Methods of Cryptography
There are two primary methods of encrypting data: stream ciphering and block ciphering.
Stream-based Ciphers
All cryptography fundamentally works with bits, zeros, and ones. Any encryption algorithm will take the data that needs to be encrypted and turn that data into bits and then apply the encryption methods. Once we have the bits, we can work with them in two ways: one bit at a time, or a bunch of bits at a time. When a cryptosystem performs its encryption on a bit-by- bit basis, it is called a stream-based cipher, or a stream cipher. This is the method most commonly associated with streaming applications, such as voice or video transmission. Wherever we are working with one bit at a time, it would make sense to use stream ciphers. The most well-known stream cipher algorithm is Rivest Cipher 4 (RC4).
The cryptographic operation for a stream-based cipher is to mix the plaintext with a keystream that is generated by the cryptosystem. The mixing operation is usually an exclusive-or (XOR) operation, which is a very fast mathematical operation.
Cryptographic Operation for a Stream-based Cipher
In stream ciphers, the plaintext is XORed with a seemingly random keystream to generate ciphertext. It is seemingly random because the generation of the keystream is usually controlled by the key. If the key could not produce the same keystream for the purposes of decryption of the ciphertext, then it would be impossible to ever decrypt the message.
The XOR process is a key part of many cryptographic algorithms. It is a simple binary operation that adds two values together. If the two values are the same, 0 + 0 or 1 + 1, then the output is always a
- However, if the two values are different, 1 + 0 or 0 + 1, then the output is a 0.
Operation of the Cipher
A stream-based cipher relies primarily on substitution, the substitution of one character or bit for another in a manner governed by the cryptosystem and controlled by the cipher key. For a stream-based cipher to operate securely, it is necessary to follow certain rules for the operation and implementation of the cipher. These are examples of basic requirements for any stream cipher:
- Statistically unpredictable and unbiased: Given that you know successive bits from the keystream, it would not possible to predict any of the following bits.
- Keystream should be linearly related to the cryptovarible: which means that knowledge of the keystream output value does not disclose the cryptovariable (encryption/decryption key).
- Statistically unbiased: There should be as many 0s as 1s and as many 00s as 01s, 10s, 11s, etc.
- Functional complexity: Each keystream bit should depend on most or all of the cryptovariable bits.
- Long periods: without repetition.
The keystream must be strong enough not to be easily guessed or predictable. In time, the keystream will repeat, and that period (or length of the repeating segment of the keystream) must be long enough to be difficult to calculate. If a keystream is too short, then it is susceptible to frequency analysis or other language-specific attacks.
The implementation of the stream-based cipher is probably the most important factor in the strength of the cipher. This applies to nearly every crypto product and, in fact, to security overall. Some important factors in the implementation are to ensure that the key management processes are secure and cannot be readily compromised or intercepted by an attacker.
Block Ciphers
A block cipher operates on blocks or chunks of bits. As plaintext is fed into the cryptosystem, it is divided into blocks of a preset size, often a multiple of the American Standard Code for Information Interchange (ASCII) character size, 64, 128, 192 bits, etc.
Most block ciphers use a combination of substitution and transposition to perform their operations. This makes a block cipher relatively stronger than most stream-based ciphers but more computationally intensive and possibly more expensive to implement. This is also why many stream-based ciphers are implemented in hardware, whereas a block-based cipher is most likely implemented in software.
Key Length
As we have seen, key management is the most important issue surrounding cryptography. As part of key management, key length is a very important aspect to consider when generating cryptographic keys and making the choice of which algorithms to use. Key length is the size of a key, usually measured in bits, that a cryptographic algorithm uses in ciphering or deciphering protected information. The longer the key, the more possibilities of key values exist (keyspace) and, therefore, if the key is large enough, it makes brute force attacks against the key space infeasible because it would take too long.
The goal of cryptography, as in security, is to make breaking of the key (finding the correct key) cost more (in terms of effort, time, and resources) than the value of the information being protected.
Block Size
As we have seen above, symmetric key algorithms are either block or stream ciphers. Block ciphers operate on a fixed length string of bits. Usually, this fixed length is 64bits, or multiples of 64bits. The length of this bit string is referred to as the block size. In all symmetric algorithms, the plaintext and ciphertext are the same length. The block size of a block cipher, like key length, may have a direct bearing on the security of the key.
Block ciphers produce a fixed-length block of ciphertext. However, since the data being encrypted are an arbitrary number of bytes, the ciphertext block size may not come out to be a full block. This is solved by padding the plaintext up to the block size before encryption and unpadding after decryption.
Initialization Vectors (IVs) – Why They Are Needed
Because messages may be of any length, and because encrypting the same plaintext using the same key always produces the same ciphertext, several modes of operation for encryption have been invented that allow block ciphers to provide confidentiality for messages of arbitrary length. The use of various modes allows the addressing the need for unpredictability into the keystream. This is required so that even if the same key is used to encrypt the exact same message, the ciphertext produced will be different each time. Because the IV is a random starting point, or a random number, that starts the process, it ensures that we add complexity and randomness into the encryption process. This is especially needed as randomness and preventing patterns is really useful in cryptography. Initialization vectors provide a really good way to add randomness into encryption algorithms.
