Slashdot Mirror
Intro to Encryption
An anonymous reader submitted a Techworld story which is a sort of encryption primer. The difference between codes & cyphers, and what all those acronyms like RSA and DES actually mean. This is good primer material for newbs, and a good refresher for fogeys.
svefg cbfg!
Certificates are 1024 or 2048 bit with SSL. On the other hand, once the key is sent and shared, a 128 bit symmetric form of encryption is used. The only thing RSA is used for is sending / receiving the symmetric encryption key, yes?
Correct me if I'm wrong.
/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i
I would strongly recommend the Code Book by Simon Singh over that short article. It takes the reader from the Ceaser cipher all the way to quantum codes and is a very enjoyable read. The Codebreakers by David Kahn is also an excellent though somewhat lengthier volume
That's easy. Code is what I stare at all day, while Cypher is the jerk who betrayed Neo in The Matrix. Duh.
You have two hands and one brain, so always code twice as much as you think!
Rest assured that unless some one finds a mathematical back door that the algorithms approaching 1024bits will not be the weakest link in the security of your data (at least with hardware today). Just have a look at the key space in Distributed's RC5-72 vs. RC5-64. The key space for RC5-72 is astronomically higher than RC5-64.
Usually, the weakest link will be the user using short keys or the user using the same password on a weaker system.
The Handbook of Applied Cryptography: http://www.cacr.math.uwaterloo.ca/hac/ is a very detailed guide to some cryptographic algorithms and theories. This is not for newbies at all. For those wanting to implement a particular cipher, this book is the place to refer to. On top of everything, it is free.
...SSL and TLS, which includes an introductory that has a nice overview of encryption concepts and techniques.
The explanation of stream vs block ciphers is especially good, with nice examples showing how each technique works.
The Army reading list
If after reading the intro to encryption you are so inspired to try to crack one, I highly recommend this list:
http://www.elonka.com/UnsolvedCodes.html
Enjoy.
- tokengeekgrrl
What is the point of all these different encryption methods? No one has ever broken PGP. No one has ever broken GPG. No one has ever broken a well-protected OTP cipher (and they never will.) Why do they keep churning out new ones when the ones we have work?
**This begins my ever-changing sig
We need a -1 RTFA moderation option!
**This concludes my ever-changing sig
That's some clever way of saying "crap", right? This article is horrible, and if I was an encryption newbie all I'd be able to do after reading this article is spout acronyms.
/. front page?
Here's part of what the article says about RSA:
"Unfortunately, nothing in life is free, and so it is with asymmetric cryptosystems. Since d can be computed from e given p and q, and p and q are the factors of N, they must be chosen so large that N cannot be factorised in any reasonable time"
THE ARTICLE NEVER STATES WHAT d, p, q, e OR N ARE. Sorry for the shouting but this piece o'crap is worthy of a
John.
When I want to email with a new friend using PGP encryption, I send him my key one character at a time via snail mail using newspaper clippings. The only time this becomes a problem is when the post office laps itself and delivers more than one letter a day, or gets an earlier letter there later than a later letter, but it's the only way to be sure the key never falls into enemy hands. Of course, I don't get to email many people these days...
Fun with Inkwell | www.coo
Bruce Schneier's Applied Cryptography is another excellent resource for all you crypto-geeks out there. It goes from the basics (including the substitution cipher presented in the article) through basic crypto (ENIGMA, DES) all the way up through state-of-the-art (don't think AES was in my 1st ed., but I believe it's in there now). He talks about everything from the theoretical to the practical, hash collisions to rubber-hose cryptography.
It comes with source too! You know you love source....
Say tommorrow someone discovered an efficient technique for computing the prime factors of a composite. That would blow RSA and probably DSA out of the water - rendering most parts of PGP/GPG worthless.
Unless we have other asymetric ciphers to fall back on, then e-commerce would be wiped out.
Additionally algorithms with very low computational requirements are of particular importance since we need encryption that can run on smart cards, but cant be broken by super computers.
I'd point people here first, then to a few other links that other people have pointed out. The article linked is a bit terse for a newbie.
>>The present generation of web browsers use 128-bit keys
_ ________
>> so cannot be considered secure against a determined
>> and sufficiently well-resourced attack.
The 128-bit there is the symmetric cipher key length, RSA is
used for signature authentication and not encryption, key
exchanges occur via hand-shake algorithms ie: diffie-hellman
and derivatives there of...
a 128-bit symmetric cipher is actually very strong, for temporary
transit data ie: purchase data, cc numbers etc.
Arash Partow
_________________________________________
Be one who knows what they don't know,
Instead of being one who knows not what they don't know,
Thinking they know everything about all things.
http://www.partow.net
Arash Partow's Philosophy: Be a person who knows what they don't know, and not a person who doesn't know.
"When I find myself in times of trouble, PKZ he comes to me.
