|[Home] [Credit Search] [Category Browser] [Staff Roll Call]||The LINUX.COM Article Archive|
|Originally Published: Tuesday, 26 October 1999||Author: Quentin Cregan|
|Published to: enchance_articles_security/Advanced Security Articles||Page: 1/1 - [Std View]|
This article will cover the general topic of cryptography and the basic concepts behind encryption.
Commonly used terminology during this article:
Even in its most common form, encryption is regarded as complicated, Encryption requires two common things an encryption method and a key. Put simply an encryption method is a mathematical routine to convert the plaintext to the ciphertext. The routine can be as easy as taking the ASCII value of the characters and joining them together with a period. A key is perhaps a variable on that period.
The simple method you’ve seen before is of no logical use because the cipher is so easily broken by brute force. Delving a little deeper will require knowledge on Boolean logic and general mathematical concepts. If you are familiar with Boolean logic please skip the next section.
0 = FALSE 1 = TRUEExamples of logic symbols
AND = ^ OR = v NOT = ~ XOR = +
P ^ Q Statement is true if P is true AND Q is true, else FALSE
P v Q Statement is true if P is true OR Q is true or both are true
~P If P=TRUE then statement equals FALSE
P XOR Q Statement is TRUE if either P or Q is true but not both
Most encryption methods use XOR to gain ciphertext from the plaintext and the key. A quick and easy routing using XOR is as follows.
Plaintext: hello Key: 010101010 ASCII representation of first letter h: 011011011
011011011 XOR h 010101010 key ------------- 001110001 ciphertext of value ‘h’
This is of course continued until all values of ‘hello’ have been XOR’ed with the respective key. To decrypt the ciphertext, the other party must know the key combination. Then using XOR, the cipher can be converted to plaintext again.
001110001 XOR ciphertext (unknown value) 010101010 key (known only to receiving party) ------------- 011011011 original message value ‘h’
The method described above is a basic understanding of how single key encryption works.
Public key encryption
Single key encryption is flawed because of the reliance of both parties knowing the key. If Alice were to send Bob and encrypted message using the single key encryption method, she would also have let Bob know the key to decrypt the message. The transfer of the key could jeopardise the security of the message because another party could intercept the key and decrypt the message.
Public key encryption consists of a public and private key. Each individual must have both of these and usually the public key is made accessible to everyone. In its simplest form, if Alice wants to send Bob a message, she encrypts the message using Bobs public key. She then sends the ciphertext to Bob and Bob then decrypts the message using his private key. Once Alice encrypts the message, she cannot decrypt it using Bob’s public key, nor can she use her public or private key to decrypt it.
PGP, Pretty Good Privacy is perhaps the most popular form of public key encryption. Check it out at http://web.mit.edu/network/pgp.html
Public key authentication
Using this system, it is possible to masquerade as someone else and that is where public key authentication comes into play. Alice sends an encrypted message to Bob using his public key, but he wants to know if whom he received the message from is actually Alice. To prove this, Alice encrypts a message with her private key and sends it to Bob. Bob can then decrypt the message using Alices public key. If the decryption works, Bob can definitely prove that the sending party holds the private key.
More to come… The next section will cover DES Block ciphers and the latest in Quantum encryption.