Introduction
Cryptography is the mathematical foundation of digital security. Every secure communication, every verified identity, and every tamper-proof record relies on cryptographic primitives. For AI security engineers, cryptographic knowledge is essential for protecting model weights, securing inference APIs, ensuring data privacy in federated learning, and understanding the looming threat of quantum computing.
This section provides a practical overview of the cryptographic concepts you will encounter throughout this book, from symmetric and asymmetric encryption to the emerging field of post-quantum cryptography.
Symmetric vs. Asymmetric Cryptography
Symmetric cryptography uses a single shared key for both encryption and decryption. Algorithms like AES (Advanced Encryption Standard) are fast and efficient, making them ideal for encrypting large volumes of data. The challenge is key distribution: both parties must possess the same secret key, and if that key is compromised, all communications encrypted with it are exposed.
Asymmetric cryptography (public-key cryptography) uses a mathematically linked pair of keys: a public key for encryption and a private key for decryption. RSA and Elliptic Curve Cryptography (ECC) are the most widely deployed asymmetric algorithms. While slower than symmetric encryption, asymmetric cryptography solves the key distribution problem and enables digital signatures.
- AES-256: The gold standard for symmetric encryption, used in TLS, disk encryption, and secure storage
- RSA-2048/4096: Widely used for key exchange and digital signatures, though increasingly replaced by ECC
- ECC (Curve25519): Provides equivalent security to RSA with much smaller key sizes, preferred for modern systems
- ChaCha20-Poly1305: A modern symmetric cipher with built-in authentication, used in TLS 1.3 and WireGuard
In Practice: Most real-world systems use hybrid encryption: asymmetric cryptography to exchange a symmetric session key, then symmetric cryptography for bulk data encryption. TLS uses exactly this approach, combining the key distribution advantages of asymmetric crypto with the speed of symmetric crypto.
Hashing, Digital Signatures, and PKI
Cryptographic hash functions (SHA-256, SHA-3, BLAKE3) produce a fixed-size fingerprint of any input data. These fingerprints are deterministic (same input always produces same output), collision-resistant (practically impossible to find two different inputs with the same hash), and one-way (cannot reverse the hash to find the original input).
Digital signatures combine hashing with asymmetric cryptography to provide authentication, integrity, and non-repudiation. The signer hashes the message and encrypts the hash with their private key. Anyone with the signer's public key can verify the signature, confirming both who signed it and that the message was not altered.
- Hashing for Integrity: Verify file downloads, detect tampered data, store passwords securely (with salting)
- Digital Signatures for Authentication: Sign software releases, authenticate API requests, verify model provenance
- PKI for Trust: Certificate Authorities (CAs) issue digital certificates that bind public keys to identities, forming a chain of trust
Public Key Infrastructure (PKI) is the system of CAs, certificates, and protocols that enables trust in public keys. When you visit an HTTPS website, your browser validates the server's certificate against a chain of trusted CAs. PKI is also used to sign model artifacts, ensuring that downloaded models are authentic and unmodified.
TLS/SSL in Practice
Transport Layer Security (TLS) is the most widely deployed cryptographic protocol, securing virtually all web traffic, email, and API communications. TLS 1.3, finalized in 2018, simplified the handshake process, removed insecure cipher suites, and improved performance with zero round-trip time (0-RTT) resumption.
For AI systems, TLS protects model inference APIs from eavesdropping and man-in-the-middle attacks. Mutual TLS (mTLS) goes further by requiring both client and server to present certificates, providing strong authentication for service-to-service communication in microservice architectures.
- TLS 1.3: Mandatory for new deployments, supports only modern cipher suites (AEAD), faster handshake
- Mutual TLS (mTLS): Both parties authenticate, essential for zero-trust service meshes
- Certificate Transparency: Public logs of all issued certificates, helps detect rogue CAs
- ACME Protocol: Automated certificate issuance and renewal (Let's Encrypt), eliminates manual certificate management
Post-Quantum Cryptography Introduction
Quantum computers threaten to break the asymmetric cryptographic algorithms (RSA, ECC) that underpin virtually all modern security. Shor's algorithm, running on a sufficiently powerful quantum computer, can factor large numbers and compute discrete logarithms in polynomial time, rendering RSA and ECC insecure.
In response, NIST has standardized post-quantum cryptographic algorithms designed to resist both classical and quantum attacks. CRYSTALS-Kyber (for key encapsulation) and CRYSTALS-Dilithium (for digital signatures) are the primary standards, based on lattice problems that are believed to be hard for both classical and quantum computers.
The "Harvest Now, Decrypt Later" Threat: Nation-state adversaries are already collecting encrypted communications today with the intention of decrypting them once quantum computers are available. This means that data encrypted with RSA or ECC today may not remain confidential in the future. Organizations handling long-lived secrets must begin migrating to post-quantum algorithms now. We dedicate Chapter 18 entirely to this topic.
The transition to post-quantum cryptography requires crypto-agility—the ability to swap cryptographic algorithms without redesigning entire systems. Building crypto-agile systems today is one of the most important proactive security investments an organization can make.