Welcome to Internal State: Cryptography & Security

December 20, 2025 · 2 min · By Alberto Marcos

Welcome to Internal State, a space dedicated to cryptography, security engineering, and the mathematics that keeps information safe.

What is This Blog?

Internal State is home to deep dives into:

  • Cryptography: Symmetric and asymmetric encryption, hashing, digital signatures, and PRNGs
  • Security Protocols: TLS, OAuth, authentication mechanisms, and zero-knowledge proofs
  • Mathematics Behind Security: Number theory, elliptic curves, complexity theory
  • Applied Security: Key management, threat modeling, and secure system design
  • Implementation & Pitfalls: Common vulnerabilities, side-channel attacks, secure coding

Why “Internal State”?

The name honors a fundamental concept in cryptography and computation: state.

In cryptographic systems, the internal state—whether it’s the key material, random number generator state, or protocol state machine—is everything. Mismanage it, and security collapses. Understand it deeply, and you can reason about system guarantees.

A Little Math to Start

Since we’re dedicating this space to cryptography, let’s begin with a beautiful equation. The security of many modern systems rests on the difficulty of discrete logarithm problems:

$$ \text{Given } g, p, \text{ and } y = g^x \bmod p $$ $$ \text{Find } x \text{ (computationally infeasible for large } p\text{)} $$

This simple hardness assumption underlies Diffie-Hellman key exchange, ElGamal encryption, and DSA.

What’s Coming

In the posts ahead, we’ll explore:

  1. RSA Internals: From Euler’s theorem to padding schemes (OAEP, PSS)
  2. Elliptic Curve Cryptography: Why curves beat traditional cryptography
  3. Zero-Knowledge Proofs: Proving you know something without revealing it
  4. Side-Channel Attacks: How timing, power, and cache can leak secrets
  5. Post-Quantum Cryptography: What comes after RSA and ECC
  6. Protocol Design: Building TLS, designing authentication flows
  7. Cryptanalysis: Understanding attacks and implementation weaknesses

The Ethos

This blog is for:

  • Security practitioners who want to deepen their understanding
  • Developers building cryptographic systems
  • Anyone curious about how secrets are mathematically protected
  • Those who believe security should be verified, not trusted

We’ll balance theory with practice, math with code, and fundamentals with modern applications.

Let’s Begin

The journey into cryptography is intellectually demanding but deeply rewarding. If you’re ready to understand the mathematics and engineering behind secure systems, you’re in the right place.

Let’s explore.

Zero-Knowledge Proofs: Proving Knowledge Without Revealing It

Imagine proving you know a secret without ever revealing the secret. This is the magic of zero-knowledge proofs (ZKPs). What Is a Zero-Knowledge Proof? A ZKP is an interactive protocol between a prover and a verifier where: The prover convinces the verifier they know a secret (or that a statement is true) The verifier learns nothing about the secret itself The verifier cannot convince anyone else of the truth (non-transferability) Example: The Cave Imagine a circular cave with a magic door inside that only opens with a password. ...

December 2, 2025 · 5 min · By Alberto Marcos