Cryptography Through The Ages (Part 2)
From Scytale to Quantum-Safe Cryptography
Introduction
In the last blog, we saw how the science of cryptography started, and why we needed such a science and we also saw ancient cryptographic ciphers and how symmetric encryption works.
In this blog, we will take a look at modern cryptography and how they are preparing for the arrival of powerful quantum computers that could potentially put current cryptographic systems at risk we will also understand the difference between symmetric and asymmetric encryption
Enigma (1918)
The Enigma machine is one of the most famous pieces of cryptography technology in history it was invented by the German engineer Arthur Scherbius in 1918 and It was used by the German military to encode and decode secrets during World War II, and its secrets were only broken by a team of Allied code breakers known as the “Ultra”.
Encryption
The Enigma machine features a series of rotors and a keyboard, to implement an extremely complicated substitution cipher When a user types in a message, the rotors scramble the letters and the machine produces a coded message.
Decryption
To decode the message, the recipient of the message would have to type in the same series of letters, and the rotors would unscramble the message. The Enigma machine was incredibly secure, and the Germans believed it to be unbreakable. As a result, they used it to communicate important messages between military units.
However, the Allies were able to crack the code with the help of the Ultra team. The team was able to use the Enigma machine to intercept and decode German messages, allowing them to gain a strategic advantage in the war.
Vulnerability
The vulnerability of Enigma machine is that it is susceptible to cryptanalysis due to the limited number of possible combinations of the rotors and settings. This means that if the settings of the Enigma machine are known, then the messages can be decrypted.
Before we continue let’s take a quick lesson about symmetric and asymmetric encryption
Cryptography 101
As we already know encryption is a way to protect data during transfer or storage. It is a means of encoding information to ensure that only authorized parties can access the data. There are two main types of encryption: symmetric and asymmetric.
Symmetric Encryption
Symmetric encryption is a type of encryption that uses the same key to both encrypt and decrypt data. It is also known as private key encryption because the same key is used for both encryption and decryption.
Symmetric encryption is used to protect data in transit and can be used to secure data on a local machine. The key used for symmetric encryption needs to be kept secret, or else the data can be compromised.
Asymmetric Encryption
Asymmetric encryption, also known as public key encryption, It uses two different keys for encryption and decryption. One key is used to encrypt the data, and the other is used to decrypt it. The two keys are mathematically related so that data encrypted with one key can only be decrypted with the other.
Asymmetric encryption is used in public networks and can be used to securely exchange data between two parties.
Both symmetric and asymmetric encryption provides security for data, but they are used in different situations.
When to use symmetric and asymmetric encryption?
Symmetric encryption is used for local data protection and is less secure than asymmetric encryption because the same key is used for both encryption and decryption.
Asymmetric encryption is more secure for public networks because two different keys are used and the data is more difficult to access.
You might ask what is a key?
A key is a set of mathematical values that are used in combination with a cipher algorithm to transform plaintext into ciphertext (encryption) or vice versa (decryption). The key is used to control the operation of the cipher and can be either a symmetric key or an asymmetric key as we saw above
DES (1970s)
DES (Data Encryption Standard) is an encryption algorithm used for data encryption and decryption. DES was designed by IBM in the 1970s, It is one of the most widely used algorithms in the world and is an important part of many security systems.
How does it work?
DES is a symmetric key algorithm, meaning that the same key is used for both the encryption and decryption of data. It operates on a 64-bit block of data, which is divided into two halves of 32 bits each. The key used to encrypt and decrypt the data is 56 bits long and is divided into eight groups of seven bits each. The key is then combined with the data in 16 rounds to create the encrypted output.
Encryption
The encryption process begins by permuting the data using a set of pre-defined tables. This is followed by a series of rounds, where the data is XORed with the key and then further permuted using another set of pre-defined tables. The output of each round is then fed into the next round. The final output of the 16th round is the encrypted version of the data.
Decryption
The decryption process is similar to the encryption process but in reverse. The output of the 16th round is fed into the 15th round and so on, until the data is decrypted.
Vulnerability
DES is considered to be a secure algorithm but it is also vulnerable to certain attacks.
- Brute Force:
One of the most common attacks against DES is brute force, which means trying out all possible keys until the correct one is found. - Differential Cryptanalysis:
Another attack is known as differential cryptanalysis, which uses statistical methods to determine the key used to encrypt the data.
Despite its weaknesses, DES is still a widely used algorithm and is an important part of many security systems. It is also used in many applications, such as banking and e-commerce, to ensure the security of sensitive information.
You might ask why are we still using it if it has weaknesses.
