home |  contact
The BasicsCountermeasures

Encryption Basics


Encryption is the practice of obfuscating information while in transit or storage. This section will discuss encryption as a technique for securing confidentiality. Cryptographic techniques may be used for other purposes such as authentication, integrity verification, etc., however this section will concentrate on confidentiality.

There are two major areas on which cryptosystems are evaluated. The first is in the choice of cryptographic algorithms and techniques used in the system. Typical choices made here are algorithms such as DES, RSA, Blowfish, RC5, SHA-1, and the like. Often included in this choice of algorithm is the choice of key length. The second, and perhaps the more difficult choice is on the implementation of the cryptosystem or protocol. This includes how the encryption system will exchange key information so that two entities may not only encrypt or obfuscate the information but also decrypt or recover the original information. Here we refer to terms such as SKIP, IKE, PGP, Diffie-Helman, and others. Also, one must evaluate how the specific cryptographic tools are implemented. This includes the use of salt in password hashing schemes, storing key materials in tamper-resistant smartcards, and other practical implementation details.

The typical selling technique of an encryption system vendor or developer is to distract the buyer with discussion of the various encryption algorithms and downplay the importance of cryptosystem implementation and protocols. In reality, the importance of evaluation of the two areas are reversed. Good encryption algorithms are relatively a dime a dozen. There are many proven, available algorithms available out there. A vendor would be irresponsible to not choose algorithms and techniques with a proven track record. The difficult design decision is how to implement these disparate tools. The difficult design decisions are encountered when cobbling together a cryptosystem or protocol from these tools and materials. Also, there are many security implications when making the transition from theory to practice.

Symmetric Encryption

Symmetric or conventional encryption uses the same key to encrypt as well as decrypt. This technique is conceptually and practically straightforward. This leads to a number of benefits. Performance is relatively high. Also, the study of symmetric encryption techniques is quite thorough. The drawbacks of symmetric encryption stem from these attributes of simplicity and maturity.

There are two major aspects of a symmetric encryption system. The first is the encryption algorithm and the second is the secret key used with the algorithm. The algorithm itself is some sort of transformation that takes data, also called plaintext, and a secret key and outputs encrypted data or ciphertext. This ciphertext and the same secret key should also be able to be transformed again to recover the plaintext. The security of such an algorithm is evaluated on how much the transformation depends on the secret key to recover the plaintext. A strong algorithm should depend entirely on the key for recovery in any practical situation. It should be noted that any symmetric algorithm, in fact any keyed algorithm, is vulnerable to brute force attacks although some more than others.

The Caesar Cipher is a simple symmetric algorithm. The idea is to rotate the letters in an alphabetic message by a chosen number of letters. The chosen number is the key and the rotation operation is the algorithm. So with a key of 3, the rotation would take any 'A' in a message and change them to 'D,' any 'B' and change it to 'E,' any 'C' and change it to 'F,' 'Z' would wrap around to the beginning of the alphabet and change to 'C,' and so on. To recover the plaintext the letters are rotated in reverse using the chosen key. So for the previous example, a 'D' in the ciphertext would be rotated back to 'A.' This algorithm works correctly however it exhibits certain weaknesses. Recovery of the plaintext is not entirely dependent on the key. Because the transformation is so simple, we do not eliminate certain characteristics of the message with the algorithm. Most alphabetic messages using this algorithm, english (or latin) messages for example, exhibit certain properties. Most messages will have a large occurance of vowels in a message. Since the transformation would transform any 'E' found in the message to a particular letter in a message, this can give us insight into the key used to encrypt a message. If the occurance of 'H' is high in a ciphertext, there is a good chance that the key used was 3.

It should also be noted that the possible keys in this example are very low. There are only 26 possible keys in this algorithm. It would be pretty easy to try each one, even if by hand, on a particular ciphertext until something resembling a message appears. Once this is found, any message encrypted by a particular key can be decrypted. This relates to terms such as 'cribs,' 'unicity distance,' and other cryptanalytical concepts.

