S-38.116 Teletietotekniikka Teletekniikan laboratorio Teknillinen korkeakoulu March 27, 1996
Cipher
A method of cryptography by applying to the letters or digits of the
plaintext.
Ciphertext
The enciphered form of data.
Cryptology
The science which includes all aspects of cryptography and
cryptoanalysis.
Enemy
Any adversary of the system.
Modulo
A statement "modulo m" means that arithmetic with m as modulus
is being used.
Permutation
Changing the order of a set of data elements.
Plaintext
Message or data which are in their normal, readable (not crypted)
form.
Power function
The function a^n is the nth power of a.
Time stamp
A value inserted in a message to give the time at which the message
was originated.
But life is not easy. Developing a security technique has to pass many tests before it is accepted and legally used. The governments of many countries do not like the idea that techniques, which are developed to protect an individual's data, are very strong. Because, they like to have access to each and every every person's data whenever they want. It is justified by claiming that criminal and other illegal organizations might use such strong techiniques in their activities.
This is a study on data security methods, mainly cryptographic techniques. Section 2 introduces main cryptographic systems available and Section 3 discusses a few important algorithms and standards. In Section 4, we explore three different fields of communication using example security implementations. Section 5 concludes the discussion.
If two parties use a symmetric encryption technique for communication between them, the key, which is used to encrypt the data, must be passed safely to the second party for decryption.
In some systems, a pair of keys are used for encryption and decryption. Here the sender and receiver agree on some encrypt/decrypt key pair. There are also systems where the receiver is able to calculate the decryption key from the encryption key.
In symmetric ciphers transporting keys is risky, and therefore there must be a secure channel between the sender and receiver in order to pass keys safely.
In this section, we explore a few algorithms which have been widely accepted and used for implementing cryptographic systems.
The same algorithm is used in DES for both encryption and decryption. An encryption (or decryption) operation takes two 64-bit inputs, the plaintext (or ciphertext) and the encipherment key block, and produces one 64-bit output, the ciphertext (or plaintext). Only 56 bits of the key block is directly used for encryption by the algorithm. The remaining 8 bits of the key block are used as parity bits for the each 8-bit byte of the key block.
The algorithm uses permutations, substitutions and modulo-2 additions for encryption. Permutations in the DES are of three kinds: straight, expanded and permutated choice. Straight permutation simply reorders bits. In the expanded permutation, some bits are duplicated and the result is reorderd. The permutated choice ignores some bits are and reorders the remainder.
Substitutions are known as S-boxes and are specified by eight different tables. The S-boxes have 6-bit inputs and 4-bit outputs.
After an initial permutation the 64-bit input is broken into left and right blocks, each 32-bit long. Then there are 16 rounds of identical operations in which the data is combined with the key. After the final round, both blocks are joined and an final permutation is applied to it.
Because IDEA is fairly new algorithm, no practical attacks on it have been yet published. IDEA is patented in the United States and in most of the European countries. Non-commercial use of IDEA is free [2].
RC2 encrypts data in blocks of 64 bits and uses mix-and-mash operations. RC4 is a stream cipher. In RC4, the output of a pseudo random generator is XOR-ed with the data stream.
The RC algorithms are very fast. According to the company, the RC2 is three times and RC4 ten times faster than DES. Their speed is independent of the key's size. Even if the official source code is not available, there have been attempts to produce equivalent source of the algorithms.
The United States government allows only the 40 bit version (RC4-40) to export. Inside the united states, many products use the 128 bit version (RC4-128). Popular Web browser Netscape(tm) uses a protocol, called the SSL, to pass confidential data, such as credit card numbers. This protocol is based on RC4 algorithm. Recently the export version of the cipher, RC4-40, has been broken by at least two independent groups. The cracking process took about eight days using the computing power which is currently available in many universities and companies!
Decipherment: x = y^d, (modulo m)
Here,
The modulo m used here is obtained by using two large prime numbers, p and q, different from each other. The security of RSA relies on the difficulty of factoring large integers. The receiver publishes the m as part of the public key but keeps p and q secret.
