Slashdot Mirror


Intro to Encryption

An anonymous reader submitted a Techworld story which is a sort of encryption primer. The difference between codes & cyphers, and what all those acronyms like RSA and DES actually mean. This is good primer material for newbs, and a good refresher for fogeys.

6 of 244 comments (clear)

  1. Eric Rescorla has written a fine book... by tcopeland · · Score: 4, Interesting

    ...SSL and TLS, which includes an introductory that has a nice overview of encryption concepts and techniques.

    The explanation of stream vs block ciphers is especially good, with nice examples showing how each technique works.

  2. Comprehensive list of unsolved codes and ciphers by tokengeekgrrl · · Score: 4, Interesting

    If after reading the intro to encryption you are so inspired to try to crack one, I highly recommend this list:

    http://www.elonka.com/UnsolvedCodes.html

    Enjoy.

    - tokengeekgrrl

  3. Re:Inaccuracy in article? by cpeikert · · Score: 4, Interesting

    You're right.

    There are other glaring inaccuracies, e.g.: An increasingly important use for asymmetric encryption is digital signing. A digital signature is the reverse of public key encryption.

    This is sort-of true if you're talking about plain-vanilla RSA signatures (though even here, it's only about half-right). But in general, digital signatures have nothing to do with encryption. An encryption scheme does not always yield a useful signature scheme, nor vice-versa.

  4. Re:Inaccuracy in article? by Ann+Coulter · · Score: 3, Interesting

    I'm developing a slow but very secure RSA cipher that treats your binary data as one large number. It will take the digits of this number in base m (where m is the modulus) and salt and encrypt each digit. This produces a data block that is encrypted using only one cipher. This eliminates the symmetric hole altogether, even though that hole is rather small. My new technique has value bacause the symmetric hole is still one of the biggest holes in the entire PGP system, next to implementation specific vulnerabilities.

  5. SETI noise by 3770 · · Score: 4, Interesting


    If you want to be absolutely definitely sure that no one can intercept your communication with someone then here's what you do.

    1) Get 600MB of random noise data from listening for extra terrestrials from for instance SETI.
    2) Burn two CD's, give one to your friend. Keep the other.
    3) Encrypt your message by superimposing it on that noise at a given location.
    4) send the message as well as the location with the random location that you started copying the noise from (from the CD).

    This message can _not_ be deciphered if you make sure that you never reuse the same random noise. Even if you reuse it it is hard.

    In addition, if you at some point expect that someone is on to you, just burn the two CD's.

    At that point those messages can _never_ be deciphered. Even if you try for a billion years.

    Simple.

    Unbreakable.

    --
    The Internet is full. Go Away!!!
  6. RND number generation and encription cards by saigon_from_europe · · Score: 4, Interesting

    During my army service, I was told about random number generating cards. Basic idea is very simple, use thermal noise in conductors/semiconductors as a starting point for number generation.

    So if you need random numbers for encryption, try some googling, and you will find many variations on this theme - serial port based equpment; noise from sound card (low cost solution - all you need is software). There are also schemes for do-it-yourself equipment.

    Unfortunately, you should be a bit reluctant to accept the idea that all these things work as advertised. Just for beginning, although thermal noise is white noise by default, it get filtered in system during the processing. Its spectrum will not be the same as it was on the origin. (I am not an expert, but I think that spectral characteristics of the signal is not a requrement for randomness, but this is still good example of possible flaw in implementation.)

    If I would start using this, I would test this generators with some mathematical tools.

    Also, there are encription cards. I was able to see one made by Soekris. It has hardware implementation of DES. DES is designed to be done in hardware - shifting and xoring is easy to implement in hardware. Soekris makes 486 and P5 low-consumption small sized boxes. With this card, you may make good and fast IPSec firewall that runs on 133MHz 486 (!). Unfortunately, I am not in touch with this equipment any more, but problem was that Linux driver was in alpha state (situation from 10 months ago). BSD drivers were in release state.

    (One idea came to my dirty mind - how interesting this card might be for crackers?)

    --
    No sig today.