Kerckhoffs’s Principle
Named after Dutch cryptographer Auguste Kerckhoffs, the principle states that “A cryptosystem should be secure even if everything about the system, except the key, is public knowledge.” In other words, most people summarize that as meaning “the enemy knows the system” and, therefore, the only thing that provides security in cryptography is security of the key. We have to assume that the enemy will know the methods and the algorithms, so protecting the key become the most important aspect of cryptography.
Related Product : Certified Ethical Hacker Online Training – EC-Council
High Work Factor
The average amount of effort or work required to break an encryption system is referred to as the work factor. That is to say, decrypting a message without having the entire encryption key or to find a secret key given all or part of a ciphertext would also be referred to as the work factor of the cryptographic system.
Typically, the work factor is measured in some units such as hours of computing time on one or more given computer systems or a cost in dollars of breaking the encryption. If the work factor is sufficiently high, the encryption system is considered to be practically or economically unbreakable, and is sometimes referred to as “economically infeasible” to break. Communication systems using encryption schemes that are economically infeasible to break are generally considered secure. The work factor required to break a given cryptographic system can vary over time due to advancements in technology, such as improvements in the speed and capacity of computers and the processors within those architectures.
Encryption Systems
Various systems exist to encrypt and decrypt information and, therefore, provide cryptography services. Many share common characteristics such as the ability to use substitution and transposition capabilities.
Substitution Ciphers
Substitution ciphers involve the simple process of substituting letters for other letters, or more appropriately, substituting bits for other bits, based upon a cryptovariable. Substitution involves shifting positions in the alphabet of a defined number of characters. Some examples of cryptosystems used in early history of cryptography were based on substitution, including the Caesar cipher and ROT-13.
Substitution ciphers involve replacing each letter of the plaintext with another that may be further down the alphabet. Encryption cryptosystems will combine a method, called the algorithm, and a cryptovariable (key).
With substitution ciphers, the method is “substitute by adding,” and the key is how many times to do it. In Caesar’s case, the key was shift 3. If Caesar’s secret message to his generals was “attack at eleven pm” his encrypted message would look like: dwwdfn dw hohyhq sp. An attacker trying to decrypt Caesar’s cipher would repeatedly increase each letter one alphabetic position until the plaintext becomes readable, assuming that they could read and understand the language.
As we can figure out, Caesar’s cipher has only 25 possible keys as we can shift each letter to 25 others. The objective to Caesar’s cipher, and indeed with cryptography in general, is to make your adversary work a long time by having them try many keys. If the keyspace is too large, the attacker would not even try as it would not be feasible. Hopefully, by the time the attacker finds the correct key, the encrypted message has little or no value. In our example above, at 11:01 p.m., the value of “attack at eleven pm” has been greatly reduced.
Transposition Ciphers
Transposition (also called permutation) ciphers involve changing the actual positions of plaintext letters. Instead of substituting for other letters, we move the letters around to create the ciphertext. Here is an example, a simple transposition of “eleven pm” could move each letter one position to the left. The ciphertext would then become “leven pme.” Although the letters have been moved around, all the ciphertext letters have not changed, they have only moved. There is no replacement or substitution of letters, only rearrangement. Obviously, we can get more complex on how we do the transposition to offer more security, and throughout history, we have seen some really good examples of transposition ciphers.
Monoalphabetic and Polyalphabetic Ciphers
The Caesar cipher is a simple substitution algorithm that merely shifted the plaintext over three places to create the ciphertext. We could reference this as being a monoalphabetic system, the substitution was one alphabet letter for another. The problem with monoalphabetic ciphers is that they can be broken by a technique called “frequency analysis.” Frequency analysis is knowing language statistics about the particular language being used by the cipher. For example, in the English language, we know certain statistics such as the letter “e” is the most commonly used letter. The most commonly used three-letter word in the English language is “the.” Knowing these types of statistics allows attackers to eventually break monoalphabetic ciphers. The problem is that simple substitution and transposition ciphers do not disguise the linguistic patterns of letters and word frequency in the encrypted message so they are easily cracked using frequency analysis. To prevent frequency analysis, we can use multiple alphabets as part of the enciphering process.
The use of several alphabets for substituting the plaintext is called a “polyalphabetic” cipher. It is designed to make the breaking of a cipher by frequency analysis more difficult, or impossible. Instead of substituting one alphabet for another, the ciphertext is generated from several possible substitution alphabets that language statistics are not known. A well-known example of a polyalphabetic cipher is called the Vigenere cipher. Blaise de Vigenère, a Frenchman, developed a polyalphabetic cipher in the 15th century using a key word and 26 alphabets, each one offset by one place. This is a very effective way of preventing frequency analysis in helping break the cipher.
