Let's Talk Crypto
Cryptography is big part of today's information security. Hence, it is important to know at least the basics. So, let's begin with some terms and their definitions.
- Cryptography: The art and science of making secret codes.
- Cryptanalysis: Analysis of secret codes. In other words, art and science of breaking codes.
- Cryptology: Combination of the two above. The art and science of making and breaking secret codes.
- Crypto: Often used as a short form of Cryptography but really, it means all of above.
- Encryption: In cryptography, encryption is the process of encoding messages or information in such a way that only authorized parties can read it.
- Decryption: Reversing of encryption. The process of converting encrypted data back into its original form, so it can be understood.
- Cipher text: The result of encryption performed on plaintext using an algorithm, called a cipher.
- Encryption key: In cryptography, a key is a variable value that is applied using a cipher to a string or block of plaintext to produce cipher text, or to decrypt encrypted text. The length of the key is a factor in considering how difficult it will be to decrypt the text in a given message. In essence, longer and random keys make it more difficult to decrypt the plain text without the knowledge of encryption key.
One must remember that any security mechanism is only as secure as its weakest link. While cryptography is basis of many security systems, it does not provide a solution to all security problems. Cryptography is only as reliable as its implementation and usage. Strongest crypto solutions have fallen due to poor implementations in past. What this means is that you should never ever try to invent your own cryptographic system unless you have mastered the science of Mathematics, Cryptography, and Computers. A more in depth analysis of crypto and security pitfalls can be found at Bruce Schneier's Cryptogram blog. I am a strong believer in two principles:
Kerckhoff’s principle: "A cryptosystem should be secure even if everything about the system, except the secret key, is public knowledge". This principle is basis of today's cryptography. For example, AES, best known and most widely used crypto system is open to anyone who wants to analyze its inner workings. Most important benefit of this practice is that the users only need to focus on the key they choose. We humans are usually only good at doing one thing at a time so this helps :)
Schneier's Law: "Anyone, from the most clueless amateur to the best cryptographer, can create an algorithm that he himself can't break". Bruce Schneier is the authority on encryption today. He has written many books and continues to research cryptography today. What he has suggested over and over is to refrain from using closed source cryptographic algorithms. The Advanced Encryption Standard (AES), also known as Rijndael (its original name), was chosen by the U.S. National Institute of Standards and Technology (NIST) in 2001 as a standard for encryption of data. NIST and participating cryptographers, far more intelligent than myself, rigorously tested many algorithms before agreeing on AES. Use it, do not try to build your own.
There are two types of cryptographic algorithms:
Symmetric key cryptographic algorithms or ciphers use a single key to encrypt and decrypt messages. This system assumes that both parties have exchanged the key securely. Examples of this type of encryption include AES, DES, 3DES, Serpent, and few others. An example of this system is our own mechanism to encrypt client reports. We encrypt the report using Microsoft Word's built-in symmetric encryption algorithm. We use a password, also called encryption key, to encrypt the file. This key is then shared with the client in what we consider a secure channel. But what if that secure channel lost its credibility? What if someone malicious had tapped into that secure channel?
Asymmetric cryptography or public-key cryptography uses a pair of keys to encrypt and decrypt messages. A public key is used to encrypt a message and a private key is used to decrypt a message. Benefit of this mechanism is that sender does not need to know all the keys. Sender only needs to know recipient's public key that can be retrieved from public key servers. Once a message has been encrypted using recipient's public key, it can be sent in most insecure ways possible. You can tweet it, post it on Facebook, or even publish it in newspaper. Only the holder of corresponding private key can decrypt that message. Most notable example of an asymmetric cipher is RSA. Well known implementations of asymmetric or public key cryptography include Diffie-Hellman key exchange protocol, Secure/Multipurpose Internet Mail Extensions (S/MIME) for secure email, Secure Shell (SSH) and SSL/TLS for encrypted communication between server and client, Bitcoin protocol, and my favorite encryption/decryption program PGP.
Aside from confidentiality, there is another use for Cryptography.
Hashing Algorithms are used to validate message integrity. These algorithms were written to only validate message integrity and not provide confidentiality. Hence, one cannot use hashing algorithms to encrypt a message. In fact, a hash (result of application of hashing algorithm on data) shall never be reversible. That is, one shall not able to take a hash and reverse it to reveal original message. The way hashing works is that you apply hashing algorithm to a message or file to compute is hash. A hash value is solely dependent on data. Hence, if even a single bit of the data changes, the hash value will change. Also, for same message or file, there shall only be one hash. When two distinct pieces of data, message, or file have same hash value, it is called collision. Collisions render a message integrity mechanism insecure. Examples of hashing algorithms include MD5, SHA1, SHA256, and SHA512. MD5 is broken due to collisions and shall not be used. SHA1, in my opinion, is pretty close to its death.
Here is a fun example to demonstrate hashing.
SHA256 sum or hash of word GeekMemos is 2f7038693a8f559afacf8ddeb1a261fa69af6db6ea60496ab30c337aaf0778a6. SHA256 sum or hash of word GeekMeemo is c95cf448105666e1a01174bcfd2336d7d2e0ff304a599807743e218df1403ff3.
Key size is important. Longer and more random keys can mitigate brute force attacks. Many key generation systems use randomness of environment such as weather for time of key creation, movement of computer mouse, temperature of processor, noise, or combination of aforementioned. AES symmetric key encryption algorithm offers 128, 192 or 256 bits long keys. Asymmetric encryption implementation of PGP (using RSA or DSA algorithm) offers 512, 2048, and 4096 bits long keys. Generally, a 128 bit key for AES or 2048 bit key for RSA is safe to use. While longer keys provide more deterrence against brute force attacks, they do tend to be resource hungry.
That is it for our crypto talk today. Want to learn more? Check out Coursera's course on Cryptography,
A Graduate level book on Cryptography, and
An education tool to learn Cryptography and Cryptanalysis.