(Login — Register) |
Thread Rating:
Encryption - Part1 |
01-01-2011, 10:30 PM,
|
|||
|
|||
Encryption - Part1
A Brief History of Encryption Encryption is a way of protecting data against unauthorized use. Several techniques have been used throughout the years to protect data against enemies who would misuse the information. Thousands of years ago, the main use of using encryption was to protect data during war. David Kahn, in his impressive work, The Codebreakers: The Comprehensive History of Secret Communication from Ancient Times to the Internet, has traced the history of cryptography as far back as ancient Egypt, progressing through India, Mesopotamia, Babylon, World War I, World War II, and into modern times, where encryption has taken on new meaning. The extensive use of telegraph and radio waves in modern times has increased the need to encrypt information because sophisticated techniques are available to intercept the information that flows in todayâs global environment. Military communication without the use of encryption is worthless. The biggest achievements in cryptography can be attributed to the work done by Alan Turing during World War II. Using the help of Alan Turing in Britain, the allies were able to use computers to break the Enigma code used by Germany during the war. Since World War II, the National Security Agency (a branch of the Department of Defense) has become the center for cryptographic research and activity. The existence of this highly secret organization within the government was denied until recently and is jokingly referred to as âNo Such Agency.â The budget and activities of this agency are highly classified. It has been rumored that the NSA employs the largest number of mathematicians in the world and actively eavesdrops on phone conversations. For years, the use of codes and ciphers was reserved to the NSA and military operations. Civilians had to be content with using envelopes and couriers to protect data. With the computer revolution and the explosion of the information ageâand especially the Internetâthe need for encryption in civilian use was recognized. The manner in which data was disseminated through electronic mail and the Internet, and the financial value attached to the information, fueled enough research for civilians to use encryption. In the late 1960s, IBM chairman Thomas Watson, Jr set up a cryptographic research group. This group, led by Horst Feistel, developed a private key encryption method called Lucifer, which was used by Lloydâs of London to protect a cash-dispensing system. The success of Lucifer prompted IBM to make it available for commercial use. The team formed for this purpose was headed by Dr. Walter Tuchman and Dr. Carl Meyer, who tested the cipher and fixed the flaws they found in the method. By 1974, the cipher was ready and available on a silicon chip. However, IBM was not the only company to make ciphers available commercially. Other companies made other codes available, but there were some problems associated with all these ciphers:
The kind of cryptography used in earlier days and in the code and cipher techniques such as the Caesar Cipher and Vernam Cipher is called private key or secret key cryptography. The term private key is used because this technique implies that both the sender and the receiver of the message have a key that must be kept private. Private key cryptography makes use of the same key on both the sending and the receiving end and is therefore also referred to as symmetric cryptography. Whenever you want to communicate with someone using these methods, you must give the cryptographic key to the person with whom you want to communicate. The process of exchanging the cryptographic key is referred to as key distribution and can be very difficult: The key is the secret to breaking the cipher text; if there exists a really secure method of communicating the key, why isnât that method used to communicate the message in the first place? For many years, the key distribution method used by the United States government was to place the keys in a locked briefcase, which was handcuffed to a courier. The courier would board an airplane and would be met at the destination country by an official from the U.S. embassy and taken to the embassy. The cuffs would be removed at the embassy, and the keys were then available to decipher diplomatic messages. The courier did not have a way to remove the cuffs or open the briefcase. If the bad guys caught the courier, the diplomats in the United States would know about it and would not use those particular keys to encrypt messages. Private Key Algorithms There are several popular private key algorithms. We will briefly describe just a few of them:
Most successful secret key encryption techniques use a simple set of functions and procedures to convert the plaintext into cipher text. The concept of block encryption is very commonly used for this purpose; it involves the use of a block or a group of bytes for encryption purposes instead of a single byte or character. Each block can be operated on by any combination of several processes. The final cipher text can be generated by applying the following processes during several iterations or rounds of encryption:
A very popular method for performing simple encryption is the XOR function. The Exclusive OR function is used to indicate that if there are two conditions (say conditionA and conditionB), then either conditionA is true or conditionB is trueâbut not both. The complete set of possibilities for two values being XORed and their result is as follows: Code: XOR(0,0) = 0 A popular method of implementing a substitution function is to use a construct referred to as a substitution box, or an S-box. The S-box function takes some bit or set of bits as input and provides some other bit or set of bits as output. It makes use of a replacement table to perform the conversion. These reference tables can map more than one input to the same output. As a result of this truth, a hacker cannot take the output from an S-box and figure out which of the many inputs may have been used to generate the output. Using Expansion Permutation The expansion permutation takes a block of data and expands it into a set of overlapping groups; each group may be small compared to the original block. Suppose that we have a block of 24 bits; we can perform expansion permutation to convert it into a block of 36 bits as follows:
