○ Security by obscurity
□ Hiding data inside another form of data, like using non-used bits in image to hide a message
§ Cool, but not practical.
◊ Algorithm secrecy vs. key secrecy
○ Cryptography is everywhere and yet if done right, you can barely see it.
□ Secrets stay secret.
□ Data is not tampered with.
□ No party can deny sending messages.
□ Each party can ensure that the sender is what they expect.
○ Random Number Generators
§ Extremely important, almost all encryption/hashing strength is affected by how random the random number generator is.
§ Don't use simple random number, use a cryptographic random number generator with a sophisticated source of entropy.
§ Pseudorandom number generator