Among the foundational concepts in digital identity are message integrity, non- repudiation, and confidentiality. Integrity ensures a message or transaction has not been tampered with. Non-repudiation provides evidence for the existence of a message or transaction and ensures its contents cannot be disputed once sent. Confidentiality ensures that only the people or processes authorized to view and use the contents of a message or transaction have access to those contents. In some situations, these properties are unneeded luxuries, but in others, the lack of one of these properties can lead to disaster. Understanding them, and when to use them, is crucial to a building distributed systems.

Lesson Objectives

After completing this lesson, you should be able to

Distinguish between private-key and public-key cryptography
Define what message digests and hashes and describe why they’re important and how they’re used.
Show how a digital signature works.
Describe why digital certificates and needed and distinguish between certificates and keys.
Explain public key infrastructures and how they’re used.

Required Reading/Viewing

Integrity, Non-Repudiation, and Confidentiality (06 Integrity.pdf)

Additional Resources

Gnu Privacy Guard (GnuPG) Mini Howto
Crypto: How the Code Rebels Beat the Government--Saving Privacy in the Digital Age - this book is written for a general audience and describes some of the history of the development of cryptography. I recommend it for context and because it's a good read.
Security Engineering: A Guide to Building Dependable Distributed Systems - an engineering text that "teaches readers how to design, implement, and test systems to withstand both error and attack."
Cryptography Engineering: Design Principles and Practical Applications - the is a basic overview of cryptographic technology with exercises.
Serious Cryptography: A Practical Introduction to Modern Encryption - this is a bit deeper and includes discussions of applications the ramifications of design choices.