E N D
Encryption 101 Sender Requires Code Breaking Receiver Message Compromised Without Encryption
Types of Algorithms • Symmetric Key • Both sender and receiver need the same key to encrypt and decrypt message. • Fast to encode and decode. • Some algorithms allow for multiple encoding passes.
Types of Algorithms • Asymmetric Key (Public/Private Key) • Sender and receiver need different keys to encrypt and decrypt messages. • Public Key is a semi-prime calculated from two long prime numbers (the private key) • Sender encodes messages as blocks raised to nth power. • Slow to encode and decode. • Often Symmetric Key is encoded in Asymmetric at start of message and rest of message is Symmetric.
One Way Messages • One Way • Primarily used as a check or where the plaintext is irrelevant... e.g.: • EFTPOS Card Pin Numbers. • Data Integrity... MD5 Checksum. • Vulnerable to collisions. • e.g. Pin: 1234, Checksum: 1 + 2 + 3 + 4 = 9 • Another pin was 2341, Checksum 2 + 3 + 4 +1 = 9. • In this example a wrong pin number could still give out cash.
Breaking the Key • Brute Force • E.g. 1 You know a key is a 16 digit number • 10 Possible Numbers Per digit • Permutations: 9,999,999,999,999,999 combinations to check. • Checking Process is naturally parallel. • Assume 256 node cluster at 100 checks per second. • Maximum Time: 390,624,999,999 seconds (12,735 years)
Breaking the Key • Brute Force • E.g. 2 You know a key is 8 alphanumeric characters. • 90 Possible Characters Per character. • Permutations: 4,304,672,100,000,000 combinations to check. • Checking Process is naturally parallel. • Assume 256 node cluster at 100 checks per second. • Maximum Time: 168,151,253,906 seconds (131,573 years)
Breaking the Key • With modern codes Brute Force is often not a viable solution. • However knowledge is power, and the more we know about the design of the key and/or algorithm used for encoding the more that we can learn about its structure... • Therefore we can dramatically reduce the number of keys to check.
Dictionary Attack • E.g. 1 Assume we have learnt that the 16 digit number is a prime. There are 29,844,570,422,669 16 digit primes. • Assuming same computing power as before it would now only take a maximum of 1,165,803,532 seconds (912 years) to break.
Dictionary Attack • E.g. 2 Assume we have learnt that the 8 characters spell a word. There are around 100,000 words in English. • Let us assume it can have a number and order of capital and lowercase letters, leaving us with 2,965,420,000 possible orders. • Assuming same computing power as before it would now only take a maximum of 115,836 seconds (32 hours) to break.
Random Numbers • A secure key or encryption algorithm routine is one that is relies completely random numbers and cannot be guessed or predicted. • However generating true random numbers is very hard. • Both humans and computers are vulnerable to creating “random” numbers through patterns or sequences which can be worked out.
Random Number Conjecture • If it is possible to build a true random mechanical random number generator, would it be possible to generate a computer simulation of this number generator? • If so is the mechanical simulator truly random?
Trapdoor Function • Some encryption algorithms have special functions that can be applied to the encrypted data without a key to reveal the encoded messages. • These functions are often deliberately encoded into an algorithm so that the government or other source of authority can still check/read the data. • Without knowledge of a trapdoor breaching it is a very complex and time consuming task.
Breaking the Text - Pattern Matching • Sometimes in it impractical to try and break the key. In this case trying to work out words contained in the encoded text can lead to a break through. • E.g: • Cipher Text: +83(88 • Guessing that the ‘8’ is really a ‘e’: +e3(ee • Plain Text: degree
Pattern Matching – Image Example • Messages are not always hidden in text format. • Data can be hidden in images. Guessing the algorithm or where the data is stored can be tricky. E.g. • By removing all but the last 2 bits of each color component, an almost completely black image results. • Making the resulting image 85 times brighter results in:
Permutations • A curse of the brute force attack is the numbers of permutation of numbers that need to be checked. • In permutations of a set alphabet there will be a huge number of permutations that are so similar to the original alphabet that they will never be used in code. • For instance a 4 letter alphabet ABCD. • There are 24 permutations. However 21 of the Permutations either transpose or reverse onto themselves.
Permutations • For instance Permutation: DACB. • Cannot be used because C will also transpose to C hence so will never been encoded. • For instance Permutation: BADC • Cannot be used because if you encode text a second time with the Permutation you will decode it. • Only DCBA, CDAB, BADC are permutations that do not transpose onto themselves.
Permutations • Having Permutations that transpose onto themselves is a weakness in a code because it can fail to encode some data. • However limiting what permutations of a set alphabet that can be used can make the code weaker as there is less permutations to check. • “Damned if you do, damned if you don’t.”
Summary • Code cracking is a naturally Parallel exercise. • Even with the most powerful systems a brute force attack is practically impossible. • However, the more you can learn about how a code operates the more easy it becomes to crack.
Further Thoughts • Other Ways to Keep a Secret: • CA Authority • Salting • One Time Pad • Quantum Encryption
Further Reading • Code Breaking. Rudolf Kippenhahn. 1999. • The Code Book. Simon Singh. 2000. • A good maths text-book. Particularly something on discrete mathematics. • How Encryption Works. Jeff Tyson. http://computer.howstuffworks.com/encryption.htm • How Quantum Cryptology Works. Josh Clark. http://science.howstuffworks.com/quantum-cryptology.htm • Cryptanalysis. Wikipedia. http://en.wikipedia.org/wiki/Cryptanalysis