Speaking words of wisdom, 'PGP, PGP.'"
Guaranteed! This comment 100% Anthrax free!
f you just want to deter prying eyes a substitution cipher using multiple substitutions and several different substitutions schemes offers a reasonable level of encryption for virtually no computational effort. (This is the way Enigma works and after all, it did take Alan Turing to break it).
The Poles broke it, they even invented the "computers" (bombes) that automated the further breaking of it. Turing (not to diminish the contributions he made to BP) really just vastly improved on their methods and created a much more sophisticated machine to break it.
Finkployd
Random pads with truly random data is unbreakable. The few times it has been broken has been due to human error (reusing the same random data stream). The US tracked some russian spies with this, they reused pads, and we found out there was a mole in the atomic bomb program.
That said, paddign with pseudo-random data is very unsafe. Breaking this type of encryption is typically one of the first homework assignments in cryptography courses. The article is either very fuzzy on this distinction, or plain out wrong, depending on how you read it.
Factoring specifically has nothing todo with anything that can break DSA. Improvements in NFS related algorithms could however... Also we still have ECC and a few lattice algos left [NTRU anyone?]
I wouldn't worry too much about it though. While I expect new algorithms [probably not even NFS based] to be invented at some point it probably won't be tommorow.
Tom
Someday, I'll have a real sig.
If after reading the intro to encryption you are so inspired to try to crack one, I highly recommend this list...
The problem with challenges like "crack this uncracked cipher" is that the challenge is not realistic.
Most of these codes/ciphers give you no idea the process behind how they were generated. That's unrealistic: usually an analyst will have the algorithm that does the encryption (if not the key itself), either via open-source, reverse engineering of a public binary, legitimate purchase, or espionage.
Most of these challenges only give you a tiny piece of ciphertext. That's not realistic: if you're trying to break, say, SSL, you'll be able to get your hands on megabytes of transcripts, and you'll even be able to generate ciphertexts that correspond to plaintexts of your choice.
Most of these "ciphers" don't generalize to arbitrary messages. That's unrealistic. Sure, someone can design some ad-hoc cipher to encrypt the location of his buried treasure using landmarks, clever puns, and weird symbols. That's a far cry from being able to efficiently encrypt an arbitrary TCP/IP stream.
If you want to be absolutely definitely sure that no one can intercept your communication with someone then here's what you do.
1) Get 600MB of random noise data from listening for extra terrestrials from for instance SETI.
2) Burn two CD's, give one to your friend. Keep the other.
3) Encrypt your message by superimposing it on that noise at a given location.
4) send the message as well as the location with the random location that you started copying the noise from (from the CD).
This message can _not_ be deciphered if you make sure that you never reuse the same random noise. Even if you reuse it it is hard.
In addition, if you at some point expect that someone is on to you, just burn the two CD's.
At that point those messages can _never_ be deciphered. Even if you try for a billion years.
Simple.
Unbreakable.
The Internet is full. Go Away!!!
One of my favorite classes was clasical algebra. I'm always glad to see some info about encryption and how it works. Thanks guys
They didn't work well, which is why modern cryptography was born. As far as practical goes, practical is a function of necessity.
OTP has the significant shortcoming of key exchange. You have to have a method of distributing keys that will not be compromised. This is extremely hard to do.
If the book ever falls into the wrong hands, then you have to throw everyones book out, and start over. You have to have access to your agents that are inside. Are you just going to send them their new book to the Kremlin, postmark Blechley Park?
It can be done, it is inprenetrible, but has huge risks and shortcomings.
Sometimes that's not good enough. In such instances, I always rot-13 it two times for twice the security.
Cryptography Decrypted by H. X. Mel and Doris Baker is a good intro to crypto. I found it entertaining and the topics went from elementary to, uh, more than I cared to know. The appendices explaining the mathematics of crypto were interesting as well.
"If you're not passionate about your operating system, you're married to the wrong one."
It talks about the origins of crypto a little, and leads into public key encryption, a field I have been trying to learn a little more about. Much better article than the parent!
You can have my one-button mouse when you pry it from my cold, dead fingers.
This may not be too big of a problem if we just have two people who need to send a few messages to each other as long as both can keep the pad safe, but it fails horribly in other situations. For instance lets say I want to send my credit card number to some online store, but I want to make sure it is encrypted first. Lets say the store writes a random pad for us to use. How do we share it? Somehow they have to get it to me without anyone else seeing it. But if we had a known secure method of communication, we wouldn't need the pad in the first place, now would we?
