Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Standard view
Full view
of .
0 of .
Results for:
P. 1
A Cryptography Primer

# A Cryptography Primer

Ratings: (0)|Views: 10|Likes:
A high-level overview of what cryptography is, how it works, and what the major kinds are. "Crypto for dummies", essentially.
A high-level overview of what cryptography is, how it works, and what the major kinds are. "Crypto for dummies", essentially.

### Availability:

See more
See less

07/01/2014

pdf

text

original

A Cryptography Primer
The word Cryptography comes from the Greek words
cryptos
(hidden) and
graphos
(written). Thus, even from the word itself we find a strong hint as to its meaning. Astrict definition of the word as currently used would be “the science and study of makingand using secret writing, such as codes and ciphers”.The intent of cryptography is simple – if you cannot trust that your messages will not beintercepted by a third party, then you mask the messages in such a way that others cannoteasily read them.Early methods focused more on ciphers and codes – hidden alphabets and the like. Oneof the earliest known examples was the
Caesar cipher
. In order to communicate with hisgenerals, Caesar had his messages encoded using a “shift” - i.e., each letter would beshifted down in the alphabet by a pre-arranged amount. So, for example, if the “shift”was pre-arranged to be 3, every letter “A” in the message would be replaced by a “D”,every “B” would be replaced by an “E”, and so on. In this sort of code, if you reach theend of the alphabet you simply wrap around to the beginning again. So, in our exampleabove, “X” would become “A”, “Y” would become “B”, and “Z” would become “C”.This technique is still sometimes used today, most commonly as part of a larger encryption system such as the Vigenère cipher. Modern computer systems may alsoinclude a “ROT-13” function, which is basically a Caesar cipher with a shift of 13 (half the alphabet).On consideration, you should be able to spot the weakness in the Caesar cipher. Hint:what would be the maximum number of attempts that would be required to calculate all possible shifts of a given message?Secret alphabets have also been used in the past. This could either be a mapping of letters and digits to non-standard symbols, or a remapping of the letters and digits toother, random positions in the symbol set. So, for example, A could become X, B could become J, C could become 6, and so on. The easiest way to crack these (assuming astandard set of symbols mapping 1-to-1 to English letters and digits) is via
frequencyanalysis
. It is well known that certain letters in the English language are relativelycommon (such as S, T, E, and A), and others are very uncommon in normal writtenlanguage (such as X, Q, and Z – i.e. the high-value Scrabble tiles). By counting up alloccurrences of each symbol, and then using a bit of trial-and-error, it can be possible tocrack the code without having to try every possible combination. This can be made eveneasier if the spaces between words in the original message are preserved – you then knowthat (for example) a single symbol by itself must be either an I or an A, and a two-symbol pair by itself can be one of only a handful of words (such as “is”, “as”, “or”, and “it”).Modern computers, which can perform millions of operations a second, would be able tocrack such a code in minutes at worst.There is one application of secret alphabets which is still in common use today, and iswidely considered to be impossible to break: the
. Basically, the one-time

pad is a sheet (or set of sheets) with a random, non-repeating set of symbols on it, and both parties (sender and recipient) must have a copy of the same pad. When someonewants to encode a message, they write each letter of the message under the next availablesymbol on the pad. After that, a simple combination is performed, where each letter of the original message is “added” to the symbol on the pad using their relative positions inthe alphabet, resulting in a new symbol (again, wrapping around where appropriate).For example, consider the following:Original message
WE ATTACK AT DAWN
QGJSOPEMHZIERNQAL
Encrypted result
NLJTIJFPSZJYRRRXZ
The receiving party must use exactly the same sheet as the sender, write the messageunder the same characters, and then perform an equivalent “subtraction”. Without thecode sheet from the one-time pad, the message is unrecoverable. (In this instance, wehave valued a space between words as 0, so used the one-time character as the encryptedresult.)The main problem with one-time pads is that the pads themselves must be distributed,and thus could be intercepted and copied. Additionally, if you and your messagerecipient are not using the same pads, then the message is not recoverable. Note also thata given one-time pad should only be used once (hence the name) – repeated use of thesame pad may allow the bad guys to gain enough information to determine what’s on it.Most modern encryption is math-based, using
keys
(secret numbers). A complexmathematical function is performed on the message (or on regular-sized “chunks” of themessage, called
blocks
) using the key. Encryption may be either
shared-key
(also calledsymmetric-key, and meaning that both parties know and use the same secret number toencrypt and decrypt messages) or
public-key
(meaning each party has two differentsecret numbers, one a
public key
that you can tell everyone, and the other a
private key
that should not be revealed to anyone at all).Shared-key encryption is easier to implement, but (like one-time pads) requires that thekey be sent in a secure way to prevent interception. The basic principle of shared-keyencryption is represented in the diagram below:

Since the same key is used for both encryption and decryption, it should be obvious thatif the bad guys have your key, they can read your mail. There’s another weakness in thisform of system, which may not be immediately obvious – as computers get faster, “bruteforce” attacks (in which every possible key is tried until one works) become easier. And,once your key is compromised by a brute-force attack, you have to go and send areplacement key to everyone who’s supposed to have a copy, while making sure the newkey is not intercepted by the bad guys. This is helped in part by longer keys, usuallyexpressed as the number of “bits” in a binary representation of the key. Every bit doublesthe number of possible keys, so that a 56-bit key (for example) has 2
8
(or 256) times asmany possible values as a 48-bit key (since 56 is 8 more than 48).One well-known example of this form of encryption is
DES
, more formally known as theData Encryption Standard, which was introduced as a US Government standard in 1976.DES only had a 56-bit key length, so as time went on (and computers became more powerful), it became easier and easier to break DES via brute force. A 56-bit key mayhave 72,057,594,037,927,936 (72 quadrillion) possible combinations, but when you can process billions of keys a second (as with modern parallel processing techniques), itdoesn’t take long to break even that sort of number. In response, it was strengthened to“Triple DES” (or
3DES
), which applies the encryption algorithm three times to each block in an encryption/decryption/encryption cycle. Since DES is a symmetric-keyencryption technique, using the same keys for both the encryption and decryption portions of the 3DES cycle would mean that it would be essentially the same as DES(first encrypting, then decrypting, and then finally re-encrypting the message all with thesame key). Instead, the strongest form of 3DES uses 3 different 56-bit keys, one toencrypt the message, the second to “decrypt” (which really just encrypts it more), andthen finally a third key to re-encrypt the message again.
Originalmessage(“plaintext”)Encryptedmessage(“ciphertext”)OriginalmessageMathMathKeyKey