Adversary - anybody you are trying to keep your messages secret from. If your adversary is an experienced Hacker, keeping your messages secret will require some more effort. If you can keep your computer out of the hands of your adversary, keeping your messages secret will be much easier.
Algorithm - a specific mathematical recipe, in this case, for encryption and decryption. Different algorithms have different properties: some are more secure than others, some are faster than others. Of course, each is incompatible with all the others.
Each "algorithm" is, strictly speaking, several algorithms that work together. One algorithm encrypts, one algorithm decrypts, and there are other algorithms for other tasks such as generating keys or verifying signatures.
Back Door - any security leak that is known to an adversary but is unknown to the users of a secure system.
If you were trying to secure a house so that burglars could not get in, you would put locks on all of the doors and windows. If there was a door in the back that you forgot to put a lock on, that would constiture a "back door".
But it doesn't have to be a door. If there was a skylight in the roof that a burglar knew how to get in through, or a ventilation duct or a sewer pipe a burglar could crawl through, security experts would call these also "back doors". Even if a particular burglar had a skeleton key that you didn't know about, or knew how to pick one of your locks, or they knew a trick to opening one of your locked windows, this might be considered a "back door".
Usually, if your adversary does not have a copy of your secret key, they cannot read your encrypted messages. A back door on your encryption algorithm would be a way for an adversary either to decrypt your messages without your secret key, or to somehow extract your secret key by examining the encrypted messages you send to your confidants (which often include the public keys).
Longer Example: For instance, the RSA algorithm depends on the fact that large numbers are hard to factor. If I tell you that 5764981 is the product of two numbers, you would have to try all of the prime numbers from 2 through 2401 (that's the square root) before you found the one that divides it evenly, 2267. (Then you get the other number, 2543, by dividing.)
So, if your public key was 5764981, your adversary would have to try almost a thousand divisions before they could figure out that your secret key was (2267, 2543). With a computer, this would take an instant. But if your public key was 300 digits long, your adversary would have to buy a million computers, and have them running for a thousand years, before stumbling onto the right numbers. Hopefully at least.
The current state of the art is that there are mathematical methods that are faster than this brute-force approach, but not fast enough. Some day, a brilliant mathematician might find a very efficient way to factor prime numbers. If so, that would be a "back door" for the RSA algorithm.
Blowfish - yet another symmetric
key encryption system.
Certificate - a piece of data, typically a public
key, that is digitally signed by some signing authority. This is important, because
a public key is like a signature card; it is the data that allows
you to verify that a signed document was indeed signed by who you think it was signed
by.
The reason why public keys are sent around in certificates is to guard against impostors. Anybody can use public/secret key software to generate a public/secret key pair for a user with any name, such as "Bill Clinton <president@whitehouse.gov>". The impostor could then digitally sign documents that appear to be signed by Bill Clinton.
A signing authority works like a notary public. First, they go through some verification process, to try to ensure that the person really is who they say they are. The signing authority witnesses the generation of a secret/public key pair, grabbing a copy of the public key that comes out. (The secret key never leaves the user's machine.) The signing authority then digitally signs this public key with their OWN key (the signing authority's key), in the same way that a notary public signs the document they witnessed with their own signature.
Usually all this happens behind the scenes and it's hard to tell what is going on. The "signing authority" is really a smart website. It verified that you are who you claim to be because it sent an email to you and you proved that you got the email. Magical commands in your browser deal with the keys, even if you are not aware of what's going on and what data is important to protect, and how.
Therefore, all of the certificates coming out of a given signing authority are all signed by them, much as the diplomas of all of the students coming out of a university are signed by the president of that university.
Of course, the next problem is, who can verify that the signing authority is not an impostor? In order for this whole thing to work, you must have a public key for the signing authority... in fact, you must have a SIGNED public key, that is, a certificate for the certificate authority itself.
Netscape and IE have solved this problem by being shipped with certificates for leading certificate authorities. Typically, these certificates are self signed. Basically, we are trusting Netscape and IE to not feed us bogus certificates.
Cipher - a simple encryption system where each character
is substituted for another. For instance, Rot13 is a cipher.
All ciphers are symmetric algorithms.
