Encryption by George Hernandez

Intro

Cryptography ("secret writing") is the study of message secrecy. A major subtopic of cryptography is encryption, the field of encoding data so that it can only be decoded by authorized parties.

A cryptosystem is a system for encrypting original data (aka plaintext) into seemingly illegible data (aka ciphertext), and the decryption of ciphertext back to plaintext. Most cryptosystems involve an algorithm (aka cipher) which translates between plaintext and ciphertext by the use of a key. The cipher is usually public knowledge but the key is known only to the sender and/or recipient.

Cryptography is technically distinct from the popular usage of secret codes. Coding deals with encoding plaintext and decoding codetext, whereas cryptography deals with encrypting plaintext and decrypting ciphertext. More importantly coding works at a high level, the level of meaning (EG: "the ice is slippery" means "begin the project X"), while cryptography works at a low level, the level of letters or bits.

Cryptosystems can be sorted by their usage of keys:

Symmetric keys use the same key to encrypt and decrypt. Symmetric keys are roughly 1000 times faster than asymmetric keys.
Asymmetric keys use different keys (aka a key pair). The term public key is used because one key of the pair is public and the other is private. The two keys are related mathematically but it is difficult do derive one from the other.

A good cryptosytem is resistant to cryptoanalysis, the field of breaking ciphertext. A key is usually fairly large so that trial-and-error (aka brute force) methods cannot be used to guess the key. A brute force method that uses common values is called a dictionary attack.

Cryptography ciphertext usually looks like it has an encoded message. On the other hand, steganography is cryptography that hides a message in something that does not appear to be a message. This can be as simple as putting a light in a window or by modifying the bits the data file of an ordinary looking picture.

The three basic goals of cryptography are:

Confidentiality. The data cannot be read by unintended readers.
Data integrity. The data cannot be altered.
Authentication. The reader knows that the sender is who they say they are.

While it is practically impossible to hide secrets through software alone, three basic techniques are used to hide secrets via software:

Hiding or obscurity. The user(s) must know where the secret is. This can be places like source code, configuration files (EGs: .ini and .config), Windows registry, IIS metabase, Universal Data Link (UDL), and custom files.
Access control. The user(s) must be identified and must know another secret in order to get the secret.
Encryption. The secret is encrypted or undreadable at all (hashed) or unreadable without knowing another secret.

Other software measures can be taken:

The secret should have minimal power. EG: If a the secret is a connection string, the login should have minimal permission.
Secure data transmission. Usually Internet Protocol Security (IPSec) or Secure Sockets Layer (SSL, i.e. https).
Pre-encrypt data prior to transmission.

Hashing

A hashing algorithm (aka a hash function, a message digest, a fingerprint function, or a compression function) takes a variable length string and converts it into fixed-length value or key (aka a hash). EG: Changes "hello world" into "g8f4".

Hash functions are one way in that the string can be converted into hash, but not the other way around, ie you cannot reverse-engineer from a hash to plaintext.
Hash functions should have low collision rates , i.e. it should be difficult to make strings that make the same hash.
Hash functions should have an avalanche effect , i.e. a small change in the text should result in a large change in the hash.
Hash functions should not be predictable , i.e. if a change is made to plaintext, then it should not be easy to guess the change in the hash.
Hash functions should be fast. This is probably the largest distinction between making hashes versus making ciphertext.

Sometimes hashes are used because the hash value is more efficient to handle than the string (EG: A SSN instead of a name). Sometimes hashes are used to disguise data (EG: Passwords should be stored as hashes instead of just plaintext).

MECP (Microsoft Enhanced Cryptographic Provider) and MBCP (Microsoft Base Cryptographic Provider) support three hash algorithms:

MD4 . Developed by Ron Rivest. Makes 128 bit hashes.
MD5 . Developed by Ron Rivest. Makes 128 bit hashes with improvements over MD4.
SHA (Secure Hash Algorithm). Developed by NIST and NSA. SHA-1 makes 160 bit hashes, but there are these variations too: SHA-224, SHA-256, SHA-384, SHA-512.

Here are some simple hashing methods:

Character Rearrangement . Good for hashing strings or integers of known length. Break up the characters into groups and rearrange in a consistent format. EG: 123 456 would hashed as 456 123 or 654 321.
Division remainder . Good for hashing numbers of a known integer range. Divide each number by n where n greater than equal to the largest value. EG: For the series 1, 2, 3, ...6, hash it as 1/7, 2/7, 3/7, .... 6/7.
Radix Transformation . Good for hashing positive integers. Find the equivalent of each number for a number system with a different radix (base). EG: 153 decimal can be hashed as 99 hexadecimal.

Symmetric Keys

Block ciphers encrypt plaintext in n bit blocks, using a k bit key, into 1 of 2ⁿ permutations: M_nE = E(M_nD, k) = 1 of 2ⁿ permutations. Decryption uses the same k bit key: M_nD = D(M_nE, k). Plaintext in a variety of lengths can be encrypted via padding to n bits or by concatenation-like modes of operation or both.

