| |
Part 1 - Cryptography School
Part 2 - Keys Public and Private
Part 3- On Complexity and Cracking
Part 4 - Encrypting or Enciphering
Cryptography Part IV
Encrypting or Enciphering (same thing)
Ahh at last, the meat. This section is where it all begins to come
together. We promised to keep this easy, so we are just going to
skim the surface. Why? Because the important part is simply getting
the message into gobbledy-goop so that no one without the key can
read it. The mechanics of doing it are not nearly as important as
the result. But hopefully, it will prove fun and interesting.
OK, so now we have a key, we have a message, and someone to send
it to. Now what? Now we encrypt or encipher the message.
Encryption systems, well secure encryption systems anyway, are surprisingly
difficult to produce. Almost everyone, especially among computer
people, has at one time or another tried to produce a new encryption
system. Most are simple and don't come near to being difficult to
crack, just ask Julius Caesar.
There are any number of encryption systems out there, but essentially
they all boil down to substituting something in place of the original
text. Here are a few terms that will help explain the process:
Block Ciphers
Block ciphers simply break down your message into blocks of a certain
size. Each block is then scrambled with your encryption key. Sometimes
the key itself is broken down into blocks and each piece is used
to encipher one block of your message. This is the method used in
the AES, discussed below.
Stream Ciphers
Stream ciphers begin at the start of your message and run (stream)
through each character, enciphering as they go. They use part of
the message itself combined with your key to do their job.
These ciphers also have some interesting properties. One is that
they have the ability to 'stretch' even short keys into incredibly
long ones without repetition. This means that the 'period' - the
amount of time before it begins to repeat - is extremely long. We
will talk more about this in a bit.
Hashing Algorithm
A hashing algorithm pretty much says what it does. It turns your
password or key into hash. It does the same to your message. It
always produces a single number as its output. The neat thing about
it is that if you put the same information in, you always get the
same number out. But change even one tiny part of the input and
the number will change. So what good is that? The number can be
used as a ...
Digital Signature
A digital signature, sometimes called a message digest, is unique
to each message/password combination. This is known as message authentication.
So if someone were to try to change your message it will show in
the digital signature. So if the message decrypts correctly, it
can be considered authentic.
Without getting all geeky on you, that should give you enough to
understand what we are trying to do and how we do it.
Now, let's look at a few examples of encryption systems. We will
look at only a few, as there are many. The few we mention here are
used in government, financial, Internet and other environments on
a daily basis and are considered secure, at least up to a reasonable
point:
The Caesar Cipher
We have talked about this one before. Just shifting the alphabet
and substituting letters, and it certainly is not secure. We just
toss it in here to make you feel like you know what you are doing
here. It is completely useless as an encryption system today.
DES - the Data Encryption Standard
Probably the all time weenie of encryption systems. When this system
first came out in 1975, it was already deemed 'weak' by most cryptanalysts,
since it used only 56 bits or 7 character keys.
The feeling was that the NSA didn't actually want the public to
have an encryption system that they could not break. In our opinion
the real give-away was that the NSA itself prohibited the use of
DES for encrypting anything that had to actually be kept secret.
It has since been broken and is no longer - if it ever has been
- considered secure.
Triple DES and the AES
Since the cracking of DES, the NSA decided to boost the security
by making the system 3 times as strong. This was called Triple DES
or 3DES. It was the same as DES, but done three times with three
different keys. It encrypted, decrypted and encrypted and at each
step used a different key. Begun in 1999 it was dropped in 2001
in favor of AES - Advanced Encryption Standard.
AES is what is known as a block cipher. That is, your message is
broken into blocks of a certain size and each block is then encrypted.
It uses a lot of very simple (for a computer) matrix math and data
manipulation. This makes it fast. Certainly an improvement over
DES.
Unfortunately, there is already a known effective attack for the
system. Fortunately, the attack is not easy to implement. Evidently
the government doesn't seem too concerned about this minor detail,
since AES is going forward anyway.
RSA, PGP and PKI
The all time powerhouse of Public Key Encryption. This is the original
and perhaps only successful system of its type. It is used extensively
by governments, financial institutions, corporations and just about
everybody else. If you have ever purchased anything over the Internet,
you have used the RSA Public Key System. PGP also uses RSA. PKI
or Public Key Infrastructure is a framework that supports encryption
systems within the enterprise. Its primary components are the Digital
Certificates, Key Generation system and Certificate Authorities
that act as repositories for the public keys.
This system relies on two really huge prime numbers multiplied together
to produce an incredibly monstrous product. The product is used
to encipher a message and one of the primes is used to decipher
it. That is not the entire story, of course, but we promised to
keep this simple, which the RSA algorithm isn't.
The two major drawbacks to the system are that (1) it is slow and
(2) it bloats the messages. This is well known, and so the system
is usually just applied to establishing a secure connection between
browser and server. Then, within this secure connection you are
switched to using the...
RC4 Streaming Cipher
This is a private key system that we mentioned above. In addition
to the obvious features of speed and high complexity, it has another
unique property. It emulates almost perfectly the One-Time Pad.
That is, it makes use of a unique key that is just as long as the
message itself. Add to this the message authentication power of
the hashing algorithm called SHA-1 and you have one of the world's
most secure systems.
Once the key is 'hashed' it is placed into a thing called a 'substitution
box' or S-Box. Each letter of your message is then swapped with
one from the S-Box in a complex and seemingly random manner. It
is impossible to tell just how the substitution will take place,
as it is highly dependent on the contents of both the key and the
message. Once the process has gone through all of your message,
the encryption is complete.
On the receiving end, the same process is done in reverse. The receiver
must use the exact key to decipher the message as was used to encipher
it. The result is the original message, or the 'Plain Text' as it
is called.
Songs of the Universe
Songs of the Universe, or SOTU as some like to call us, uses proven
technology for its encryption engine. In short, we use the RC4 Stream
Cipher and the SHA-1 and optionally MD5 (another, albeit a bit weaker)
hashing algorithms.
However, we added one twist over all other products of this type:
We eliminated the one weak point that exists in all the other private
key systems. That is the Pseudo-Random Number Generator (PRNG) used
to make up the keys.
Songs of the Universe uses pure random numbers generated by Mother
Nature herself. This is a huge leap over current systems. Since
the keys are totally random, there are never any repeated patterns
and no way to determine the key from the available data. In other
words, even if your message is intercepted, there is no way to crack
it using currently known methods. This makes it a truly beautiful,
tight and secure system.
To summarize:
You have the first successful computer version of the One-Time Pad
Keys are used only once and then destroyed, just as in the original
paper version.
No traces left for the bad guys to use on your next message.
Truly random keys without human influence.
The world's strongest and fastest encryption algorithms
Keys even the Federal government can't break
So quit wasting time and go
buy Songs of the Universe.
Back to top...
|
|
