From 9523201681a2a303323bbcbc2f4559bfec7687aa Mon Sep 17 00:00:00 2001
From: eneller <erikneller@gmx.de>
Date: Sun, 10 May 2026 16:11:06 +0200
Subject: [PATCH] update

---
 crypto.bib |  7 +++++++
 crypto.tex | 29 +++++++++++++++++------------
 2 files changed, 24 insertions(+), 12 deletions(-)

diff --git a/crypto.bib b/crypto.bib
index d687e5d..9ded19f 100644
--- a/crypto.bib
+++ b/crypto.bib
@@ -58,4 +58,11 @@
   year = "2026",
   url = "https://en.wikipedia.org/w/index.php?title=Man-in-the-middle_attack&oldid=1347824570",
   note = "[Online; accessed 10-April-2026]"
+}
+@misc{ enwiki:galoismode,
+  author = "{Wikipedia contributors}",
+  title = "Galois/Counter Mode --- {Wikipedia}{,} The Free Encyclopedia",
+  year = "2026",
+  url = "https://en.wikipedia.org/w/index.php?title=Galois/Counter_Mode&oldid=1352962810",
+  note = "[Online; accessed 10-May-2026]"
 }
\ No newline at end of file
diff --git a/crypto.tex b/crypto.tex
index b69bccd..e243927 100644
--- a/crypto.tex
+++ b/crypto.tex
@@ -17,6 +17,8 @@
 \usepackage[style=ieee, backend=biber, maxnames=1, minnames=1]{biblatex}
 \addbibresource{crypto.bib}
 \usepackage{glossaries}
+
+\newcommand{\ub}[2]{\underbrace{\text{#1}}_{\text{#2}}}
 \makeglossaries
 \newacronym{DES}{DES}{Data Encryption Standard}
 \newacronym{AES}{AES}{Advanced Encryption Standard}
@@ -170,20 +172,20 @@ Extended versions of \acrshort{DES} such as Triple-DES (or 3DES) are still in us
 
 In \acrshort{DES}, the message is encrypted in 16 rounds, as well as an initial and final permutation (IP and FP),
 which are inverses. IP and FP were included to facilitate hardware loading of blocks.
-Each round consists of several parts:
+After splitting the 64-Bit message into two 32-Bit blocks left (L) and right (R), the two halves are processed in the
+16-round feistel network in a criss-cross pattern as follows:
 \begin{itemize}
-    \item split the 64-Bit message into two 32-Bit blocks left (L) and right (R).
     \item derive a 48-Bit \textit{round key} from the original 64-Bit \textit{main key} using a fixed \textit{key schedule}.
     \item apply the \textit{Feistel function} to the R-block, which also applies the \textit{round key}.
     \item XOR the right block to the left block.
 \end{itemize}
-A round key is then applied to the \textbf{R-Block} in a \textit{Feistel function}
+Modern encryptions are commonly based on feistel networks as they make it easy to ensure bijection,
+thus providing the necessary criterion for a cipher.
+Further, due to the decryption process using the same algorithm with a reversed \textit{key schedule}
+as well as the iterative nature of a feistel network,
+they naturally lend themselves to hardware implementations.
 
-
-The decryption process uses the same algorithm with a reversed \textit{key schedule}.
-
-
-\subsection{AES}
+\subsection{AES} %TODO
 The \acrfull{AES} superseded \acrshort{DES} in 2001 after an official selection process.
 Unlike its predecessor, it does not use a Feistel network.
 
@@ -194,12 +196,12 @@ Unlike its predecessor, it does not use a Feistel network.
 \section{Asymmetric Encryption}
 Symmetric encryption however historically suffered from a key exchange problem;
 because the same key is used for encryption and decryption, a secure channel is required to agree on a common key.
-This chicken-and-egg problem can be solved in two ways.
+This chicken-and-egg problem can be solved in two major ways, both typically relying on the mathematical theory of
+\textbf{galois fields}, employing either \textit{modular arithmetic} or \textit{elliptic curves}.
 
 \paragraph{The Difie-Hellman Key Exchange} is an algorithm allowing the communication parties to establish a shared secret using
 properties of the discrete logarithm.
 
-\paragraph{Asymmetric} Cryptography
 Both methods however are still vulnerable to a \acrfull{mitm}, thus also requiring a trusted \acrfull{CA} for authentication. \cite{enwiki:mitm}
 
 \subsection{RSA}
@@ -222,8 +224,11 @@ The algorithm they came up with relies on modular arithmetic, which remains the
 \clearpage
 
 \section{Conclusion}
-Complementary, 
-typical cipher suite: ECDHE-ECDSA-AES128-GCM-SHA256 \citetitle{enwiki:ciphersuite}
+Trust on the web with untrusted channels fundamentally remains an unsolved issue,
+though depending on the threat model, everyday communications can be considered relatively secure from non-APT actors.
+A typical cipher suite employed by TLS could look like the following:
+$$\ub{ECDHE}{Key exchange}-\ub{ECDSA}{authentication}-\ub{AES128}{encryption}-\ub{GCM}{Galois/counter mode}-\ub{SHA256}{hashing} $$
+\cite{enwiki:ciphersuite,enwiki:galoismode}
 %\printglossary[type=\acronymtype]
 %\printglossary
 \printbibliography