Encryption Glossary
Adversary - anybody you are trying to keep
your messages secret from. If your adversary is an experienced Hacker,
keeping your messages secret will require some more effort. If you can keep
your computer out of the hands of your adversary, keeping your messages secret
will be much easier.
Algorithm - a specific mathematical recipe,
in this case, for encryption and decryption. Different algorithms have different
properties: some are more secure than others, some are faster than others. Of
course, each is incompatible with all the others.
Each "algorithm" is,
strictly speaking, several algorithms that work together. One algorithm
encrypts, one algorithm decrypts, and there are other algorithms for other
tasks such as generating keys
or verifying signatures.
Back Door
- any security leak that is known to an adversary
but is unknown to the users of a secure system.
If you were trying to secure a house
so that burglars could not get in, you would put locks on all of the doors and
windows. If there was a door in the back that you forgot to put a lock on, that
would constiture a "back door".
But it doesn't have to be a door. If
there was a skylight in the roof that a burglar knew how to get in through, or
a ventilation duct or a sewer pipe a burglar could crawl through, security
experts would call these also "back doors". Even if a particular
burglar had a skeleton key
that you didn't know about, or knew how to pick one of your locks, or they knew
a trick to opening one of your locked windows, this might be considered a
"back door".
Usually, if your adversary does not
have a copy of your secret key,
they cannot read your encrypted messages. A back door on your encryption algorithm
would be a way for an adversary either to decrypt your messages without your
secret key, or to somehow extract your secret key by examining the encrypted
messages you send to your confidants (which often include the public keys).
Longer Example: For instance, the
RSA algorithm depends on the fact that large numbers are hard to factor. If I
tell you that 5764981 is the product of two numbers, you would have to try all
of the prime numbers from 2 through 2401 (that's the square root) before you
found the one that divides it evenly, 2267. (Then you get the other number,
2543, by dividing.)
So, if your public key was 5764981,
your adversary would have to try almost a thousand divisions before they could
figure out that your secret key was (2267, 2543). With a computer, this would
take an instant. But if your public key was 300 digits long, your adversary
would have to buy a million computers, and have them running for a thousand
years, before stumbling onto the right numbers. Hopefully at least.
The current state of the art is that
there are mathematical methods that are faster than this brute-force approach,
but not fast enough. Some day, a brilliant mathematician might find a very
efficient way to factor prime numbers. If so, that would be a "back
door" for the RSA algorithm.
Blowfish - yet another symmetric key
encryption system.
Certificate - a piece of data, typically a
public key, that is digitally signed by some signing authority. This is
important, because a public key
is like a signature card; it is the data that allows you to verify that a
signed document was indeed signed by who you think it was signed by.
The reason why public keys are sent
around in certificates is to guard against impostors. Anybody can use public/secret key
software to generate a public/secret
key pair for a user with any name, such as "Bill Clinton
<president@whitehouse.gov>". The impostor could then digitally sign
documents that appear to be signed by Bill Clinton.
A signing authority works like a
notary public. First, they go through some verification process, to try to
ensure that the person really is who they say they are. The signing authority
witnesses the generation of a secret/public key pair, grabbing a copy of the
public key that comes out. (The secret key never leaves the user's machine.)
The signing authority then digitally signs this public key with their OWN key
(the signing authority's key), in the same way that a notary public signs the
document they witnessed with their own signature.
Usually all this happens behind the
scenes and it's hard to tell what is going on. The "signing
authority" is really a smart website. It verified that you are who you
claim to be because it sent an email to you and you proved that you got the
email. Magical commands in your browser deal with the keys, even if you are not
aware of what's going on and what data is important to protect, and how.
Therefore, all of the certificates
coming out of a given signing authority are all signed by them, much as the
diplomas of all of the students coming out of a university are signed by the
president of that university.
Of course, the next problem is, who
can verify that the signing authority is not an impostor? In order for this
whole thing to work, you must have a public key for the signing authority... in
fact, you must have a SIGNED public key, that is, a certificate for the
certificate authority itself.
