Cryptography from the Ground Up

“One of the most interesting and useful things computers can do for us is cryptography. We can hide messages, validate identities, and even build entire trustless distributed systems. Cryptography not only defines our modern world, but is a big part of how we will build the world of the future.

However, unless you want to dedicate years and a PhD to studying the subject, the actual workings of cryptography can be hard to learn. It can involve a lot of pitfalls and if you dare build from scratch, you are bound to make a fool of yourself. Why?

In my opinion, it comes down to history. Cryptography has had centuries of methods that have been made, broken, and remade again. Most tutorials on cryptography focus on the what: do this, don’t do that, follow the rules. But they skip over the why: why do we do the things we do? What are we trying to avoid?

To understand the why, we need to understand how we got here in the first place. And to do that, let’s set computers to the side for the moment and delve into the world of classical cryptography.”

A (Relatively Easy to Understand) Primer on Elliptic Curve Cryptography | Ars Technica

“If you just want the gist, here’s the TL;DR version: [Elliptical Curve Crytography,] ECC is the next generation of public key cryptography, and based on currently understood mathematics, it provides a significantly more secure foundation than first-generation public key cryptography systems like RSA. If you’re worried about ensuring the highest level of security while maintaining performance, ECC makes sense to adopt. If you’re interested in the details, read on.”

—Nick Sullivan. ” A (relatively easy to understand) primer on elliptic curve cryptography.” Ars Technica. October 24, 2013.

WireGuard VPN review: A new type of VPN offers serious advantages | Ars Technica

“WireGuard is a new type of VPN that aims to be simpler to set up and maintain than current VPNs and to offer a higher degree of security. The software is free and open source—it’s licensed GPLv2, the same license as the Linux kernel—which is always a big plus in my book. It’s also designed to be easily portable between operating systems. All of that might lead you to ask: in a world that already has IPSEC, PPTP, L2TP, OpenVPN, and a bewildering array of proprietary SSL VPNs, do we need yet another type of VPN?”

—Jim Salter. “WireGuard VPN review: A new type of VPN offers serious advantages.” Ars Technica. August 26, 2018.

Do we need yet another type of VPN? Why, yes. Yes, we do.