Cryptography


"It is insufficient to protect ourselves with laws; we need to protect ourselves with mathematics."
Bruce Schneier


Cryptography, Crypto for short, is the science or study of techniques used to secure communications from third parties, that is done encrypting the messages in such a way that only those who have the right key will be able to decrypt them.

To encrypt a message some kind of mathematical operation, known as ‘cipher’, is applied that will turn it into something unintelligible until it’s decrypted using the right key.

In the past those ciphers were replacing certain characters by others using a pre established  displacement, for instance ‘ROT13’ added 13 to each letter, or the ‘Caesarian Shift’ that allowed to  add any value. You can see more of these simple methods HERE

The problem with those simple methods is that third parties could very easily discover the key and  thus the message analysing the structure, length and character distribution of it.
The science and study of the techniques to understand and decipher encrypted messages without the corresponding key is called  ‘Cryptanalysis’.

The strength of a cipher is due the underlying math and the use of extremely big numbers, the best mathematicians in the world work creating new algorithms and analysing existing ones looking for weaknesses, so forget about creating new ciphers, just use the ones that have demonstrated to be  secure during years of use.

Symmetric and Public-key ciphers

Symmetric ciphers
A symmetric cipher is one that uses the same key both for encrypting and decrypting a message. Some examples are DES, AES or Blowfish.
Sometime you’ll see the algorithm accompanied by a number, for instance AES-192 or AES-256 the  number specifies the length of the key in bits, so AES-256 would use keys of 256 bits in length.

A bit is the minimal unit of information you can store in a digital device, it represents a 1 or a 0. A  computer can represent a character using 8 bits, so using 256 bits would be like having a 32  characters key. This is an oversimplification, but just to give you an idea of the key sizes.
Increasing the key sizes makes the possible combinations grow exponentially, each extra bit  duplicates the amount of possible combinations.

Public-Key ciphers
The problem with symmetric ciphers is that you need a secure way to exchange the key used to encrypt the messages, and that key should be changed often to avoid it being compromised.

Public key cryptography works using two different keys, in reality two parts of the same one. One is the “private key”, that key is never shared with anyone, and will be used by its owner to decrypt the messages received and sign messages.
The other is the “public key” that should be widely distributed and it will be used to encrypt  messages that just the owner of the private key will be able to decipher, it also can be used to validate a digital signature.

Public key ciphers are also known as asymmetric ciphers.

In 1978 Ron Rivest, Adi Shamir and Leonard Adleman from the MIT published the first publicly available asymmetric cipher, called RSA.

RSA is based on factoring extremely big prime numbers, problem that is extremely time consuming and impossible to solve in a reasonable time lapse with current technology, quick calculations suggest that brute forcing it would take more time than the age of the universe.

Since 2004 asymmetric ciphers started using Elliptic curve mathematical problems instead of prime factorization, the advantage is that they provide the same level of security but using way smaller key sizes, reducing the computational cost required when the right key is available but still being  impossible to solve without it.

Hybrid ciphers
Public key ciphers computational cost is very high so working with big messages would take a lot of time or be prohibitive, that’s why hybrid cyphers were created.

In an hybrid cipher the message is encrypted using a symmetric cipher and the key used is then encrypted with a public key cipher.

Hash functions

A Hash is function that given an input of any size will generate a fixed length output, called digest. They are not ciphers because they are only one way, there is no reverse operation that given a hash will give the original input.

A hash also has as characteristic that a minimal change in the input will produce substantial changes in the output, they have an even distribution and is almost impossible to have collisions, that is that two different inputs will generate the same output, so if two inputs have the same digest you can be sure they are equals.

Examples of hash functions can be MD5, SHA-1 or SHA-256.

Cryptographic signatures rely on hashes to be sure that the message isn’t modified, we will talk about this with more detail later.

There are many other uses of hash functions, one key use is to store passwords, so even if some attacker can read it, he won’t be able to know it without having to brute-force all the possible combinations, task that could be extremely time consuming and if the password is strong impossible with current technology.

Cryptography practice

Crypto relies heavily on math, you don’t really need to understand it very well, I don’t, but is nice to have an idea of the principles behind it.

The practice for this week is to take a “Journey into cryptography” by the Khan Academy, they have many short videos where they will explain in more depth and better than I would what is cryptography and the principles behind it.

It would be nice if you finish at least until the “Modern Cryptography” section. If you complete the journey until that point you’ll learn about ancient cryptosystems, how the enigma machine worked, what is a prime number, how RSA works and a lot more.

If you’re feeling really motivated and decide to continue past that point you’ll start delving into more details of the mathematical principles that make crypto possible.

Some lessons include programming problems, if you want to try them better, if you don’t don’t worry, just watch the lessons and that will be more than enough for our goals.

Next Friday we will learn about PGP/GPG and start using it to encrypt our messages.

To start the journey into cryptography follow this link:
https://en.khanacademy.org/math/applied-math/cryptography

No comments:

 
hit counter script