Cryptography - Communication and Distributed Systems

advertisement
Cryptography
Abstract
Cryptography has always been an important task. The main goal of every
cryptographic activity is Data Security (e.g. “hiding messages from unauthorized
eyes”). Cryptography encodes messages in such a way, that only the sender and the
receiver can understand them. One famous story, if not the most famous story, about
cryptography is the break of the ENIGMA-Code in World War II. The British MI6
made an enormous effort to break into ENIGMA – with success by the way. Some
estimations say, that without this, the end of the war would have been at least six
months later… Cryptography, or “Crypto Analysis” if we’re talking just about
“breaking codes”, is an interesting research area, in particular for military purposes,
obviously.
Today, cryptography has its place not only in the army, but also in the civilian sector:
With the upcoming mainframe computers in the seventies and with the personal
computers in the eighties, cryptography has become available to everyone. Nowadays
an ordinary PC can produce codes of such complexity, that the most powerful
supercomputer, using the best available attack algorithms, would not break them in
millions of years! Cryptography is used to secure telephone, internet, and email
communication and to protect software and other digital property. Generally: to keep
privacy in the bad world of communication. So, it is possible to communicate,
without someone listening and understanding what you are saying…
This paper gives only a short introduction to basic cryptography and it is (really) far
away from being complete. For further information, please consider the literature
below.
Introduction to Cryptography
First thing you really need in order to do cryptography (e.g. encryption, decryption) is
a cryptographic algorithm. “Do I need a computer?” you may ask. It depends on the
algorithm and its complexity, but most generally the answer is “yes, you need one”!
There are algorithms that could be used by hand. But the question is: Why would you
do that? You surely don’t want to spend a week or two to encrypt a message until you
can send it, or do you?
Today, we know many cryptographic algorithms. RSA, DES, 3DES, Blowfish, AES
are just the names of a few. You will find some further details on some of these in the
next chapter.
Cryptographic algorithms, also called Ciphers, are classified as either symmetric or
asymmetric.
Symmetric Ciphers (Secret-Key-Ciphers)
Classical (symmetric) algorithms, such as DES, are based on a common secret key for
both, encryption and decryption. This is the reason why this scheme is also called
“Secret-Key”-Scheme:
Figure 1
As all cryptographic algorithms, symmetric ones have their strengths and weaknesses,
too. Their strengths include especially fast encryption/decryption. However, their
weaknesses include the need for a separate (secure) channel for key transfer, and the
need for very complex key management. Especially the key transfer is a big problem:
You need a secure channel to build up another secure channel?? Why you don’t just
use the first secure channel? … Good question!
Asymmetric Ciphers (Public Key Ciphers)
Asymmetric ciphers are based on principles that differ to those governing symmetric
ones in the following ways:
 The encryption key is different than the decryption key.
 The decryption key cannot be calculated from the encryption key (i.e. it is a
one-way function).
Such a scheme is also called a “Public-Key”-Scheme, because the encryption key is
made public. This way, a complete stranger can use the encryption key to encrypt a
message, but only someone with the corresponding decryption key can decrypt the
message. The encryption key is called the Public Key, and the decryption key is called
the Private Key. Opposing to the Secret-Key-Cryptography, the pool of good PublicKey algorithms is far smaller. Today, the best-known and also most used asymmetric
cipher, is RSA, which we will discuss later.
Asymmetric ciphers provide secrecy by having the sender use the receiver’s public
key to encrypt the data, while only the intended receiver, using his private key, can
decrypt the data and use it (Figure 2).
Again, asymmetric ciphers offer both, strengths and weaknesses. Their primary
weakness is that encryption/decryption is relatively slow, involving intensive
computations. Their strengths include:
 Fewer security issues in key transfer (all public).
 Simple key management (N users  N public keys).
Symmetric and Asymmetric ciphers are useful, and both have strengths and
weaknesses. Thus, what would be closer than to combine the strengths of these two
schemes and avoid their weaknesses? What we then get is a Hybrid Scheme. Please
see the exercises & solutions for more details on Hybrid Systems!
Figure 2
Examples of Cryptographic Algorithms
In this chapter, we will discuss the basic ideas of three cryptographic algorithms:
ROT13, DES and RSA.
ROT13
If we’d ask you to “invent” a cryptographic algorithm in three minutes, almost surely
it would be that one, or at least, kind of that one! Let’s go into detail: ROT13 is a
simple substitution Cipher. All you have to do is just replace each plaintext character
by the character thirteen to the right modulo 26. So, “A” is replaced by “N”, “B” is
replaced by “O” and so on. Every letter is rotated 13 places. Encryption of a message
twice with ROT13 restores the original text:
P  ROT 13( ROT 13( P))
It is obvious, that this is not a very secure encryption. Simple substitution ciphers can
easily be broken, because the cipher does not hide the underlying frequencies of the
different letters of the plaintext. Indeed, ROT13 is not used to secure communication
paths. It is often used on Usenet to hide offensive text or just to make a simple puzzle
a little bit harder to solve. Implementations of this algorithm can be found at [4].