AES (Advanced Encryption Standard, aka Rijndael) was developed by the U.S. government and adopted by the NIST in 2001. AES supports 128, 192, and 256-bit keys, while true Rijndael can be specified with key and block sizes in any multiple of 32 bits, with a minimum of 128 bits and a maximum of 256 bits..
DES (Data Encryption Standard) is the most popular symmetric key method. DES has been a worldwide cryptographic standard since 1976. DES was developed by IBM by the request of the National Bureau of Standards. DES keys are 56 bit numbers. DES is implemented in Microsoft by MECP.
RC2 was developed by Ron Rivest for RSA Data Security, Inc. RC2 has variable length keys. MECP implements RC2 as 40-128 bit keys, in 8 bit increments, with 128 bit as the default. Note that MBCP implements RC2 as 40 bit keys.
Triple DES uses three 56 bit keys. Triple DES is implemented MECP.
Triple DES with 2 keys uses two 56 bit keys, but applies the first key a second time. Triple DES is implemented MECP.

Stream ciphers encrypt plaintext a bit or a byte at a time.

RC4was developed by Ron Rivest in 1987. RC4 is implemented by MECP and MBCP in the same way as RC2.

Asymmetric Keys

Usually asymmetric keys utilizes public encryption keys and private decryption keys so as to verify the identity of the receiver as well as send encrypted messages. EG:

Romeo has a message to tell Juliet but no one else.
Romeo, like everyone else, has Juliet's public encryption key.
Romeo encrypts the message using Juliet's public encryption key.
Only Juliet's private decryption key can decrypt messages encrypted by her public encryption key.
Only Juliet can read Romeo's message.

In actuality, asymmetric keys are 1000 time slower than symmetric keys. More commonly a hybrid key system is used: asymmetric keys are used to send just a symmetric key, which is then used to send encrypted messages. EG:

Romeo and Juliet have messages for each other and no one else.
Romeo, like everyone else, has Juliet's public encryption key.
Romeo makes a random symmetric key (aka short key, session key).
Romeo encrypts the symmetric key using Juliet's public encryption key.
Only Juliet's private decryption key can decrypt messages encrypted by his public encryption key.
Juliet and Romeo now have the symmetric key and they can use to encrypt and decrypt messages.

Sometimes the encryption key is private and the decryption key is public so as to verify the identity of the sender as well as send encrypted messages. EG:

Apple has messages to tell Gus and wants Gus to know they really came from Apple.
Apple encrypts messages using Apples private encryption key.
Gus, like everyone else, has Apple's public decryption key.
Only messages from encrypted by Apple private encryption key can be opened by Apples' public decryption key.
Gus is sure the message came from Apple.

Once again a hybrid key system is used. Asymmetric keys are used to send just a hash of the message, while the message is sent unencrypted. This combination verifies the identity of a sender and, although the message is unencrypted, the receiver is sure that the message was not tampered with. EG4:

Apple has a message to tell everyone and wants everyone to know it really came from Apple.
Apple makes a small one-way hash of a message, ie a hash unique to the message.
Apple encrypts just the hash using Apples private encryption key, ie makes a digital signature .
Apple sends the digital signature and the message to everyone.
Everyone has Apple's public decryption key.
Everyone receives the digital signature and a message.
Everyone is sure the hash via the digital signature came from Apple.
A hash function is performed on the message and it matches the hash via the digital signature.
Everyone is sure the message came from Apple and that it has not been tampered.

The most popular version of public keys is PGP (Pretty Good Privacy). PGP was developed by Philip R. Zimmermann in 1991. PGP comes in two versions, both of which are available as free and commercial versions:

RSA (Rivest-Shamir-Adleman). This the most popular public key algorithm.
- Uses the IDEA cipher to make session keys.
- Uses the MD5 hash function to make digital signatures.
- Public keys are based on a "modulus" (the product of 2 prime numbers). MBCP implements RSA with a 512 bit modulus. MECP implements RSA with 384- 16,384 bit modulus, in 8 bit increments, with 1024 bits the default.
DH (Diffie-Hellman).
- Uses the CAST cipher to make session keys.
- Uses the SHA hash function to make digital signatures.

Certificate Authorities

In order for public keys to work, we the public must trust that the public key is actually tied to who we think it does. A public key is known in this context as a digital certificate or digital ID. The public can verify the digital certificate by checking it against the CA (Certification Authority) that issued the digital certificate. EG: Network Associates (www.NAI.com) maintains an LDAP/HTTP server for PGP public keys. Verisign is also extremely popular.

A digital certificate usually has more information than just the public key. Many digital certificates conform to the X.509 protocol which has this structure:

Version. The format of the certificate.
Serial Number. Unique in the CA's database.
Signature Algorithm.
Issuer Name. The CA.
Period of Validity.
- Not Before Date.
- Not After Date.
Subject Name. Who the certificate is for.
Subject's Public Key
- Algorithm.
- Public Key.
Extensions
Signature. The CA's digital signature.

CAs also maintain list of digital signatures that have valid dates but have been revoked.

S/MIME

S/MIME (Secure Multipurpose Internet Mail Extensions) is the most popular method for securing email. S/MIME was developed by RSA Data Security, Inc. (www.RSA.com).

Email can be sent as:

Enveloped Mail . This ensures that only the intended receiver can open an encrypted message, ie the second way that Romeo sent his message in my examples.
Signed Mail . This ensures the identity of the sender and that the message was not tampered with, ie the second way that Apple sent its message.
Enveloped and Signed .