### Entropy
To quantify the randomness of a password, we measure the entropy. Entropy is measured in bits, E = log2(# of possibilities) bit

### Cryptographic hash functions
SHA1(data) -> 160bits 
Hash functions are a weaker version of cryptographic hash functions, in particular, cryptographic hashes have the following properties
- Outputs of hash functions are non-invertible
- These functions are collision resistant
Because these hash functions are collision resistant (computationally infeasible to produce two files that has the same SHA1 hash), we can use it for a number of interesting applications, one example is for file checking: For example many other sites host mirrors of the debian distribution, how can we make sure that the debian we are downloading is the legit and not just a malicious piece of software. We can calculate the SHA1sum of our downloaded file and compare it to the SHA1sum provided by debian.org, and if they are the same, then we can be assured that we got the right copy. 

### Key derivation functions (KDF)
Similar to hash functions, but it is slow to compute. This could be advantageous for password authentication, for example, let's say our software has hashes of the user password saved, and we want to verify if the user password input is correct, it is ok if calculating the hash and verifying that they match is a bit slower, because this is a one-time operation. But if some hacker cracked our password database and obtained the hashes of all users' passwords, then if the operation of calculating the hash is slow, it can drastically slow down the hackers progress to brute force the passwords. 

### Symmetric key cryptography
The API has three functions:
- Keygen() function -> key 
- encrypt(plaintext, key) -> ciphertext
- decrypt(ciphertext, key) -> plaintext
And there are a couple of properties:
- Given the ciphertext, can't figure out the plaintext without the key 
- Decrypt(encrypt(msg, k), k) -> msg (correctness property)
This can be really useful for encrypting files on cloud storage. For example, to prevent Dropbox from actually looking into my files, then we can encrypt our data and upload the ciphertext onto dropbox (it is very difficult to crack because the key generated has high entropy) .

But what if we lose our key (because it's so random, it's hard to memorize)? Instead we can get our key through the key derivation function: 
```
                        passphrase
                            |
                           KDF          
                            |
                           key          plaintext
                            \               /
                              \           /
                                \       /
                             encrypt function 
                                    |
                                    |
                                ciphertext
```

### Asymmetric key cryptography
Very similar to symmetric key cryptography, but the 
- `keygen()` will generate a public and a private key
- `encrypt(msg, public key) -> ciphertext`
- `decrypt(ciphertext, private key) -> msg`
This has the advantage where we can post the public key online, and anyone else can send us an encrypted message using that public key, and we can decrypt it with our private key (asymmetrical, other people can only encrypt but not decrypt). This is more secure because if two people want to communicate over the channel with symmetric key cryptography, the key needs to be sent through the channel and shared between the two people, if the key gets intercepted, then there's no more secret.  

The private/public key construction also gives us two additional features that are somewhat related to encryption and decryption: signing and verifying:
- `sign(msg, private key) -> signature`
- `verify(msg, signature, public key) -> OK?`
Since the private key is kept private, the signature is hard to forge. In this case, encrypting the message that is being sent over is not really the concern, it is about verifying that the message is indeed sent by the right person, for example verfiying a bank login

Example: 
- email encryption, some people has their public key posted online, and send an encrypted email. The interesting thing here though, is that because asymmetric key crytography is slower compared to the symmetric model, the email encryption actually adopts a hybrid model, see the end of lecture 9 for additional details for how this implemented.
- private messaging
- sign software releases (like the debian example to make sure you got the legit version of the debian distribution)