A cipher might use the following key. Both sender and receiver need this same key; the receiver would simply use the key backwards.
| a => h | b => n | c => b | d => q | e => o | f => s | g => d | h => k | i => v |
| j => w | k => y | l => p | m => g | n => l | o => c | p => t | q => e | r => x |
| s => m | t => i | u => z | v => a | w => r | x => f | y => j | z => u |
Under this system, the word "Helen" would encode as "Kopol".
Ciphers are notoriously easy to break. For instance, you can already see that "Kobol" has a repeated letter in it. It's pretty easy to break a cipher, given a few paragraphs of encoded English text.
An attack typically starts by counting up the frequency of various characters. The most common letters in the English language are e, t, and a, in that order, followed by o, n, r, i, s, h. These clues are supplemented with word frequency information, for instance, the fact that "the" and "and" are the most common three letter words.
Because the encrypted message is not guaranteed to fit the "average english" profile, some trial and error is needed, but astonishingly little. Given a little bit of experimentation, such a code can be totally broken in a few hours if done on paper. Computerization and dictionary lookup can reduce the hacking time to almost nothing.
A good symmetric algorithm can be built upon the idea of a cypher, however. One way to do this is to use a cypher, but vary the cypher system on a character-by-character basis.
Modern secure code systems (whether symmetric or public key) typically consider the entire message to be one long number. This number is encrypted whole, yielding an inscrutable lump of bits that appears to change completely even when one character of the original plain text is changed.
Cracker - a computer vandal. A cracker tries to break computer security systems, either for some selfish and unwholesome purpose, or simply for sport. Some others do so professionally, to test the security of established systems. Make sure you know who you are dealing with.
Many crackers claim to engage in their sport as unauthorized security testers. As such, they claim a moral imperative. For some reason, the same moral redemption does not apply to unauthorized house or office burglars.
The programmer and encryption community prefers the term "Cracker" to describe an internet vandal, whereas the public and the press usually use the term "Hacker".
DES - A symmetric encryption
algorithm used in the 1970's and later that always uses
56 bit keys. It became a standard for such applications as banking
and finance. It was developed by the US NSA, and is widely believed to have been
designed in such a way that the NSA could break it, if it decided that it needed
to. (Part of the evidence is the odd key size of 56 bits, when going up to 64 would
have been trivial.)
Due to its lack of security, it is losing popularity and falling into disuse. Because of the 56 bit key, there are only about 72 quadrillion possible keys; if you can program a computer to try them all, you can break any code. One popular way to do this is to build a special purpose computer and use encryption chips, chips specially designed for rapid encryption and decryption. These can unfortunately also be used for rapid key cracking. (Kindof defeats the purpose of making an encryption chip, no?)
See also Triple DES.
Digital Signature - se Signature, Digital.
DSA - Digital Signature Algorithm - a digital signature algorithm developed by the NSA for public use. Although there are suspicions that the algorithm has a back door known only to the NSA (allowing the NSA to forge signatures, although not decrypt messages), most of these fears have subsided, and the DSA signing has gained wide acceptance, partly due to the fact that it is royalty free. DSA signing keys range in length from 512 to 1024 bits.
DSS - Digital Signature System - the use of DSA to sign documents and messages.
Hacker - either the same thing as a Cracker (internet vandal), or a creative and productive programmer who programs in an infomal manner.
The latter meaning was the original meaning. The image conveyed was of a programmer continually making small adjustments to their software, slowly evolving toward a finished product, the way a sculptor might chip away at a piece of wood with a hatchet. The result is often a new and unique piece of software, unforseen by someone who simply implemented straight from a specification.
More recently, the term has taken on the meaning "internet vandal". Programmers who engage in network vandalism have been relabeled "Crackers" by programmers who don't engage in network vandalism, in an effort to distance themselves. Often, heated discussions spring up over the topic, as many programmers who don't engage in cracking automatically assume that everyone is, or should be, using the term "Hacker" to refer to a programmer and "Cracker" to refer to a vandal, when, in reality, most people think of the word Hacker as an internet vandal. They claim to be Hackers, and they claim that Hacking is good. The result is the opposite of what they intended, as the typical listener decides that Hackers are self-righteous and evil internet vandals. Pay attention to who is speaking or writing.
Key - A special piece of data used for encryption and/or
decryption. Due to modern encryption automation, keys are not human readable and
typically look like alphanumeric gibberish to humans. A computerized random number
generator chooses the bits of the key in such a way that it cannot be predicted.