Performance of symmetric encryption algorithms benefits from this conceptual simplicity. First, the maturity of symmetric encryption techniques has resulted in a large body of research and public scrutiny that has constantly revised symmetric algorithms to perform faster in practical implementation. Standards in symmetric encryption has led to hardware implementations. Many symmetric algorithms are targeted at a particular hardware implementation such as a particular microprocessor. Normally, the transformations in such algorithms use operations that the hardware does well: rotating bits, logical XOR, etc. This performance benefit is a double edged sword. The faster an algorithm performs, the faster brute force attacks on these algorithms may be performed. The same silicon implementation that increases an encryption operation for DES can also perform the decryption operation of a key candidate in a brute force attack. Because of this the size of the keyspace often becomes the determining factor of the security of a particular algorithm after considering the soundness of the algorithm.

This look at brute force cracking should not lull us into believing that a good symmetric algorithm with a sufficiently large keyspace is foolproof. The main drawbacks of symmetric encryption do not stem from its succeptability to brute force attacks, all keyed cryptographic techniques exhibit this 'weakness.' The weakness of symmetric encryption is inherent in the use of the same key to encrypt as well as decrypt. This design necessitates sharing of the secret key. It is the process of sharing this key that is normally attacked in a symmetric system. In summary, symmetric algorithms have high performance but introduce the problem of sharing a secret key.

Asymmetric Encryption

An encryption algorithm is asymmetric if different, related keys are used to encrypt and decrypt. This attribute makes the attributes of asymmetric encryption mirror those of symmetric encryption. The benefit is the potential for strong security of keying material. Unfortunately, asymmetric techniques have relatively low performance. Some also argue that there is a looming danger in asymmetric encryption due to its immaturity compared to symmetric encryption.

In this technique a key is used to perform one operation, encrypting or decrypting, and the other key is used to perform the complementary operation. This splitting of duties makes asymmetric encryption very powerful in the fact that one of the keys, referred to as the private key, can remain known only to the owner of that key for the life of the key. There is never any need to share the key with others since any operations that a partner would like to perform with the private key holder would be done with the other key, called the public key. Because of this, one can share the public key openly without fear of the key being intercepted by enemies. If it were, the only damage that could occur would be the ability to encrypt messages to the private key holder. The private key is no stronger than a secret key in symmetric encryption of similar length. It can be brute force attacked in the same manner as a symmetric key. The pivotal difference is that a symmetric key necessarily must be shared between the encryptor and decryptor.

On the downside, asymmetric encryption is, typically, very slow. Most asymmetric algorithms depend on the properties of hard problems in mathematics. These problems are usually work intensive in one direction and nearly impossible in the other direction. This "one wayedness" is what makes most asymmetric algorithms possible. A rudimentary example being that of factoring the product of two large prime numbers. Multiplying two primes to create the product or factoring a product if you already know one of the primes is very easy. The factoring of the product knowing only the product is, however, very difficult.

Some are uneasy with the mathematical premise to many asymmetric algorithms. Most asymmetric algorithms depend on the hard problems of factoring the product of primes or descrete logarithms. With the state of the art in mathematical research, there is still no "back door" or "shortcut" to solving these problem. It must be noted, however, that it is becoming easier to solve problems such as factoring as time passes. The discovery of a radical technique or technology could shatter the foundation of many asymmetric encryption techniques no matter how unlikely.

Hashing

The general technique of hashing is widely used for many purposes. With cryptographic hashing, it is typically used for proof of knowledge or as a summary technique much like a fingerprint. Hashing takes advantage of a hash function that exhibits two important attributes. The first attribute is the production of a consistent fixed length output. The second attribute is the semi-uniqueness of that output based on a given input. The two attributes are actually at odds with one another. The fixed length of the output for a variable length input dictates that the output is not completely unique to the input. These two conflicting attributes produce another attribute of hash functions: one cannot determine the input based solely on the output. If one could do this, that would imply that each output is unique to a single input, again an impossibility given the fixed output and variable input. These attributes illustrate a difficult concept for beginners in cryptographic hashing, cryptographic hashing does not encrypt data in the traditional sense. One cannot hash a message and then de-hash a message to recover the clear text. A hash function is in fact useful because it can only be performed in one direction.

Home

Services

Partners

About Us

Contact Us
 

©2001-2003 by Itillious, Inc. All Rights Reserved.
Privacy Policy