Encryption

From Hackepedia
Revision as of 17:51, 5 February 2008 by Franks (talk | contribs) (typo)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

Background

Encryption is the art of obfuscating information so that a third party cannot read its contents. The encrypted text in encryption is called ciphertext. In plain text it's called plaintext.

Meet Alice and Bob.

In most cryptography examples, Alice wants to send something to Bob. In our case, Alice likes Bob and wants to write him a loveletter.

Meet Eve (the person that eavesdrops).
Meet Mallory (the person that likes to destroy things).

Eve loves gossip, and just wants to read the loveletter. Mallory is actually jealous of Alice, and not only wants to read the letter, but wants to make Bob mad at Alice.

There are different types of encryption, symmetric and asymetric. Symetric encryption requires a secret key that is well known (or "shared") by everyone reading and writing the message (in our example, Alice and Bob). This is the form of encryption most people are familiar with. If someone else (Eve or Mallory) somehow learns the secret key, that person can read all of the messages encrypted with that key. The biggest weakness in most symetric encryption systems is how the shared key is distributed.

In asymetric encryption, two different keys are used for encryption and decryption, removing many of the problems of key distribution. The most common form of asymetric encryption is known as public key encryption. If Bob doesn't have the secret key, he and Alice can use public encryption (asymetric) to work out a new key in a secure fashion. Public key encryption is subject to the Man in the middle attack, whereby Eve or Mallory intercepts the message from Alice to Bob, decrypts (and possibly alters) it, then re-encrypts the message with his own key, before sending it along to Bob.

Symmetric Encryption

There is several private key encryptions such as

DES
3DES
AES
Blowfish
(and many others)

Most of these are considered BLOCK ciphers because, as in Blowfish's case you can only encrypt a block of 8 bytes at a time.

Stream ciphers are opposite and encrypt a bit or byte at a time.

RC4 - supposedly is a stream cipher.

Private key or Symmetric encryption needs Alice and Bob to have the same key, perhaps negotiated last thursday when they had lunch together down at the Plaza, we saw Alice write the key on Bob's napkin.


Asymmetric Encryption

Diffie-Hellman exchange
RSA

Further reading

Applied Cryptography by Bruce Schneier
http://www.schneier.com/book-applied.html Currently the definative reference (unclassified, at least) on cryptography. The entire book is availabe in PDF form at this location: http://www.cacr.math.uwaterloo.ca/hac/