Cryptography: From Then To Now
Cryptography is the science of concealing text and ciphering messages. It is a branch of mathematics and one with huge development in recent years.
The first known production of concealed messages is the book of Jeremiah which dates around 600B.C. where the first letter of the alphabet is exchanged for the last. The word ‘DOOR’ would be ‘WLLI’.
In 4th century B.C. Kama sutra recommends women learning many arts including mlecchita-vikalpa, writing in code.
Many codes were invented after that until they became automated with machine, like the enigma machine of World War 2. With that, a new science emerged, cryptanalysis.
Cryptanalysis is the science of analyzing cryptographic operations or algorithms with the goal of breaking them or proving a possible weakness in them. When an algorithm is said, for instance, ‘to require 300 years and 100 of today’s supercomputers to crack”, it is considered strong enough at least in today’s standards.
The Enigma Machine
The most famous case of cryptanalysis is the successful breaching of the German Enigma machine during WWII. The typewriter-looking machine was developed in 1919 by Hugo Koch. Then during the war, Nazi forces used it to encrypt military communications by using substitution of a letter by another. The cipher was eventually broken with the help of many people including Alan Turing.
William Frederick Friedman, considered to be the Father of cryptanalysis, broke the purple cipher of the Japanese diplomatic services before USA joined the war. And a wheel cipher, M-138-A, was used during the war by the US army as backup technique to encode military messages.
Keys
In order to encrypt and decrypt a message, you must have at least one key. It is evident that the longer the key, the more difficult it is to break the code. The possible length of a key in a cryptographic algorithm is called a keyspace. An algorithm with 48-bit keyspace could have 2^48 possible keys.
The importance of key secrecy
Once you have the key, you can encrypt your message, but anyone who steals your keys could decrypt the message easily. It is, therefore, of supreme importance, that you should protect the key. Key secrecy is quintessential to cryptography.
There are three types of cryptographic logics that apply to algorithms; symmetric, asymmetric and hashing.
Symmetric cryptography
Symmetric encryption is the use of one key to encrypt a message and the same key to decrypt it at the receiving end. Mike and Rob want to exchange secret information. Mike will encrypt the message using a key, send the encrypted message to Rob who will then decrypt the message using the same key. A big concern here is secure key transfer; Mike should send the key to Rob. The transmission could be intercepted and the key stolen. Another complication with this method is that when Mike wants to send a message to his other friend, Ross, he should use another key, send the key to Ross securely and send the encrypted message. Now we have two keys circling around and as the number of users increase the number of keys will increase too. With 5 users, we will need 5*(5-1)/2 = 10 keys. And this is the formula:
K = n(n-1) / 2
K is the number of keys ; n is number of users
The symmetric encryption doesn’t provide authentication and nonrepudiation because the key is shared between the sender and the receiver, there is no way of proving who sent the message nor verifying that it was indeed who they claim to be.
There are mainly two operational encryption methods. In one hand we have the stream ciphers where the encryption is done on bit-by-bit logic. On the other hand, the block ciphers which are calculated on a block of bits rather than one by one.
The table below illustrates the most used symmetric algorithms:
Acronym | Full name | Year and inventor | Evaluation and usage | Max Keyspace | Type |
DES | Data Encryption Standard | 1975, IBM |
| 64 | Block |
3DES | Triple Data Encryption Standard (Applies DES three times) | 1995 |
| 64 | Block |
AES | Advanced Encryption Standard | 1998 | Still recommended by NSA to protect classified information | 256 | Block |
Blowfish | Blowfish | 1993, Bruce Scheiner | Good encryption speed | 448 | Block |
RC4 | Rivest Cipher 4 | 1987, Ron Rivest |
| 2048 | Stream |
Asymmetric cryptography
Asymmetric cryptography, also known as public cryptography, is encrypting using a key and decrypting using another key. So the keys are not identical. Public, because one key is called the public key and it is known to everyone and the other – the private key, because it is secret and only the owner has it.
For instance, a website is using a certificate which contains a public key with which encryption is done.
With asymmetric cryptography it is possible to provide both authentication and nonrepudiation. This also adds enormously to scalability. No need to keep track of secret keys and to whom they belong.
Let’s take a look at the most common asymmetric algorithms:
Acronym | Name | Year and inventor | Max keyspace | Evaluation and usage |
RSA | Rivest, Shamir, Adleman | 1977, Rivest, Shamir and Adleman | 4096 | E-commerce SSL transactions |
Diffie-Hellman | 1977, Ralph Merkle | 3072 (group 15) | Used today as key exchange algorithm. | |
ECC | Elliptic Curve Cryptography | 1985, Neal Koblitz and Victor S. Miller | 571 | Requires fewer resources, adopted a lot in smartphones |
ElGamal | 1985, Taher ElGaaml | 1024 | Used in digital signature due complex discrete logarithms. |
Another use case of public key cryptography is digital signatures. A message is hashed using a hashing algorithm (see next section), and encrypted with a private key. The receiving user decrypts the message with the public key and calculates the hash which must match.
Hashing
Hashing is a one-way mathematical operation that converts a message to a fixed length output called a hash. No matter how long the message is, the hash will always have the same length. The table below outlines the different hashing algorithms:
Name | Year and inventor | Evaluation and usage | |
MD2 | Message Digest 2 | 1989, Ron Rivest | No longer in use |
MD4 | Message Digest 4 | 1990, Ron Rivest | 1995, collision found No longer secure |
MD5 | Message Digest 5 | 1992, Ron Rivest | Deprecated but still used in checksum integrity check |
SHA-1 | Secure Hash Algorithm 1 | 1995, NSA | Deprecated |
SHA-2 | Secure Hash Algorithm 2 | 2001, NSA | Standard today, SHA 256 is much secure |