Demystifying Cryptography

Many system administrations and network administrators alike find the details behind cryptography rather difficult to comprehend. Prior to me researching and learning about it, I also thought it was rather difficult, but it’s not.

What is Cryptography?

Put rather simply, cryptography is the science of manipulating data in such a way that it is obfuscated and useless to one who does not have the knowledge of the cipher and any associated secret keys to decrypt.

But there’s more to it than that, there are actually three common forms of crytography:

  • Encryption – a method of obfuscating data that is reversible, generally using secret keys and a shared cipher.
  • Hashing – a method used for verifying the integrity of data, not so much for obfuscating data.
  • Steganography – hiding data in plain site, for example in pictures.

History of Encryption

Throughout history, different forms of encryption have been used to hide data for various purposes. Historically speaking, data only needed to be kept secret for a little bit, and during the height of World-War II, the general rule of thumb was that data only needed to be kept secret for about 3 hours.

That’s where classical ciphers come in.

Caesar’s Cipher

The Caesar’s cipher is one of the most well known forms of encryption. The Caesar’s Cipher is a form of substitution cipher wherein letters are shifted three characters to the right in the alphabet.

For Example, if we wanted to encrypt the work “ALPHA”, it would have the following cipher text:

Cipher Text: DOSKD

To decrypt this, we would simply shift each character of the cipher text 3 characters to the left.

For example, the Cipher Text: PRPPD would decrypt to:

Plain Text: MOMMA

As you can see here, we actually experienced a phenomenon common to the English language, certain letters occur throughout our language more often then others. This is something known as Frequency Analysis.

Obviously the padding of three can really be substituted for any desired padding, it doesn’t require much effort to break this either as all you need to know is the padding used to shift characters.

Vigenere Cipher

Similar to the Caesar Cipher, this is another form of classical substituion ciphers. Instead of the shift being a set number of characters, the shift is actually defined by a phrase known as the “key”.

The easiest way to visualize this cipher is through the use of a table that lists corresponding cipher text for each plain text entered.

Vigenere Cipher Table:

For our example, we’ll use the following key:

Key: WOMBAT

Now let’s encrypt the word “Dogshow”

Ciphertext: ZCSTHHS

As you can see, our key wasn’t exactly the same length as the word we were encryption, so we actually just end up wrapping around to the beginning of our key when we get there.

Now using that same key, let’s decrypt the following:

Ciphertext: YFKQTHCFMQHR

Using our cipher, we should get the following:

Plaintext: CRYPTOGRAPHY

This cipher was considered unbreakable for over 3000 years, until a method of easily decrypting the data was developing in the 1800s.

Modern Encryption

Okay, we’ve gone a little into some of the most simple ciphers known to man, there are many others that were used throughout history, but it’s time to get into modern cryptography and how we can use that to keep data secret.

Today’s algorithms are based largely on math, and that’s in many thanks to the advancements in computers that allow us to calculate large numbers in real time. Something that would take even a skilled cryptographer years to do.

Stream vs Block

I won’t go to far into this because the goal of this post is to get people comfortable with Cryptography, not make them experts.

There are two well known encryption ciphers that provide the same result, just in different ways. There are Stream Ciphers and Block Ciphers.

What is a block cipher?

A block cipher is an algorithm that encrypts fixed lengths of data, one at a time. This fixed length of data is known as a block, giving the cipher it’s name. The size of each block generally ranged between 64-256 Bits.

What are some common block ciphers?

You probably already know most of them, and maybe just didn’t know that they were block ciphers, but some common block cipers include:

  • DES
  • DES
  • AES
  • Blowfish
  • Serpent

What is a stream cipher?

A stream cipher is an algorithm which encrypts one bit of data at a time. Stream ciphers are designed around the ideal cipher known as a one-time pad. However, the idealism of the one-time pad presents us with too much impracticability for everyday use.

What are some common stream ciphers?

There are probably alot less common to you, these ciphers your really don’t see everyday although some of them, such as RC4, are used for WPA and WEP encryption. RC4

Kerckhoffs’ Principle

Kerckhoffs’ principle is a theory behind cryptography where the strength of encryption should not rely on the secrecy of the cipher, but only the secrecy of the key.

This is visible in just about all modern day encryption algorithms. The cipher is generally open to scrutiny and criticism, which in turns makes it more secure.

However, we keep our keys near to our chest, because without those, our data can’t be decrypted.

And there are some good examples of this. Looking back in history, everyone can probably remember the OpenSSL Heartbleed nightmare. While the vulnerability did allow attacks to slowly leak information about the secret key, it was caught because the OpenSSL library was open-source and easily audit able by anyone in the world.

This is a good example of Kerckhoffs’ principle in action.

Encryption vs Hashing

This is one that I think is pretty simple to understand, but I’ll go over it briefly as it’s an essential component of modern cryptography.

Encryption is based of the original goal of cryptography, keeping data secret. It works in a reversible manner where both the person decrypting and encrypting the data have a secret key they use to perform those actions.

Hashing is different. Although hashing is a form of cryptography, it’s not based on the original goal of cryptography, but is based on the idea of maintaining and validating the integrity of data.

Sure, hashing is often used as a form of securely storing passwords, but hashed data is non-reversible. Hashing operations are performed one way and cannot be performed in the other. Typical authentication methods used hashed and salted data to securely store the password in a database.

What’s salting?

I mentioned salting in reference to securely storing passwords. This is a method where the data is appended with random data before being hashed to prevent simple attacks such as rainbow table attacks on passwords.

A rainbow table attack is where an attacker has a pre-calculated databased of known passwords in there hashed form and attempts to derive the password based on collisions.

What’s a collision?

This is rooted in one of the major concepts behind hashing. Hashing should result in a unique output for each unique piece of data inputted. What this means is that no one word in it’s hashed form should equal the hashed form of another word.

There have been some successful attacks on older, and current hashing algorithms that have resulted in successfully being able to manipulate and produce a collision. The most notable of these that I suggest you research if you want to learn more is SHA-1.

Closing

Alright, if you read this one I want to thank you for bearing with me. These are some of the basics behind cryptography that I think are very important to understand if you implement any type of encryption or hashing in your day to day job duties.

If you’re really interested in reading more about this, a book I found extremely helpful when I was studying for my ECES:

Serious Cryptography by Jean-Philippe Aumasson

https://nostarch.com/seriouscrypto

Posted in PKITagged , , , , , ,