Moohar Archive

Cryptography next

9th June 2024

With the web server component of Tinn built and working fairly well, it’s time to move on to the next deliverable. Looking back at my original planning, I listed the next three deliverables as the database, an interpreter and cryptography (encryption). I really want to build the interpreter next but I’ve instead decided to concentrate on cryptography first.

Cryptography is required for HTTPS, and really that is what has driven cryptography to the top of the list. While the web server works fine with normal HTTP, and I don’t yet need the security offered by HTTPS, browsers and applications are becoming increasingly intolerant of plain HTTP. For example WhatsApp on Android automatically converts all HTTP links to HTTPS even if you explicitly set them to HTTP. This is a problem for me as when I send someone a link to a blog post via WhatsApp, the page fails to load on their phone. It’s a pain. And therefore cryptography and HTTPS support becomes priority number one.

I know a little bit about cryptography, but mostly at a very high theoretical level. I know for example cryptography falls into two main camps, symmetric and asymmetric. With symmetric you use the same key to encrypt and decrypt the data, with asymmetric you have two keys and use one to encrypt and the other to decrypt. I know that we need both because symmetric is generally fast to execute but communicating the key securely is an issue, asymmetric is by comparison much slower to execute but key exchange is not an issue. I know that HTTPS uses a combination of both and a whole load of carefully thought out protocols.

I know that at a technical level symmetric encryption is mostly bit flipping and shifting and the security comes from the complexity of the algorithm which is the challenging part. The algorithm for asymmetric encryption is comparatively simple but operates on massive numbers, much larger than any CPU register so the challenge comes from having to build routines to perform maths on numbers bigger than the processor can understand. I know that key generation is tricky and making computers generate truly random numbers is impossible and at some point prime numbers are going to crop up.

I know enough to be nervous.

The good news is I have a book on the subject. I’ve been using it as a paper weight for a few months. I should probably read it instead.

TC