Cryptography has been used for millenia to obscure the contents of a message, so that it can only be read by the intended party. Several different classical cryptographic methods have been recorded by history, though each demonstrates weaknesses which abrogate their usage in modern times. A number of modern cryptographic algorithms have also been devised, which are designed to protect message integrity, even despite the computational power of modern computers.
Some of the earliest recorded cryptographic methods were used to send secure military messages. The risk of message interception required a system to prevent important communiques from falling into enemy hands, and several methods were created to mitigate this risk.
Caesar CipherEditThe invention of the Caesar Cipher is credited to Roman Emperor Julius Caesar. which is a substitution cipher in which every letter in a message is replaced with a different letter. However, should the decoder fall into enemy hands, the code would be broken. Even if the decoder remained secure, by considering patterns and letter usage statistics, it is possible to make educated guesses and break the cipher. For this reason, substitution ciphers are generally considered insecure.
Scytale Transposition CipherEditA Transposition Cipher is a cryptographic method that changes the order of the letters in a message in order to obfuscate the contents, and is decrypted by rearranging the letters in the same way they were encoded to decrypt the message. Specifically, the Scytale method was used by the ancient spartans to send encoded military messages. For this purpose, a strip of parchment or leather was wound around a rod of a specific diameter. The message was then enscribed on the strip, with a different character on each "winding" of the strip, read horizontally, row by row. When the strip was unravelled, the result was a vertical strip of contiguous letters, which cannot be read without knowing the proper offset for the next letter. When the recipient attained the strip, it could be wrapped around a rod of the same diameter to decode the message.
Again, this method can be broken fairly easily, especially with modern computing, by simply successively guessing different offsets until one is found that gives readable output. Once computational capacity increased past the point where classic encryption methods were effective, more complicated techniques needed to be devised.
Modern Encryption MethodsEdit
Some introduction and discussion here.
Symmetric Key EncryptionEdit
In Symmetric Key Encryption, a secret key (in essence, a password), known to both the sending and receiving parties, is used to encrypt the data. This ciphertext is sent to the receiving party, who then uses the secret key to decrypt it. The main weakness of Symmetric Key Encryption is the fact that the secret key must be established before encrypted data is sent, and a secure method for telling the other party what the key is must be found.
Block Ciphers use an encryption key to encrypt a single block of data. The key itself is secret, and must be known in advance by the receiving party in order to decrypt the message. After the data to be encrypted is split into blocks of the same length (and the last block padded with random data, if necessary, to make it the appropriate length), there are several different ways that the key can be used to encrypt the data.
Electronic Code Book (ECB)Edit
- In ECB, each block of data is simply encrypted directly. Based on the contents of the key, each byte in the message is changed (or left the same), resulting in an unreadable, encrypted message. Without knowing the key, which describes how the data was altered during encryption, the message cannot be decrypted. However, with this method, two identical blocks of data are encrypted to the same ciphertext, and some patterns can be noticed in the encrypted data, which may give clues about the message's contents. This is especially noticible when an image is encrypted in this way, as the patterns that exist in the input still exist in the output.
- In Cipher-Block Chaining, the cipertext that results from encrypting the previous block of data is also used in the encryption of the current block. In effect, this creates two keys: the original encryption key, and the ciphertext from the previous block. For the first block, an Initialization Vector (IV) is used with the key for encryption, as there is no previous block of data to "chain" with. Cipher-Block Chaining eliminates the majority of patterns in the output, resulting in a more secure block encryption method.
A Stream Cipher takes block ciphering to the next level, applying a similar algorithm, but with a block size of 1 byte, or sometimes as small as a single bit. The encryption relies on a key and the already encrypted ciphertext, once again ensuring that patterns do not propogate through the ciphertext.
Assymmetric Key EncryptionEdit
Assymmetric Key Encryption, more commonly known as Public Key Encryption, was designed to mitigate the difficulty of two parties agreeing on the same secret key without a secure method of communication. Public-key encryption utilizes two different keys at once: a combination of a public key and a private key. A person's private key is known only to them, while the public key is distributed to anyone who wants to communicate securely with them. To decode an encrypted message, a receiver must use the public key, provided by the sender, and their own private key. Although a message sent from one person to another won't be secure since the public key used for encryption is published and available to anyone, anyone who picks it up can't read it without the private key.
Private Key Encryption relies on the generation of two very large prime numbers. The private key is based on one prime, and the public key on the other. Because it is very computationally infeasable to find the prime factors of very large numbers, the security of the private key is ensured.
A very popular Private Key Encryption implementation is Pretty Good Privacy (PGP), which can be used to encrypt virtually any message securely.
Another method of Public Key Encryption comes from digital certificates. By registering a private and public key with a trusted certificate authority such as CACert , the key can be associated with a single person or company, providing a secure way to receive and send messages from a single identity.