Deciphering Cryptography

Communicating over any untrusted medium, particularly through distributed network and e-commerce applications, requires cryptography, the process of enciphering and deciphering secret code. Cryptography provides the following security functionality, which is necessary for secure client/server and application-to-application communication:

• Authentication—proves one's identity
• Privacy/confidentiality—ensures that only the intended receiver can read the message
• Message integrity—assures the receiver that the received message hasn't been altered from the original
• Nonrepudiation—proves that the sender sent the message

In this article, I discuss the different cryptographic algorithms, how to apply them, and how Windows NT uses cryptography.

Cryptographic Algorithms
You can classify cryptographic algorithms by the number of keys employed for encryption and decryption. Secret key cryptography uses one key for both encryption and decryption. Public key cryptography uses one key for encryption and a different key for decryption. Hash functions use a mathematical transformation, rather than a key, to irreversibly encrypt plaintext into ciphertext, as Figure 1, page 98, shows.

Secret key cryptography. Using this cryptographic algorithm, the sender uses a key to encrypt plaintext, then sends the ciphertext to the receiver. The receiver applies the same key to decrypt the ciphertext and recover the original message in plaintext.

In secret key cryptography, both sender and receiver must know the key. The greatest challenge of this method is the secure distribution of the key. The strength of a secret key cryptographic system is the length of the key. With limited computing power, the only way to attack a cryptographic system is to break the algorithm. As computers get faster and cheaper, brute-force attacks, in which an intruder tests every possible key combination, become increasingly affordable and common. Thus, to stave off a brute-force attack, you must use large keys that make computational attacks infeasible (a 90- to 100-bit key should be adequate for the next 10 years).

The most commonly used secret key cryptography scheme is the Data Encryption Standard (DES), which IBM designed in the 1970s and the US government subsequently adopted. Using a complex set of rules and transformations that IBM designed to yield fast hardware implementations and slow software implementations, DES uses a 56-bit key to encrypt 64-bit blocks of data. At the time, IBM also proposed a 128-bit key for DES, which the government rejected.

Experts in the cryptographic community claimed that DES wasn't sufficient to protect government, financial, medical, and other crucial information. In July 1998, the Electronic Frontier Foundation (EFF) announced a $220,000 hardware device that used brute-force methods to find a DES key in an average of 4-and-a-half days. Soon thereafter, the US government recommended that new DES implementations use Triple DES. 3DES employs three DES encryption and decryption steps and lets you use one, two, or three 56-bit keys, which makes a 168-bit key length possible.

Additional secret key cryptography algorithms are currently in use, including RC, which Ronald Rivest of RSA Data Security developed. To replace DES, RSA Data Security designed RC2, which operates on 64-bit blocks and uses a variable-length key. Although RC2's code isn't public, many companies, including Microsoft, have licensed RC2 for use in their products. RC4, which also uses variable key length, is a stream cipher (i.e., the algorithm contains a feedback mechanism to ensure that the algorithm encrypts blocks of data differently). Many commercial cryptographic products use RC4; however, vendors can export from North America only products that use short keys (e.g., 40- or 56-bits long).

In addition, since 1997, the US government has been looking for an official successor to DES. The government will select the successor, the Advanced Encryption Standard (AES), by the end of 2000.

Public key cryptography. In 1976, Stanford University professor Martin Hellman and graduate student Whitfield Diffie first publicly described public key cryptography. The Diffie-Hellman scheme solves secret key cryptography's key exchange problem by employing two keys: one to encrypt plaintext and the other to decrypt ciphertext. A year later, MIT mathematicians Rivest, Adi Shamir, and Leonard Adleman developed RSA, the first implementation of the Diffie-Hellman scheme.

In public key cryptography, one of the keys is the public key, which means the owner advertises the key. The other key is the private key, which means the owner keeps this key a secret. To send a message, the sender uses the receiver's public key to encrypt information and the receiver uses his or her private key to decrypt the ciphertext message. The order in which you apply the keys doesn't matter—one key encrypts, and you need the other key to decrypt. Although the two keys are mathematically related, you can't determine the second key by knowing the first.

RSA is the most common public key cryptography implementation, and hundreds of software products use it, primarily for key exchange. RSA uses a variable-size encryption block and a variable-size key, usually as many as 1024- to 2048-bits long. RSA derives a key-pair from a very large number, n, that is the product of two prime numbers. Each of these primes can be more than 100 digits in length, yielding an n value that contains approximately twice as many digits as the prime factors. This n value maintains RSA's security. The public key includes n and a derivative of one of the factors of n. This information doesn't reveal the prime factors of n to an intruder, so the private key remains secure.

Hash functions. Hash functions (e.g., message digests) are algorithms that don't use a key. Instead, hash functions mathematically alter plaintext so that the receiver can't recover the content and length of the original message. Hash functions rely on the fact that different plaintext strings are unlikely to yield the same hash value. Hash algorithms provide a digital fingerprint of a file's contents, which ensures that an intruder or virus hasn't altered the file. Many OSs also employ hash functions to encrypt passwords.

Message Digest (MD) algorithms are popular hash functions among commercial cryptographic applications. Rivest developed this family of byte-oriented schemes that produces a 128-bit hash value from an arbitrary-length message. Request for Comments (RFC) 1320 describes MD4, which Rivest designed for fast software processing using little memory. RFC 1231 describes MD5, which Rivest developed after users reported potential weaknesses in MD4. MD5 is similar to MD4 but slower because it manipulates the original data more than MD4 does. In 1996, users also discovered several weaknesses in MD5.

The Secure Hash Algorithm (SHA) is another hash code that commercial products commonly use. The National Institute of Standards and Technology (NIST) developed this hash function, which produces a 160-bit hash value.

   Previous  [1]  2  3  Next