Using Encryption Rounds Encryption algorithms become more complex and secure at the same time by using different encryption techniques one after the other. However, it is important to use different techniques in different rounds. For example, if you use substitution (or iteration) during the first round of encrypting plaintext, and use substitution again on the cipher text in the second round (even if the substitution characters are different in the two rounds), the resultant cipher text is no more secure than using just one round of substitution. In fact, even if you use a thousand rounds of substitution, the security is the same as using one round because there is always a one-to-one mapping between the plaintext and the final cipher text. A much more secure encryption can be obtained by using one round of substitution followed by a second round of permutation. Popular encryption algorithms make use of 8 or 16 different rounds of encryption techniques. Public Key Cryptography Public key cryptography is also referred to as asymmetric cryptography and is the result of a mathematical breakthrough that occurred in 1970. Unlike symmetric key methods that use a single key for encryption and decryption, asymmetric methods make use of two keys: a secret key and a public key. The public key is used to encrypt the message and the secret key is used to decrypt the message. The receiver has the secret key that should be protected. A mathematical process can be used to generate the two keys that are mathematically related. The goal of public key cryptography was to eliminate the biggest problem of private key cryptography of key distribution. Several techniques have been identified in the domain of public key cryptography over the years. These techniques are described in the following sections. Ralph Merleâs Puzzle Technique Ralph Merkle has published his work in Communications of the ACM, a premier computer science journal. He said that his work was âsecure communication over insecure channels.â The basis of his communication approach involves the use of puzzles. To understand this method, assume that John and Jane want to communicate with each other over a channel that is known to be insecure. John first creates a large number of encryption keysâsay a million keys. John then places the keys in puzzlesâone key per puzzle. Each puzzle takes a couple minutes to solve. John sends the puzzles to Jane, who chooses any one of the puzzles and its associated key. Using this key, Jane encrypts a message and sends it to John. John now figures out the key Jane chose based on his list of keys. Future communications between John and Jane occur using this key. An eavesdropper will be aware of the puzzles going back and forth but will take an extremely long time to figure out the exact key. In simple words, John creates a very large number of keys and âenvelopesâ or hides the keys in some âcoverââone key in one envelopeâand sends these envelopes to Jane. Jane randomly picks any envelope and therefore one key, encrypts a message using that key, and sends the message to John. John can figure out which key was chosen because John has all the keys. This key then becomes the key for future conversations. Diffie-Hellman Multiuser Cryptographic Techniques A paper called âMultiuser Cryptographic Techniquesâ was published in 1975 by Whitfield Diffie and Martin Hellman. Their cryptographic techniques used the concept commonly used now in public key cryptography. The basic idea of this strategy was that it should be possible to encrypt a message using one key and decrypt the message using another key. Several suggestions were made to Diffie and Hellman about how this could be achieved, including the following:
The RSA technique is one of the most powerful encryption methods known. It is used as the public key system in PGP (Pretty Good Privacy). RSA makes use of any publicly available key to encrypt the information, but the decryption can be done only by the person who holds the matching secret key. RSA can also be used as a digital signature system. The biggest problem with the Diffie-Hellman method is that the two participants must communicate actively. This may not be possible in email communication between two people who are not necessarily actively conversing. In 1976, three professors in the computer science lab at MITâRonald Rivest, Adi Shamir, and Len Adelmanâstarted working on the proposition made in the Diffie- Hellman paper, âNew Directions in Cryptography,â to find a practical multiuser cryptography system. After several months of research, they were about to conclude that such a public system was not possible. Then, in 1977, they realized a basic fact: It is very easy to multiply two prime numbers to get a large composite number, but it is difficult to take that composite number and find its prime number components. The outcome of this research is the technique simply referred to by the initials of its three inventors: RSA. This method is better than the Diffie-Hellman key exchange method because it does not rely on active participation between the person performing the encryption and the person performing the decryption. To understand how RSA works, hereâs an example described in Bruce Schneierâs book, Applied Cryptography. The steps to effectively use RSA are as follows:
Now a user who wants to encrypt and send some information to us can use Z and E to encrypt the data. Suppose that someone wants to send us the number 688. To do so, theyâd perform the following calculation: 68879 mod 3337 = 1570 We would receive the number 1570 and decrypt it as follows: 15701019 mod 3337 = 688 The security of RSA depends on the following:
The following code segment shows a simple implementation of the sieve algorithm that can be used to check whether or not a particular number r is a prime number: Code: int primes[100]; // âprimesâ is an array used to store the prime numbers generated. |
|||
12-29-2011, 09:14 AM,
|
|||
|
|||
RE: Encryption - Part1
Awesome tutorial!
|
|||
« Next Oldest | Next Newest »
|
Possibly Related Threads... | |||||
Thread | Author | Replies | Views | Last Post | |
Encryption - Part 2 | RazorDOX | 0 | 2,296 |
01-01-2011, 10:32 PM Last Post: RazorDOX |
Users browsing this thread: 1 Guest(s)