only those with permission, preventing unauthorized use or disclosure (see Section 4.2 for more details on key management). +Maintaining confidentiality also requires proper key management and access control. Secure key management ensures that cryptographic keys are safely generated, stored, and distributed, while access control mechanisms restrict information to only those with permission, preventing unauthorized use or disclosure (see [Section 4.2] (#key-management) for more details on key management). ## Integrity ## {#integrity} From 373a10a7f36836686859821308ae4113f896a14b Mon Sep 17 00:00:00 2001 From: Anna Weine Date: Wed, 19 Nov 2025 14:28:23 +0100 Subject: [PATCH 4/5] Updated confidentiality --- index.bs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.bs b/index.bs index 7364bb6..65510dc 100644 --- a/index.bs +++ b/index.bs @@ -81,7 +81,7 @@ Cryptography provides several fundamental security services, including confident **Confidentiality** in cryptography aims to ensure that information is kept secret from unauthorized parties—only the intended recipient(s) can access and understand the message, while anyone else—even if they intercept it—cannot make sense of it. This is typically achieved through **encryption**, which converts readable data (**plaintext**) into **ciphertext** that can only be decrypted by authorized parties with the correct cryptographic key; a widely used example is the **Advanced Encryption Standard (AES)**, standardized by the U.S. National Institute of Standards and Technology [[FIPS-197]]. -Maintaining confidentiality also requires proper key management and access control. Secure key management ensures that cryptographic keys are safely generated, stored, and distributed, while access control mechanisms restrict information to only those with permission, preventing unauthorized use or disclosure (see [Section 4.2] (#key-management) for more details on key management). +Maintaining confidentiality also requires proper key management and access control. Secure key management ensures that cryptographic keys are safely generated, stored, and distributed, while access control mechanisms restrict information to only those with permission, preventing unauthorized use or disclosure (see [Section 4.2](#key-management) for more details on key management). ## Integrity ## {#integrity} From be2b3585c7c6ad0b5151b1d3deb09dc97c54487c Mon Sep 17 00:00:00 2001 From: Anna Weine Date: Thu, 11 Dec 2025 17:59:58 +0100 Subject: [PATCH 5/5] added references to encryption --- index.bs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.bs b/index.bs index 65510dc..9fd2fcd 100644 --- a/index.bs +++ b/index.bs @@ -79,7 +79,7 @@ Cryptography provides several fundamental security services, including confident ## Confidentiality ## {#confidentiality} -**Confidentiality** in cryptography aims to ensure that information is kept secret from unauthorized parties—only the intended recipient(s) can access and understand the message, while anyone else—even if they intercept it—cannot make sense of it. This is typically achieved through **encryption**, which converts readable data (**plaintext**) into **ciphertext** that can only be decrypted by authorized parties with the correct cryptographic key; a widely used example is the **Advanced Encryption Standard (AES)**, standardized by the U.S. National Institute of Standards and Technology [[FIPS-197]]. +**Confidentiality** in cryptography aims to ensure that information is kept secret from unauthorized parties—only the intended recipient(s) can access and understand the message, while anyone else—even if they intercept it—cannot make sense of it. This is typically achieved through **encryption** — covered in Sections [7.1](#asymmetric-encryption) and [7.2](#symmetric-encryption) — which converts readable data (**plaintext**) into **ciphertext** that can only be decrypted by authorized parties with the correct cryptographic key; a widely used example is the **Advanced Encryption Standard (AES)**, standardized by the U.S. National Institute of Standards and Technology [[!FIPS-197]]. Maintaining confidentiality also requires proper key management and access control. Secure key management ensures that cryptographic keys are safely generated, stored, and distributed, while access control mechanisms restrict information to only those with permission, preventing unauthorized use or disclosure (see [Section 4.2](#key-management) for more details on key management).