Netscape and IE have solved this
problem by being shipped with certificates for leading certificate authorities.
Typically, these certificates are self signed. Basically, we are trusting
Netscape and IE to not feed us bogus certificates.
Cipher - a simple encryption system where each
character is substituted for another. For instance, Rot13
is a cipher. All ciphers are symmetric
algorithms.
A cipher might use the following key.
Both sender and receiver need this same key; the receiver would simply use the
key backwards.
|
a => h |
b => n |
c => b |
d => q |
e => o |
f => s |
g => d |
h => k |
i => v |
|
j => w |
k => y |
l => p |
m => g |
n => l |
o => c |
p => t |
q => e |
r => x |
|
s => m |
t => i |
u => z |
v => a |
w => r |
x => f |
y => j |
z => u |
|
Under this system, the word
"Helen" would encode as "Kopol".
Ciphers are notoriously easy to
break. For instance, you can already see that "Kobol" has a repeated
letter in it. It's pretty easy to break a cipher, given a few paragraphs of
encoded English text.
An attack typically starts by
counting up the frequency of various characters. The most common letters in the
English language are e, t, and a, in that order, followed by o, n, r, i, s, h.
These clues are supplemented with word frequency information, for instance, the
fact that "the" and "and" are the most common three letter
words.
Because the encrypted message is not
guaranteed to fit the "average english" profile, some trial and error
is needed, but astonishingly little. Given a little bit of experimentation,
such a code can be totally broken in a few hours if done on paper.
Computerization and dictionary lookup can reduce the hacking time to almost
nothing.
A good symmetric algorithm
can be built upon the idea of a cypher, however. One way to do this is to use a
cypher, but vary the cypher system on a character-by-character basis.
Modern secure code systems (whether
symmetric or public key) typically consider the entire message to be one long
number. This number is encrypted whole, yielding an inscrutable lump of bits
that appears to change completely even when one character of the original plain text
is changed.
Cracker - a computer vandal. A cracker
tries to break computer security systems, either for some selfish and unwholesome
purpose, or simply for sport. Some others do so professionally, to test the
security of established systems. Make sure you know who you are dealing with.
Many crackers claim to engage in
their sport as unauthorized security testers. As such, they claim a moral
imperative. For some reason, the same moral redemption does not apply to
unauthorized house or office burglars.
The programmer and encryption
community prefers the term "Cracker" to describe an internet vandal,
whereas the public and the press usually use the term "Hacker".
DES - A symmetric
encryption algorithm
used in the 1970's and later that always uses 56 bit keys.
It became a standard for such applications as banking and finance. It was
developed by the US NSA, and is widely believed to have been designed in such a
way that the NSA could break it, if it decided that it needed to. (Part of the
evidence is the odd key size of 56 bits, when going up to 64 would have been
trivial.)
Due to its lack of security, it is
losing popularity and falling into disuse. Because of the 56 bit key, there are
only about 72 quadrillion possible keys; if you can program a computer to try
them all, you can break any code. One popular way to do this is to build a
special purpose computer and use encryption chips, chips specially designed for
rapid encryption and decryption. These can unfortunately also be used for rapid
key cracking. (Kindof defeats the purpose of making an encryption chip, no?)
See also Triple DES.
Digital Signature - se Signature,
Digital.
DSA - Digital Signature Algorithm
- a digital signature algorithm developed by the NSA for public use. Although
there are suspicions that the algorithm has a back door known only to the NSA
(allowing the NSA to forge signatures, although not decrypt messages), most of
these fears have subsided, and the DSA signing has gained wide acceptance,
partly due to the fact that it is royalty free. DSA signing keys
range in length from 512 to 1024 bits.
DSS - Digital Signature System - the
use of DSA
to sign documents and messages.
Hacker - either the same thing as a Cracker
(internet vandal), or a creative and productive programmer who programs in an
informal manner.