That’s because we adapted a version of DES called Tripple DES (3DES for short) which uses the same algorithm to produce more secure encryption
3DES
3DES uses 48 rounds in its computation, which makes it highly resistant to differential cryptanalysis. However because of the extra work 3DES performs, there is a heavy performance hi, it can take up to three times longer than DES to perform encryption and decryption
3DES can work in different modes, and the mode chosen dictates the number of keys used and what functions are carried out
Uses 3 keys for encryption:
- DES-EEE3 => Data is Encrypted, Encrypted, Encrypted
- DES-EDE3 => Data is Encrypted, Decrypted, Encrypted
Uses only 2 keys for encryption
- DES-EEE2 => The same as DES-EEE3, the first and third encryption processes uses the same key
- DES-EDE2 => The same as DES-EDE3, the first and third encryption processes uses the same key
RSA (1977)
The RSA algorithm was developed in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman. It is a public-key cryptography algorithm that is widely used to secure data transmitted over the internet. The RSA algorithm is based on the difficulty of factoring large numbers and is believed to be secure against most known attacks.
How does it work?
The RSA algorithm works by generating two large prime numbers, p and q, and computing their product, n. The public key is generated by selecting an exponent, e, that is relatively prime to a quantity called the totient of n. The private key is derived by calculating the modular inverse of e. With the public and private keys.
Encryption and Decryption
Data can be encrypted and decrypted using modular exponentiation. RSA is a powerful and efficient algorithm, but it is not without its weaknesses.
Vulnerabilities
The biggest vulnerability of RSA is its reliance on prime numbers. If an attacker is able to factor a large number into its prime factors, then the security provided by the RSA algorithm is broken.
Additionally, an attacker may be able to exploit the small size of the exponent used in the public key to break the security of the algorithm.
Another potential vulnerability of the RSA algorithm is its reliance on the mathematical properties of modular arithmetic. If an attacker is able to predict the output of the algorithm, then they may be able to break the encryption.
Additionally, poor implementations of the RSA algorithm can lead to further vulnerabilities.
Despite its vulnerabilities, the RSA algorithm remains one of the most popular and widely used cryptographic algorithms. It is a powerful tool for protecting data.
How we can make it more secure?
Its security can be further strengthened by implementing additional measures such as key-pair rotation and the use of secure protocols.
AES (2001)
The Advanced Encryption Standard (AES) is a symmetric encryption algorithm that has become the standard for protecting data. This powerful encryption technology is used to secure data in a wide range of applications, including online banking, e-commerce, and military communications. It is also the encryption algorithm used by the U.S. government for protecting classified information.
Why is it one of the most secure encryption algorithms?
AES is considered to be one of the most secure encryption algorithms in existence due to its strong encryption and key lengths. It uses a 128-bit, 192-bit, or 256-bit key to encrypt data, making it virtually impossible to crack.
How does it work?
It uses a combination of substitution and transposition to secure data. It works by taking a plaintext message and transforming it into a ciphertext using a key and a series of mathematical operations.
The key is applied to the plaintext using a series of rounds, during which the plaintext is manipulated and rearranged into the ciphertext. The number of rounds used depends on the key size, with larger keys requiring more rounds.
Vulnerability
Despite its impressive security features, AES is not without its vulnerabilities. One of the primary vulnerabilities of AES is its susceptibility to side-channel attacks. These attacks take advantage of the physical characteristics of the AES algorithm to gain access to the encrypted data.
For example, an attacker may measure the power consumption of the device running the AES algorithm to gain information about the key used to encrypt the data.
Another vulnerability of AES is its susceptibility to brute-force attacks. Despite its strong encryption, a sufficiently powerful computer can still be used to try every possible key combination until the correct one is found. This type of attack can be mitigated by using longer key lengths or by increasing the number of rounds in the algorithm.
AES is also vulnerable to fault injection attacks. This type of attack takes advantage of flaws in the hardware or software implementation of the AES algorithm to gain access to the encrypted data.
How can we make it more secure?
AES is a highly secure encryption algorithm that is used to protect sensitive data in a wide range of applications. However, it is not without its vulnerabilities, and organizations should take the necessary steps to protect the data they are encrypting. This includes using longer key lengths, increasing the number of rounds, and implementing robust hardware and software security measures.
Quantum Safe Cryptography
I think let’s stop here, in the next blog I will be talking about quantum computers and how they are gonna change the security industry and how are we getting ready for that huge computation power
With great power comes great responsiblity
TL;DR
- Engima:
The Enigma machine was a famous piece of cryptography technology used by the German military during World War II. It featured a series of rotors and a keyboard to implement a substitution cipher, and it was believed to be unbreakable. However, the Allies were able to crack the code with the help of the Ultra team. - Symmetric VS Asymmetric Encryption
Symmetric and Asymmetric encryption are the two main types of encryption, symmetric uses the same key, and Asymmetric uses two keys - DES
- RSA
- AES
Special thanks to my information security professor, DR Hasan Çifci
Newsletter
I will be sharing my learning journey, cyber security news, new CVEs and study resources, and more, feel free to subscribe 😊 and please don’t forget to drink water 🌊