An attack, called attack by iteration, exists for the RSA. In this attack, the ciphertext is repeatedly crypted until we get the ciphertext again as the result. Note that to apply this attack, the enemy does not need to know the key or the primes p and q. The following example illustrates this technique using small numbers:
Here, public-key e is 9 and ciphertext y = 3. After five iterations, it is revealed that the plaintext is 13. According to the authors of the algorithm, this attack can be eliminated by carefully choosing the prime factors p and q [3].
PGP uses IDEA for data encryption and RSA for key management. In file encryption, PGP compresses the file before encrypts it. PGP is not a user friendly program. It doesn't have menus or buttons. The current interface is a Unix style command line program. But many mailers, such as emacs and pine, support PGP.
PGP provides user encryption close to military-grade [6]. The US government filed a lawsuit against the author for illegally "exporting" PGP via Internet in 1991. But recently all charges against him were dropped.
The rest of this section shows how PGP can be used to create keys and later use them to decrypt and sign messages.
pgp -kg
pgp -ks your-key-id -u your-key-id
pgp -kx[a] your-id file
pgp -ka file
pgp -kv
pgp -e[a] file friend's-id
pgp crypted-file
pgp -kr friend's-id
pgp -st[a] text-file -u your-key-id
pgp signed-text-file
Ssh enables a user to log into another computer over a network, to execute commands in a remote machine and to move files from one machine to another. The protocol provides strong authentication and secure communication over insecure channels. Ssh also provides secure X connections and secure forwarding of arbitrary TCP connections [7].
Ssh uses RSA for authentication. Each user creates a public/private key pair using the Ssh tool ssh-keygen. The secret and public keys are saved in the files .ssh/identity and .ssh/identity.pub respectively. Now the user should copy the public key to .ssh/authorized_keys to her home directory on remote machines. After this, the user does not have to give her password to log into that particular remote machine.
When the user tries to login to a remote machine, the server checks the key pair of the user. It sends the user a challenge, a random number, encrypted by the user's public key. The challenge can only be decrypted using matching secret key. If the user succeeds to decrypt it, she is allowed to log in without password verification. Note that the key verification is done automatically by Ssh on behalf of the user. If authentication fails, then the user is asked to give password.
All communications, including password sent to the remote machine, are encrypted. All communication with the remote command or shell is automatically encrypted. The X11 connection is automatically forwarded and X11 programs started from the shell command will go through the encrypted channel.
Ssh allows the user to choose the algorithm used for encryption. The current version supports IDEA, DES, RC4-128, 3DES and TSS. Ssh uses IDEA as default. If the user wants, she can also turn off encryption. The algorithm may also be selected on a per-host basis using the configuration file.
One may expect that the encryption of a communication channel might slow down the data transfer. Because of efficient implementation, the initial results show that Ssh can compete with traditional communication programs. The speed also depends on the algorithm chosen for encryption. Among the currently available algorithms, RC4 is the fastest.
Ssh is available for many Unix platforms. Also, there are preliminary versions for OS/2 and Windows. Ssh can be used freely for non-commercial purposes.
Money withdrawal
Digital coins are messages which include string of digits, where each string corresponds to a different coin. During a withdrawal, the bank creates unique blank coins and validates them with special digital stamp. This allows the bank to recognized a particular customer's coins when she does a purchase.
Digital coins are used when a customer withdraws money from the bank. Money is taken from the customer's account and stored on her hard disk along with some coins she already has.
Purchase using ECash
A customer, with digital coins, can do purchasing through networks. When the customer decides to buy something from a shop, she selects the amount of money out of her account and sends it to the shop. The ECash software, which maintains customer's money transaction, now removes equivalent digital coins from her account after money is sent.
The shop, which receives the money from the customer, sends received coins to the bank for verification. To make sure that each coin is used only once, the bank maintains a spent coin database. If a shop requests verification for some coins, the bank checks corresponding coins in their spent database where the serial numbers of all the used coins are kept. If the bank does not find the numbers in the database, it informs the shop that the payment is valid.
ECash uses public-key cryptography and digital signature techniques to achieve high security in money transactions over computer networks. During a payment, the identity of the payer can be kept secret. This technique is called blind signature [1] and it is an extension of digital signature. According to Digicash, the ECash is currently tested by about 30,000 people around the world.