Cryptography: How to Keep a Secret

27 impossible to reverse a mod equation with exact certainty, and why a decent amount of protection is provided by cipher equations.

2.2.3 Cryptography in Network Communications

Protecting a network conversation is almost as fundamental as having one. The protection part comes from the need to send data over an unknown public network. This is commonly referred to as the transmission over an insecure channel problem, and is almost always solved by one of two methods. The easiest solution is, of course, to make the channel secure by privatizing the medium. If you make sure that third parties do not have access to the physical line, snooping becomes extraordinarily difficult, so the connection is solid. As usual, this is not always the best approach, for several reasons. It is expensive to secure an entire media delivery system, which may be unfeasible as well as impractical to alter in a timely fashion, not to mention that sometimes it is impossible to secure a delivery system to a users complete satisfaction. This is exactly the reason why the virtual private network will be deployed on a large scale in the coming years. Since the solution is not to privatize an existing delivery system, it must be to secure the data itself on the insecure channel. In other words, make it accessible for everyone, but transform it in a way using cryptography that only an affiliate can undo it.

2.2.4 Cryptographic Algorithms

In the following section we cover the three basic types of encryption algorithms that can be used to protect data. Some of these systems are marginally unsuitable for VPNs, or present administration troubles, and others seem like they were made exactly for protecting network communications.

2.2.4.1 Hash algorithms

Hash algorithms, which are usually known as message digests or one-way hashes, take an arbitrarily large string and mathematically convert it into a fixed-length, one-way number. Hashes are typically used to check the validity of a particular message or password. A good scenario is one where a system needs to be able to check the authentication of a particular user, but does not want to store an unencrypted password on the disk. Doing so would compromise security for every user on the whole system at once. When the system hashes the passwords and then stores the hash, the attacker who gains access to the password file still has nothing with which to help him. But, he can engage in brute force attacks against all the users at once, which provides adequate reason for the system administrator to keep the hashed password file as safe as possible. The process of hashing must be fast and reliable, and must produce a result that is fundamentally difficult to reverse. Because there is a loss of data in the production of the hash e.g., the transformation of a potentially large value into a smaller fixed-length one, a cryptoanalyst has only the tools of brute force attacks, social engineering, or algorithm- specific attacks. It is possible for there to be more than one input value that hashes to the same result. A robust algorithm makes it computationally unfeasible to find two such values easily. 28 An example of a hash would be to take an input password, multiply it by 3.1415, divide by e 2.71828, mod the result by 7654321, and take the middle eight bytes. It would certainly be nasty to reverse this process without knowing anything about it. The NISTs National Institute of Standards and Technology proposed message digest function hash is called SHA, which stands for Secure Hash Algorithm. Ron Rivest hes the R in RSA created a set of hash algorithms, MD2 through MD5, which stand for Message Digests.

2.2.4.2 Secret key systems

The secret key cryptosystem takes as input a message of a variable length and a secret key by which the message is transformed into the ciphertext. In fact, from a distance the transformation is very similar to the hash algorithms. An important distinction is that a separate user-controlled variable is supplied to help encipher the data. Further, where the hash algorithm creates a fixed length result from a variable length input, the secret key system operates on successive fixed blocks of input using the fixed length key to produce a variable length result. Hash systems are for one-way checks, and secret key systems preserve the entire clear text so that the original text can be produced when needed. Because the secret key used in the equation is of a fixed length, using a key that is too short reduces the overall security of the system. Imagine using a key that is one byte long 8 bits; it shouldnt take a cryptoanalyst too long to run through the 256 possible keys that could be used to decrypt the data. Since the operation of encrypting the message uses fixed blocks of input, using a message block size of one byte would also be insecure because the cracker would only have to create a table of clear text to ciphertext pairs, once he knows that he could send his own data through the algorithm. As with hashing systems, the secret key system is designed to take a variable length clear text input and produce a random-looking similarly sized output. Further, changing the input by only one bit should change the output so that there is no way to trace a transformation from bit to bit. The randomness of the ciphered message suggests that at any given time, about half of all the bits in the resulting sequence are on and the other half are off. Secret key cryptography uses algorithms that effectively disperse the bits completely across the resulting output, and then mix them up by looping multiple times so that it becomes impossible to trace a given bit through the process and have any idea of what happened to it along the way. Typically, during the encryption process, there are several operations that can be found in use, including the substitution of input bits for other input bits, and the swapping of bit positions with other bit positions. DES, which stands for the Data Encryption Standard, was developed in 1977 by the National Bureau of Standards for low-grade U.S. government work and commercial applications. The standard was based on work done earlier by IBM that was codenamed the Lucifer Cipher. DES uses a 64-bit key, but trims the last bit off each of the eight bytes 8 bits each as a parity check, making the actual key size only 56 bits. Originally, DES was designed to be used in a hardware-only implementation, but since there has been phenomenal growth in semiconductor speeds in just the last few years, it is now just as practical to conduct in software. This was obviously beyond the intentions of its designers, who had their own agendas in mind.