The latter meaning was the original
meaning. The image conveyed was of a programmer continually making small
adjustments to their software, slowly evolving toward a finished product, the
way a sculptor might chip away at a piece of wood with a hatchet. The result is
often a new and unique piece of software, unforeseen by someone who simply
implemented straight from a specification.
More recently, the term has taken on
the meaning "internet vandal". Programmers who engage in network
vandalism have been relabeled "Crackers" by programmers who don't
engage in network vandalism, in an effort to distance themselves. Often, heated
discussions spring up over the topic, as many programmers who don't engage in
cracking automatically assume that everyone is, or should be, using the term
"Hacker" to refer to a programmer and "Cracker" to refer to
a vandal, when, in reality, most people think of the word Hacker as an internet
vandal. They claim to be Hackers, and they claim that Hacking is good. The
result is the opposite of what they intended, as the typical listener decides that
Hackers are self-righteous and evil internet vandals. Pay attention to who is
speaking or writing.
Key - A special piece of data used for encryption and/or
decryption. Due to modern encryption automation, keys are not human readable
and typically look like alphanumeric gibberish to humans. A computerized random
number generator chooses the bits of the key in such a way that it cannot be
predicted. See also Public Key,
Secret Key,
and Symmetric Key.
|
-----BEGIN PGP PUBLIC KEY
BLOCK----- |
|
|
A typical public key. |
|
Keys are specific to encryption
algorithms - you cannot use an RSA key to do DES
encryption, or vice versa. Many algorithms have specific mathematical
requirements for their keys - you cannot use just any jumble of bits for an RSA
key, for instance; a special algorithm is needed just to create a key with the
correct mathematical properties.
The length of a key (a measure of
how hard it is to break) is usually measured in bits. For instance, a 56 bit
key can be stored in just seven bytes of memory. Each additional bit usually
makes it twice as hard to break the code, so that an additional 20 bits would
make it a million times more difficult. In other words, a computer program that
tried every key would take a million times longer to try all of them. On the
other hand, computer power doubles every two years, so, the codes of yesteryear
are considered dangerously unsafe today.
Unfortunately, you cannot compare
the length of keys from different algorithms. A 256 bit key for the IDEA
algorithm, for instance, is respectably solid. For an RSA algorithm, however, a
256 bit key is considered flimsy because it is so short.
Plain Text
- the unencrypted text or data that you want to conceal.
Private Key
- same as Secret Key.
Public Key
- Data used to encrypt messages in Public Key Encryption. The public key
canot be used to decrypt any message; it is safe to pass this out in public, as
the name implies.
Sometimes this is sent out in
messages to confidants, other times, central name servers (like telephone
books) will keep everyone's public key along with other contact information
such as email address or phone number.
Public Key Encryption - The encryption breakthrough of the 1970's. With public key
encryption, two confidants can communicate securely, even if all of their
communications are intercepted, without risking sending a secret key and
risking having the code broken. Before Public Key Encryption was invented, all
codes were forms of Symmetric
Encryption, where the encryption and decryption keys are the same.
In Public Key Encryption, the key is
broken into two parts: your Secret Key is kept secret on your computer, and
your Public Key
is given out to each confidant.
Popular Public Key algorithms
include RSA, Diffie/Hellman/Elgamal, and elliptic algorithms.
Rot13 - probably the simplest cypher in
use. Each letter is exchanged for the letter 13 characters before or after it.
For instance, the word "Helen" becomes "Uryra". Note that
the encryption algorithm
is identical to the decryption algorithm.
Because everybody knows how it
works, Rot13 doesn't really provide any security, except against naive
adversaries. It is mostly used in internet newsgroups to conceal potentially
volatile or offensive text from those who voluntarily wish to avoid seeing it.
Secret
Key - The core of Public Key
encryption. Each confidant has their own Secret Key,
which they must keep secret, of course. This key is never sent in any message,
and usually never leaves the machine it is on. You do not exchange your secret
key with any confidants, instead, you give out the corresponding Public Key to
confidants so that they can encrypt messages to you.
Signature, Digital - a digital signature is a mathematical way to guarantee
that a given message was sent by a specific confidant (more specifically, by someone
who has a copy of the confidant's secret key).