DES (Data Encryption Standard)
DES stands for “Data Encryption Standard” and it was developed in the 70ies by
IBM. Later (1977), it was certified by NIST (US National Institute of Standards and
Technology). Since then, DES is what its name implies: the standard for symmetric
encryption. DES is a combination of three operations:
 XOR-Operation
 Permutation (order of a bit sequence is altered)
 Substitution (a bit sequence is replaced by another)
DES encrypts blocks of 64 bits using a 56 bit key. After an initial permutation of the
64-bit block of plaintext, the block is divided into two blocks of 32 bit (L and R).
What follows then, is 16 times the same sequence, also called the 16 rounds of DES
(Figure 3):
 applying a function  on L
 the result will be XORed with R and stored as the new L
 the old L becomes the new R.
(this happens 16 times, as mentioned)
After these 16 rounds, there will be a final permutation. Et voilà, we have our 64-bit
ciphertext.
Figure 3
The really important thing happens in the function . In every DES round, another
part of the key is used by  to produce the encryption.  is a relatively complex
function. The literature will give you further information on this. But the basic ideas
of DES should have been made clear. To decrypt, a message passes exactly the same
algorithm. The only difference is that the key is reversed.
DES is considered as very secure, but it has its weaknesses. Today’s multi-million
dollar computer hardware is able to compute the key in a finite amount of time. DES
However, there is a new algorithm at the horizon: AES. AES is even stronger than
DES and it surely will be the new standard for symmetric encryption.
RSA
RSA is based on one important mathematical phenomenon: the difficulty of factoring
large numbers. RSA is a member of the asymmetric encryption algorithms. The public
and private keys are derived from a pair of large (min. 200 digits) prime numbers, p
and q . Keys are generated as follows:
1. Compute n = pq and z = (p-1)(q-1).
2. Randomly choose the encryption key e, such that e and z are relatively prime.
3. Choose a decryption key d, such that ed mod z = 1. In general, d is calculated
with help of the Euclidean algorithm.
Key generation is now completed. The public key is defined as <e, n> and the private
key as <d, n>. The two prime numbers p and q are not longer needed and should be
discarded. To encrypt a message m, compute c = me mod n. For decryption use m = cd
mod n.
RSA is extremely slow compared to DES. In hardware, RSA is about 1000 times
slower than DES and in software about 100 times.
The security of RSA depends wholly on the problem of factoring large numbers. With
today’s factorial algorithms it would take millions of years to compute the private key
from the public key and the encrypted message. As long as there cannot be found a
better factorial algorithm the encrypted message is safe.
Literature
[1]
[2]
[3]
[4]
[5]
Bruce Schneier, “Applied Cryptography”, John Wiley & Sons Inc., 1996
Friedrich L. Bauer, “Entzifferte Geheimnisse”, Springer 1995
Klaus Schmeh, „Kryptographie“, dpunkt.verlag GmbH 2001
Implementations of ROT13, http://www.miranda.org/~jkominek/rot13
International PGP Home Page, http://www.pgpi.com
Exercises
1) Complete key search
A complete key search is a method to find a key out of an encrypted message. It is
also called a “brute force attack”, because the message is decrypted with every
possible key. The result is a (very large) pool of potentially correct plaintext
messages. But just one of them is the correct one!
How long would it take to do a complete key search on a DES-encrypted message?
(Assume the decryption of a message with a certain key takes 1s.)
Answer:
DES works with a 56-bit key. So you have to try 256  7  1016 keys.
7  1016  1s  7  1010 s  2  103 years
This is surely not the best way to break DES, but the simplest!
2) Why is symmetric encryption still used?
Answer:
Symmetric encryption is much faster than asymmetric encryption and in general
easier to implement. There are good symmetric encryption algorithms that are not
patented. RSA in contrary is patented in the US.
3) Give two scenarios where you would use symmetric encryption.
Answer:
 HD encryption
 Encrypted network session
Symmetric encryption is used where large amounts of data have to be encrypted and
decrypted and where both parties already know the secret key or where the secret key
can be exchanged through a secure channel.
4) How would you exchange the secret key of a symmetric encryption?
Answer:
A secure channel is needed. Thus you could encrypt it with an asymmetric encryption
algorithm. The combination of asymmetric and symmetric encryption in such a way is
known as hybrid system:
The whole stream of data is encrypted with a symmetric scheme. Thus, you can profit
from the fast encryption and decryption. It is obvious, that you cannot transmit the
key to decrypt the data over the same channel… at least not in plaintext! This is where
asymmetric encryption comes up. The key is encrypted with the receiver’s public key.
Because the key is far smaller than the actual data, there is not much time loss using
an asymmetric algorithm.
5) Give two scenarios where you would use asymmetric encryption.
Answer:
 Password encryption
 Email encryption
Asymmetric encryption is used where there is no safe secure channel to transfer the
key. Messages are relatively short.
Download