See also Public Key, Secret Key,
and Symmetric Key.
| -----BEGIN PGP PUBLIC KEY BLOCK----- Version: PGPfreeware 6.5.1 for non-commercial use <http://www.pgp.com> mQDiBDfuml8RAgDo7TQJ+fR95NvUxZVdwK+0x+jcoR7/TeItvm/GxESVgP4pNUeo lwTIwmox7a13D3hpNp2Lfq+SGIC+Xh5lJN4LAKD/srFAfztSKnXzGIrF1xzZtVKm 0QH/ZDDD/xAlB2229v5nwvK7DgxwUAeT8+nZll613mcDbmbM56ugRIfR4Dlo3xHQ UKPDt9UmYNxCG17oWSlJItRjgAH9G71QXIokJFin3TncQshtmddooYxGZe0Qst0M IDVRWIs/JeOaC9mEKbLfqVh6pXzXAFQEEBECABQdnEqG3e2y/ZLQddHJlbnRlIHF1 YXRyZSA8dHJlbnRlIHF1YXRyZT6JFAjfumlBKrvNMERw68FCQ8MPwAECwMBAgIZ AQAKCRB8zyfPFFhh11HWAJ9YOKZ2h/nc1t8NzVrsFOzpwqd88QCfTfn9xLW/bxjU N54DVSGTgjT0b5W5AI0EN+6aXxACAMU/IupbrRID1H/u1Gm7zvKPFEDyn6Yy2SKp m/aRQsVkXznonN6GojuRO46G7BUEALxnK9mluvUbtogwOmKtgc8AAgICALRSnRsQ 1UYKM/5nHhYdH3IYptG5KaY2l3mh5ztn1gC6+kufinIFWtZ8BqQOk4e3AU/yopGY 1eAtwLfk+204ChOJAEwEGBECAAwFAjfuml8FCQ8MPwAACgkQfM8nzxRYYdcyEgCf b3apVQAS84KFPGlwDXZdgpCkS3wAoLC52UT+A9I6GRVx0PpA3yiUQq0L =TDVB -----END PGP PUBLIC KEY BLOCK----- |
|
| A typical public key. |
Keys are specific to encryption algorithms - you cannot use an RSA key to do DES encryption, or vice versa. Many algorithms have specific mathematical requirements for their keys - you cannot use just any jumble of bits for an RSA key, for instance; a special algorithm is needed just to create a key with the correct mathematical properties.
The length of a key (a measure of how hard it is to break) is usually measured in bits. For instance, a 56 bit key can be stored in just seven bytes of memory. Each additional bit usually makes it twice as hard to break the code, so that an additional 20 bits would make it a million times more difficult. In other words, a computer program that tried every key would take a million times longer to try all of them. On the other hand, computer power doubles every two years, so, the codes of yesteryear are considered dangerously unsafe today.
Unfortunately, you cannot compare the length of keys from different algorithms. A 256 bit key for the IDEA algorithm, for instance, is respectably solid. For an RSA algorithm, however, a 256 bit key is considered flimsy because it is so short.
Plain Text - the unencrypted text or data that you want to conceal.
Private Key - same as Secret Key.
Public Key - Data used to encrypt messages in Public Key Encryption. The public key canot be used to decrypt any message; it is safe to pass this out in public, as the name implies.
Sometimes this is sent out in messages to confidants, other times, central name servers (like telephone books) will keep everyone's public key along with other contact information such as email address or phone number.
Public Key Encryption - The encryption breakthrough of the 1970's. With public key encryption, two confidants can communicate securely, even if all of their communications are intercepted, without risking sending a secret key and risking having the code broken. Before Public Key Encryption was invented, all codes were forms of Symmetric Encryption, where the encryption and decryption keys are the same.
In Public Key Encryption, the key is broken into two parts: your Secret Key is kept secret on your computer, and your Public Key is given out to each confidant.
Popular Public Key algorithms include RSA, Diffie/Hellman/Elgamal, and elliptic algorithms.
Rot13 - probably the simplest cypher in use. Each letter is exchanged for the letter 13 characters before or after it. For instance, the word "Helen" becomes "Uryra". Note that the encryption algorithm is identical to the decryption algorithm.
