Signing, Encrypting, Encoding
AES (Advanced Encryption Standard)
Type: Symmetric Encryption
Alice and Bob use a shared secret to exchange encrypted messages.
Use Cases:
- Secure communication
OpenSSL::Cipher.new("AES-256-CBC")
RSA (Rivest–Shamir–Adleman)
Type: Asymmetric Encryption
Alice uses Bob's public key to encrypt the message, Bob decrypts the message using his private key. Bob uses his private key to sign the message, Alice uses Bob's public key to verify the signature.
Use Cases:
- Digital signatures / data integrity
- Secure communication
OpenSSL::PKey::RSA
HMAC (Hash-based Message Authentication Code)
Type: Signing / Symmetric cryptography
Use Cases:
- Digital signatures / data integrity
OpenSSL::HMAC.hexdigest("sha256", key, data)
ECDSA (Elliptic Curve Digital Signature Algorithm)
Type: Signing / Asymmetric cryptography
Use Cases:
- Digital signatures / data integrity
OpenSSL::PKey::EC.new("prime256v1")
Base64
Type: Encoding
Use Cases:
- Data serialization
- URL-safe encoding
Base64.encode64(data)
Base64.urlsafe_encode64(data)
JWT (JSON Web Tokens)
Type: Authentication
JWT consists of data in JSON format, split into 3 parts using a dot:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c
1st and 2nd parts are a Base64-encoded header and a payload, the 3rd part is a signature over this data. JWT can use both symmetric and asymmetric cryptography for signatures.
Use Cases:
- Stateful authentication
- Data integrity
JWK (JSON Web Key)
Type: Standartized Cryptographic Key Representation
Use Cases:
- Key exchange
- Managing cryptographic keys