It is similar to a handwritten
signature on a piece of paper, except that it is much more secure against
tampering and forgery. A handwritten signature can be easily forged by someone
with a steady hand (although an expert can tell the difference). It can also be
lifted with photocopy equipment onto another piece of paper (although, again,
an expert can often tell the difference). Finally, it is often possible for a
signed document to be changed after it is signed; detecting this is often
difficult. Due to the loss of resolution, faxed documents are particularly
suceptible to all of these security breaches, but nevertheless, business relies
on it, even in the international arena where legal protection is thin.
Usually, digital signing and
verifying are built in to encryption software. When your encryption software
signs your message, it takes the complete text of a message and crunches it
together with your secret key, to generate a signature, a bunch of extra bits,
that are appended to the end of the message. When your confidant's encryption
software decrypts the message, it also crunches together the text of the
message, along with your Public Key,
which your confidant has a copy of. (Yep, this is the same public key used to
encrypt a message to you. The keys are used in the reverse direction,
basically.) If the message is different (even by a single bit), the crunching
is overwhelmingly different and the verification fails. This protects against
alteration of the document, and also means that a digital signature cannot be
lifted onto a different document the way a handwritten signature can.
Similarly, if the message is signed with the wrong Secret Key, the verification
also fails. This effectively prevents forgery of a signature.
You can write a document, date it,
and include names, addresses and other information about people in the
document. The signature ensures all readers that it came from you and hasn't
been changed.
In this sense, the public key serves
as a "signature card" for digital signatures; people can use it to
verify that a signature is real. You must also guard against forgers, using Certificates.
Symmetric Encryption - Any encryption scheme where
the sender and receiver share the same key. (The encryption and decryption algorithms,
of course, are different.) Sometimes also called "conventional
encryption".
The trouble with symmetric
encryption is that the key must be transmitted between the two confidants.
Either side can design the key
and send it to the other, or they can agree to each design half and exchange
halfs, but this does not get around the fundamental problem. Any eavesdropper
who can intercept their messages, can also acquire the key, thereby breaking
the code. This is the problem that Public Key
Encryption solves.
Note, however, that if used with
public key encryption, symmetric encryption can be just as secure. If you use
public key encryption to exchange your symmetric key with your confidant, you
can be guaranteed complete security, and can then use symmetric encryption for
all subsequent messages. In fact, any way you can get your symmetric key to
your confidant, including a fax or paper mail, will probably be reasonably
secure, but it's easier for two computers connected over the internet to simply
talk to each other.
The practical implementation of
public key encryption actually relies on this principle. A one-time symmetric
key is generated for the use of a particular message by a random number
generator (which can be guaranteed to be random). The actual message is
encrypted with this "session key". Then, the session key is, in turn,
encrypted using the public key, and this encrypted key is appended to the
message. The receiver simply reverses the process.
The original reason this was done was
because symmetric algorithms are much faster for the CPU than public key
algorithms. An added benefit is that the message can be encrypted for more than
one recipient by simply encrypting the same session key once for each
recipient, each with their public key. Then, the whole message need be
encrypted only once with the symmetric key. In particular, it is convenient for
the sender to encrypt to their own key so that they can decrypt their own
message after it is encrypted; this is otherwise not possible because,
according to the rules, only the recipient can decrypt the message.
Some symmetric encryption algorithms
are IDEA, DES,
Triple DES,
and ciphers.
Symmetric Key
- a key
used for symmetric
encryption.
Triple DES
- a symmetric
algorithm
that basically involves applying the DES
algorithm three times to each message, each time with a different key.
The three 56 bit keys combine to effectively act like a 168 bit key, which is
quite safe and satisfactory for most purposes. Any attacker would have to guess
all three keys at the same time; simply discovering the first one lends no
clues. The main appeal of Triple DES is that the basic DES algorithm is usually
easily available, making it easy to implement.
Source:
http://www.tactileint.com/encryption/glossary.html
Les commentaires récents