PRIVATE KEY ENCRYPTION There are two primary types of encryption: private key and public key.. Private key encryption is the most widely used type of encryption.. Private key encryption
Trang 1The lesson here is that the surrounding system is just as important to the overall
secu-rity of encryption as the algorithm and the key
PRIVATE KEY ENCRYPTION
There are two primary types of encryption: private key and public key Private key
en-cryption requires all parties who are authorized to read the information to have the same
key This then reduces the overall problem of protecting the information to one of
protect-ing the key Private key encryption is the most widely used type of encryption It provides
confidentiality of information and some guarantee that the information was not changed
while in transit
What Is Private Key Encryption?
Private key encryption is also known as symmetric key encryption because it uses the
same key to encrypt information as is needed to decrypt information Figure 12-2 shows
the basic private key encryption function As you can see from the figure, both the sender
and the receiver of the information must have the same key
Private key encryption provides for the confidentiality of the information while it is
encrypted Only those who know the key can decrypt the message Any change to the
message while it is in transit will also be noticed as the decryption will not work properly
Private key encryption does not provide authentication as anyone with the key can
cre-ate, encrypt, and send a valid message
Generally speaking, private key encryption is fast and can be easy to implement in
hardware or software
Figure 12-2. Private key encryption
Trang 2Substitution Ciphers
Substitution ciphers have been around for as much as 2,500 years The earliest known ex-ample is the Atbash cipher It was used around 600B.C and consisted of reversing the Hebrew alphabet
Julius Caesar used a substitution cipher call the Caesar cipher This cipher consisted
of replacing each letter with the letter three positions later in the alphabet Therefore “A” would be come “D,” “B” would become “E,” and “Z” would become “C.”
As you can see from this example, the substitution cipher operates on the plaintext one letter at a time As long as both the sender and receiver of the message use the same substitution scheme, the message can be understood The key for the substitution cipher
is either the number of letters to shift, or a completely reordered alphabet
Substitution ciphers suffer from one primary weakness—the frequency of the letters in the original alphabet does not change In English, the letter “E” is the most frequently used letter If another letter is substituted for “E,” that letter will be the most frequently used (over the course of many messages) Using this type of analysis, the substitution cipher can be bro-ken Further development of frequency analysis also shows that certain two- and three-letter combinations also show up frequently This type of analysis can break any substitu-tion cipher if the attacker gains sufficient ciphertext
One-Time Pads
One-time pads (OTPs) are the only theoretically unbreakable encryption system An OTP
is a list of numbers, in completely random order, that is used to encode a message (see Figure 12-3) As its name implies, the OTP is only used once If the numbers on the OTP are truly random and the OTP is only used once, then the ciphertext provides no mecha-nism to recover the original key (the OTP itself) and therefore, the messages
OTPs are used but only for short messages in very high-security environments For example, the Soviet Union used OTPs to allow spies to communicate with Moscow The two main problems with OTPs are the generation of truly random pads and the distribu-tion of the pads themselves Obviously, if the pads are compromised, so is the informa-tion they will protect If the pads are not truly random, patterns will emerge that can be used to allow frequency analysis
Figure 12-3. One-time pad operation
Trang 3One other important point about OTPs is that they can only be used once If they are
used more than once, they can be analyzed and broken This is what happened to some
Soviet OTPs during the Cold War A project called Venona at the National Security
Agency was created to read this traffic Venona intercepts can be examined at the NSA
Web site (http://www.nsa.gov).
Some encryption systems today claim to mimic OTPs While this type of system may
provide enough security, it may just as well be an easily breakable system that provides little
in the way of security Generally, OTPs are not feasible for use in high-traffic environments
Data Encryption Standard
The algorithm for the Data Encryption Standard (DES) was developed by IBM in the
early 1970s The United States National Institute of Standards and Technology (NIST)
adopted the algorithm (as FIPS publication 46) for DES in 1977 after it was examined,
modified, and approved by NSA The standard was reaffirmed in 1983, 1988, 1993, and 1999
DES uses a 56-bit key The key uses seven bits of eight 8-bit bytes (the eighth bit of each
byte is used for parity) DES is a block cipher that operates on one 64-bit block of plaintext
at a time (see Figure 12-4 for a block diagram of the algorithm) There are 16 rounds of
en-cryption in DES with a different sub-key used in each round The key goes through its
own algorithm to derive the 16 sub-keys (see Figure 12-5)
In the DES block diagram, you can see several blocks where permutations occur The
standard defines a specific rearrangement of bits for each permutation The same is true
for the sub-key generation algorithm There are specific bit rearrangements for permuted
choice 1 and 2 In Figure 12-4, you can also find a call out of the function “f.” Within the
function, there is a block that says “S” boxes The “S” boxes are table lookups (also
de-fined in the standard) that change a 6-bit input into a 4-bit output
There are four modes of operation for DES:
▼ Electronic Code Book This is the basic block encryption where the text and
the key are combined to form the ciphertext Identical input produces identical
output in this mode
■ Cipher Block Chaining In this mode, each block is encrypted as in electronic
code book but a third factor, derived from the previous input, is added In this
case, identical input (plaintext) does not produce identical output
■ Cipher Feedback This mode uses previously generated ciphertext as input to
DES The output is then combined with plaintext to produce new ciphertext
▲ Output Feedback This mode is similar to cipher feedback but uses DES
output and does not chain ciphertext
There are no known attacks against the DES algorithm However, the 56-bit key has
be-come a weakness The key provides a total of 255potential keys (less a few keys that are
known to be weak and not used) With today’s computer systems, this entire key space can
be examined within a small amount of time In 1997, the Electronic Frontier Foundation
Trang 4Figure 12-4. DES block diagram
Trang 5(EFF) announced a computer system that can find a DES key in four days This system cost
$250,000 to build With today’s hardware systems, the time to brute-force a DES key is far
too short to protect information that must be kept secret
Figure 12-5. DES sub-key generation algorithm
Trang 6In fact, in the revised FIPS publication (46-2 and the current 46-3) the NIST acknowl-edged this fact by stating: “Single DES will be permitted for legacy systems only.”