Public Key encryption solves this problem by allowing the store to develop the code and send me a key that only allows me to encrypt it (it can't decrypt anything). Thus it doesn't matter if the whole world intercepts the key, all that would allow them to do is encrypt more messages. It doesn't help them decrypt anything. Of course all these codes are usually based on problems that are mathematically hard to solve. If an easy solution is found (as with knapsack cryptosystems like Merkle-Hellman), then it becomes easy to crack the codes, and thus we need to have other codes available. In addition, many decryption algorithms are very slow and thus work is done on more efficient algorithms (though slow ones like RSA actually can be sped up by only encrypting a private key with the public key scheme and using the private key to encrypt the actual message).
Hope that helps.
Mathematics is made of 50 percent formulas, 50 percent proofs, and 50 percent imagination.
Actually its not. There is an efficient algorithm out there for factoring numbers into primes. The only problem is that it requires technology (quantum computers) which doesn't exist yet, but which is on the horizon.
"And why is my article modded flamebait?!"
Because mods are jackasses.
Mathematics is made of 50 percent formulas, 50 percent proofs, and 50 percent imagination.
Over at SourceForge is a relatively new Project called Primary Cryption. Working code (for Win32/WINE) has already been released. The source code includes hundreds of lines of commentary about encryption, C programming tricks, and other stuff that you might find interesting. The logo may be of interest, too. Some discussions about it have been started at the HalfBakery and at sci.crypt.research Oh, and if you want to put some effort into figuring out how easy (or tough) it is to break the proposed encryption scheme, feel free! I'd like to know. Thanks!
Iyay etbay obodyyay ancay igurefay histay utoay!
Uggerbay, hatway oday ouyay eanmay "veryeay oneyay owsknay igpay atlinlay?"
About RSA: Current hardware means key lengths should be 1024 bits for complete security. The present generation of web browsers use 128-bit keys so cannot be considered secure against a determined and sufficiently well-resourced attack.
Firstly, directly comparing symetric and asymetric key lengths shows that the authour has no knowledge of encryption. They are not directly comparable since they are used in different ways and have different meanings.
Secondly, claiming 128-bit keys are insecure shows that the authour has no knowledge of encryption. 80-bit keys are widely considered infeasible to break.
During my army service, I was told about random number generating cards. Basic idea is very simple, use thermal noise in conductors/semiconductors as a starting point for number generation.
So if you need random numbers for encryption, try some googling, and you will find many variations on this theme - serial port based equpment; noise from sound card (low cost solution - all you need is software). There are also schemes for do-it-yourself equipment.
Unfortunately, you should be a bit reluctant to accept the idea that all these things work as advertised. Just for beginning, although thermal noise is white noise by default, it get filtered in system during the processing. Its spectrum will not be the same as it was on the origin. (I am not an expert, but I think that spectral characteristics of the signal is not a requrement for randomness, but this is still good example of possible flaw in implementation.)
If I would start using this, I would test this generators with some mathematical tools.
Also, there are encription cards. I was able to see one made by Soekris. It has hardware implementation of DES. DES is designed to be done in hardware - shifting and xoring is easy to implement in hardware. Soekris makes 486 and P5 low-consumption small sized boxes. With this card, you may make good and fast IPSec firewall that runs on 133MHz 486 (!). Unfortunately, I am not in touch with this equipment any more, but problem was that Linux driver was in alpha state (situation from 10 months ago). BSD drivers were in release state.
(One idea came to my dirty mind - how interesting this card might be for crackers?)
No sig today.
No one has ever broken PGP. No one has ever broken GPG.
Correction: No-one has ever admitted to having broken PGP or GPG. Unless you know something those of us outside the NSA don't, you can never be so sure.
Remember, the Nazi's thought no-one had broken Enigma...
---- Den ene knappen er powerknapp, den andre er Bender voice knapp "Bite My Shiny Metal Ass"
The primer seems a little overconfident about random ciphers
That's where I threw up my hands in disgust. I've never heard of a "random cipher" before. Did he mean one time pad? Those are provably unbreakable, assuming you have a good source of random numbers. Did he mean XOR the message from a cheap-ass PRNG? Unnacceptable. And why 4 bytes at a time? If it's just XOR, then 4 bytes at a time buys you nothing.
This article was written by someone who read someone else's articles, and understood about half of it.
This article makes me all warm and fuzzy inside. I'm a big advocate of encryption (especially PGP/GPG), and hopefully this article will encourage some neophytes to start using encryption (such as PGP). I'm not a paranoid geek that sits inside all day, if that's what you're thinking, by the way; I just think that a user has the right to be secure and private.
- dshaw
If it were possible to factor any prime in one month
Any prime's factors are itself and one.
</smartass>
That's it. Now, put N and e together in a file and call it your "private key", and put N and d together and call it your "public key". To use them:
In practice RSA takes too much time, so you make yourself a random key, encrypt that using RSA, and you and your recipient communicate using a symmetric cipher.
As to why ((n^e mod N)^d mod N) = n, that's where it helps to know some math. Mathweb or Wikipedia can help you, but having a bit of background in abstract algebra will help.