To summarize, adding complexity to a substitution cipher can make the disguise more effective. Ciphers can use several alphabets to provide more security and complexity. The idea is simple, instead of having one alphabet, we create many that no one knows language statistics about. Using several alphabets with letters randomly rearranged and then substituting letters from each alphabet for letters in plaintext provides a system that can defeat frequency analysis because, for example, the letter “e” would be represented by some different character in each of the alphabets used. These types of ciphers, known as polyalphabetic, are very effective because they disguise simple linguistic patterns.
Running Key Cipher
The use of modular mathematics and the representation of each alphabet letter by its numerical place in the alphabet are the basis of many modern ciphers.
The English alphabet would be calculated as modular 26 because there are 26 letters in the English alphabet. The use of modular 26 means that whenever the result of a mathematical operation is equal to or greater than 26, 26 needs to be subtracted from the total as often as needed until it is less than 26. Using the above values, the cryptographic operation operates as follows:
Ciphertext = plaintext + key (modular 26) This is written as C = P + K (modular 26)
Ciphertext is the value of the plaintext + the value of the key (modular 26). For example, the plaintext letter N has a value of 13 because it is the 13th letter in the alphabet using the table above. If the key to be used to encrypt the plaintext is a Q with a value of 16, the ciphertext would be 13 + 16, or the 29th letter of the alphabet. Because 29 is more letters than we have in the English alphabet, 26 is subtracted and the ciphertext becomes the letter corresponding to the number 3, a D.
One-Time Pads
As we have seen above, in a running key cipher, the key is repeated, or is as long as, for the same length as the plaintext input.
The only cipher system asserted as unbreakable, as long as it is implemented properly, is referred to as a one-time pad. These are often referred to as Vernam ciphers after the work of Gilbert Vernam, who proposed the use of a key that could only be used once and that must be as long as the plaintext and that never repeats.
The one-time pad uses the principles of the running key cipher, using the numerical values of the letters and adding those to the value of the key. However, the key is a string of random values and exactly the same length as the plaintext and is never repeated.
Earlier we discussed stream and block ciphers. Stream ciphers may be, in some cases, equated to what may be referred to as one-time pads. A one-time pad uses a keystream string of bits that is generated completely at random. The keystream will be the same length as the plaintext message, and again, both are combined using typically the XOR operation. Because the entire keystream is totally random and is used only once, a one-time pad is said to have perfect secrecy, which means it is unable to be defeated by a brute-force attack. Stream ciphers were developed to try and apply the action of one-time pads. This practically means that a one-time pad is not breakable by frequency analysis or many other cryptographic attacks.
Steganography
Steganography is defined as the science of hiding information. Whereas the goal of cryptography is to make data unreadable by turning it into a secret, the goal of steganography is to hide the data from a third party. As cryptography is literally defined as turning something into a secret, steganography, which hides something within something else, is therefore a form of cryptography. The word steganography is derived from the Greek words “steganos,” which means covered or concealed, and “graphy,” which means writing.
The relationship between cryptography and steganography is as follows: Cryptography can be defined as the practice of protecting the contents of a message, steganography is concerned with concealing the fact that a secret message is being sent as well as concealing the contents of the message.
There are different ways that we can hide something within something else, in other words, perform steganography. These may include hiding messages by using physical concealment techniques. This would be referred to as physical steganography. Modern steganography can use technology to hide messages.
These may include but are not limited to the following:
- Covert channels
- Hidden text within web pages
- Hiding messages within picture files or sound files
- Null ciphers (hiding a message within another plain text message)
There are a number of uses for steganography. One of the most widely used applications of steganography may be digital watermarking. A watermark, historically, is the replication of an image, logo, or text on paper stock so that the source of the document can be at least partially authenticated. A digital watermark can accomplish the same function; a graphic artist, for example, might post sample images on their website complete with an embedded signature so that they can later prove their ownership in case others attempt to portray the work as their own.
Null Cipher
The term null cipher is defined as hiding a message within another message that is in plaintext. In other words, you are hiding ciphertext within a plaintext message. A simple example:
- Interesting Home Addition to Expand Behind Eastern Dairy Transport Intersection Meanwhile Everything.
- If the first letter of each word is used, the message decodes into the secret message I Hate Bed Time.
A very famous example of a null cipher is William Carrol’s poem titled “Are You Deaf Father William?” We see that the first letter of each of the lines of the poem spells out William Carrol’s lover at the time, Adelaide Paine.
“Are you deaf, Father William!” the young man said, “Did you hear what I told you just now?
“Excuse me for shouting! Don’t waggle your head “Like a blundering, sleepy old cow!
“A little maid dwelling in Wallington Town, “Is my friend, so I beg to remark:
“Do you think she’d be pleased if a book were sent down “Entitled ‘The Hunt of the Snark?’” –
“Pack it up in brown paper!” the old man cried, “And seal it with olive-and-dove.
“I command you to do it!” he added with pride, “Nor forget, my good fellow, to send her beside “Easter Greetings, and give her my love.”
Follow Us
https://www.facebook.com/INF0SAVVY
https://www.linkedin.com/company/14639279/admin/