Triple DES
In 1992, research indicated that DES could be used multiple times to create a stronger en-cryption Thus was born the concept of Triple DES (TDES) Figure 12-6 shows how TDES works You will note that the second operation is actually a decryption This is the key that makes TDES stronger than normal DES
TDES can be used with either three keys or two keys In the case of two keys, K1 and K3 are equal and K2 is different
TDES is a relatively fast algorithm as it can still be implemented in hardware It does take three times the overall time as DES since there are three operations occurring TDES should be used instead of DES for most applications
Password Encryption
The standard Unix password encryption scheme is a variation of DES While the password encryption function is actually a one-way function (you cannot retrieve the plaintext from the ciphertext), I will include a discussion of it here to show how DES can be used in this type of application
Each user chooses a password The algorithm uses the first eight characters of the password If the password is longer than eight characters, it is truncated If the password
is shorter than eight characters, it is padded The password is transformed into a 56-bit number by taking the first 7 bits of each character The system then chooses a 12-bit
num-ber based on the system time This is called the salt The salt and the password are used as
input into the password encryption function (see Figure 12-7)
Figure 12-6. Triple DES functional diagram
Trang 7The salt is used to modify one of the permutation tables in the DES algorithm (the E
Permutation) in any of 4,096 different ways based on the number of 1’s in the 12 bits The
initial plaintext is 56 zero bits and the key is the 56 bits derived from the password The
al-gorithm is run 25 times with the input for each stage being the output of the previous
stage The final output is translated into 11 characters and the salt is translated into 2
char-acters and placed before the final output
The chief weakness in this system lies in the password choice Since most computer
users will choose passwords made up of lowercase letters, we have a total of 268possible
combinations This is significantly less than the 255 possible DES keys and thus it takes
significantly less time and computing power to brute-force passwords on a Unix system
NOTE: Most Unix systems now offer the option of using shadow password files for just this reason If
the encrypted passwords are easy to brute-force, then by hiding the encrypted passwords we can add
some amount of security to the system As with all systems, if the root password is weak or if a root
compromise exists on the system, then it does not matter how well the users choose their passwords
The Advanced Encryption Standard: Rijndael
In order to replace DES, NIST announced a competition for the Advanced Encryption
Standard (AES) in 1997 At the end of 2000, NIST announced that two cryptographers
from Belgium, Joan Daemen and Vincent Rijmen, had won the competition with their
al-gorithm Rijndael The alal-gorithm was chosen based on its strength as well as its suitability
for high-speed networks and for implementation in hardware
Rijndael is a block cipher that uses keys and blocks of 128, 192, or 256 bits These key
lengths make brute-force attacks computationally infeasible at this time The algorithm
consists of 10 to 14 rounds, depending on the size of the plaintext block and the size of the
key Figure 12-8 shows the computations in each round
Rijndael should appear in many systems in the near future and should be considered
as an appropriate alternative to TDES
Figure 12-7. The Unix password encryption function
Trang 8Other Private Key Algorithms
There are several other private key algorithms available in various security systems Among them are
▼ IDEA The International Data Encryption Algorithm was developed
in Switzerland IDEA uses a 128-bit key and is also used in Pretty Good Privacy (PGP)
■ RC5 RC5 was developed by Ron Rivest at MIT It allows for variable length keys.
Figure 12-8. Rijndael round functional diagram
Trang 9■ Skipjack Skipjack was developed by the United States government for use
with the Clipper Chip It uses an 80-bit key, which may be marginal in the
near future
■ Blowfish Blowfish allows for variable length keys up to 448 bits and was
optimized for execution on 32-bit processors
■ CAST-128 CAST-128 uses a 128-bit key It is used in newer versions of PGP.
▲ GOST GOST is a Russian standard that was developed in answer to DES.
It uses a 256-bit key
Any of these algorithms may appear in security products All of them are likely to be
strong enough for general use Keep in mind that it is not only the algorithm, but also the
implementation and the use of the system that define its overall security
PUBLIC KEY ENCRYPTION
Public key encryption is a more recent invention than private key encryption The
pri-mary difference between the two types of encryption is the number of keys used in the
operation Where private key encryption uses a single key to both encrypt and decrypt
in-formation, public key encryption uses two keys One key is used to encrypt and a different
key is then used to decrypt the information
What Is Public Key Encryption
Figure 12-9 shows the basic public key or asymmetric encryption operation As you can see,
both the sender and the receiver of the information must have a key The keys are related
to each other (hence they are called a key pair), but they are different The relationship
Figure 12-9. Public key encryption