Because everybody knows how it works, Rot13 doesn't really provide any security, except against naive adversaries. It is mostly used in internet newsgroups to conceal potentially volatile or offensive text from those who voluntarily wish to avoid seeing it.
Secret Key - The core of Public Key encryption. Each confidant has their own Secret Key, which they must keep secret, of course. This key is never sent in any message, and usually never leaves the machine it is on. You do not exchange your secret key with any confidants, instead, you give out the corresponding Public Key to confidants so that they can encrypt messages to you.
Signature, Digital - a digital signature is a mathematical way to guarantee that a given message was sent by a specific confidant (more specifically, by someone who has a copy of the confidant's secret key).
It is similar to a handwritten signature on a piece of paper, except that it is much more secure against tampering and forgery. A handwritten signature can be easily forged by someone with a steady hand (although an expert can tell the difference). It can also be lifted with photocopy equipment onto another piece of paper (although, again, an expert can often tell the difference). Finally, it is often possible for a signed document to be changed after it is signed; detecting this is often difficult. Due to the loss of resolution, faxed documents are particularly suceptible to all of these security breaches, but nevertheless, business relies on it, even in the international arena where legal protection is thin.
Usually, digital signing and verifying are built in to encryption software. When your encryption software signs your message, it takes the complete text of a message and crunches it together with your secret key, to generate a signature, a bunch of extra bits, that are appended to the end of the message. When your confidant's encryption software decrypts the message, it also crunches together the text of the message, along with your Public Key, which your confidant has a copy of. (Yep, this is the same public key used to encrypt a message to you. The keys are used in the reverse direction, basically.) If the message is different (even by a single bit), the crunching is overwhelmingly different and the verification fails. This protects against alteration of the document, and also means that a digital signature cannot be lifted onto a different document the way a handwritten signature can. Similarly, if the message is signed with the wrong Secret Key, the verification also fails. This effectively prevents forgery of a signature.
You can write a document, date it, and include names, addresses and other information about people in the document. The signature ensures all readers that it came from you and hasn't been changed.
In this sense, the public key serves as a "signature card" for digital signatures; people can use it to verify that a signature is real. You must also guard against forgers, using Certificates.
Symmetric Encryption - Any encryption scheme where
the sender and receiver share the same key. (The encryption and decryption algorithms,
of course, are different.) Sometimes also called "conventional encryption".
The trouble with symmetric encryption is that the key must be transmitted between the two confidants. Either side can design the key and send it to the other, or they can agree to each design half and exchange halfs, but this does not get around the fundamental problem. Any eavesdropper who can intercept their messages, can also acquire the key, thereby breaking the code. This is the problem that Public Key Encryption solves.
Note, however, that if used with public key encryption, symmetric encryption can be just as secure. If you use public key encryption to exchange your symmetric key with your confidant, you can be guaranteed complete security, and can then use symmetric encryption for all subsequent messages. In fact, any way you can get your symmetric key to your confidant, including a fax or paper mail, will probably be reasonably secure, but it's easier for two computers connected over the internet to simply talk to each other.
The practical implementation of public key encryption actually relies on this principle. A one-time symmetric key is generated for the use of a particular message by a random number generator (which can be guaranteed to be random). The actual message is encrypted with this "session key". Then, the session key is, in turn, encrypted using the public key, and this encrypted key is appended to the message. The receiver simply reverses the process.
The original reason this was done was because symmetric algorithms are much faster for the CPU than public key algorithms. An added benefit is that the message can be encrypted for more than one recipient by simply encrypting the same session key once for each recipient, each with their public key. Then, the whole message need be encrypted only once with the symmetric key. In particular, it is convenient for the sender to encrypt to their own key so that they can decrypt their own message after it is encrypted; this is otherwise not possible because, according to the rules, only the recipient can decrypt the message.
Some symmetric encryption algorithms are IDEA, DES, Triple DES, and ciphers.
Symmetric Key - a key used for symmetric encryption.
Triple DES - a symmetric algorithm that basically involves applying the DES algorithm three times to each message, each time with a different key. The three 56 bit keys combine to effectively act like a 168 bit key, which is quite safe and satisfactory for most purposes. Any attacker would have to guess all three keys at the same time; simply discovering the first one lends no clues. The main appeal of Triple DES is that the basic DES algorithm is usually easily available, making it easy to implement.
Go back to Allan's Help Desk.