We are living with cryptographic codes all around us. Codes have become part of the fabric of our life. We are living in an era of passwords that open or deny access to us. Every time we use the ATM card, every time we use a credit card or a metro card, we are aligning to encryption of the information to digital gates that open through them. Codes are everywhere around us. At this time, when the code of the coronavirus is afflicting humanity, maybe we can also try and understand how these codes lock our access to information on the web. While we ourselves are going through lockdown imposed on us to fight the novel virus, maybe it is apt to understand the way these codes operate in our life.
Scholars think that cryptography is a very old science of secrecy. It is said that it was traditionally used by the kings and their army generals to encrypt their messages. It is used even today by intelligence agencies particularly in their pursuits of espionage. The power of secret communications has been understood and used effectively by humans from ancient days.
We can even find it being recommended in the Kama Sutra of Vatsyayana written in the 4th century A.D. Herodotus, the father of history who chronicled the history of Greece notes that the Greeks won against the Persians in the 5th century B.C., because of their art of secret writing. It was mainly an art of hiding the existence of the message. This technique of hiding the existence of the message is known as steganography . The word steganography is derived from steganos meaning covered and graphein meaning writing. The Chinese also used a similar technique by writing messages on fine silk which were then scrunched into a tiny ball that was covered with wax. Pliny, the elder writing in the first A.D., mentions about the use of the ‘milk’ of tithymalus plant that was as an invisible ink.
Along with the development of steganography, we can see the growth of cryptography. The Greek word Kryptos meant hidden. Cryptography does not hide the message but aims to hide the meaning of the message through the process called encryption. We need to decrypt the message to get it original meaning . Julius Ceaser is said to have coded his messages with what we called the Ceaser cipher that moves the letter by three (on the right on the line of our 26 English alphabets). This was a single alphabet substitution. Later Alberti cipher disc made it possible to use polyalphabetic substitution
As time went, code making and code breaking became very important for the powers that be. The two world wars in the twentieth century were also conflicts of code making and code breaking. Thus, for instance the German used routinely use the enigma machine, the 1918 encoding machine invented by Aurthur Scherdius . The Poles mathematized the code breaking and secretly read the encrypted German messages. It is said that Alan Turing broke the code of enigma by designing a deciphering machine that he called the Bomb in 1943.
This is why we can trace also chain code breakers who are linguistic alchemists that try to break the codes and steal the secret all through our history. The history of codes and ciphers is a centuries-old battle between code makers and code breakers. We can see a parallel at work in the evolution of codes and microbes that infect us. Until doctors discover vaccines and anti-biotic drugs these microbes remain strong and infect us. This is also true of coronavirus. We need a code breaking vaccine or a drug against it to bring it under our control.
The information has become a valuable commodity and cryptography has become very important to guard important communications. Encryption has become vital to protect our privacy and succeed in the digital market. The art of cryptography provides locks and keys to the information world that is teeming around us. Our need for encrypting is in conflict with the surveillance technology used by Governments in the name of our security to fight violence and terrorism.
Thus, while the intelligence agencies want to keep their communication under encryption, they want their citizens to use weak encryption so that they can easily break into them to fight crime syndicates and terrorists. We are in a paradox that seems to force us to choose between individual privacy and collective secrecy. The research on the science of cryptography which deals with the art of code making and code breaking is growing by leaps and bounds today. It has become a science that is taught in several universities in the world.
Encryption is done basically at the level of words and phrases and at the level of letters. We use codes to substitute words and ciphers to substitute letters. Therefore, to encipher means to scramble at the level of letters while to encode means to scramble a message at the level of words by using a code. Besides, substitution, we can use transposition to encrypt our messages. It does not use substitute letters with other letters but changes the position of letters.
Before 1970 cryptography was black art understood and practiced by a few powerful elites. But with the digital revolution, encryption has come to the public. The needs of e-commerce make it next to impossible to keep it away. Cryptography is commercially viable today. We need identities to be authenticated through e-signatures or biometrics as well as encryption to the exchange of precious information like our bank account numbers, passwords, OTPs, our medical information, etc. E-commerce is today secured by public-key cryptography. Besides, pretty good privacy (PGP) brought security to individual computers and assisted in the running of the business.
Even though Governments have increased invasion into the lives of individuals through surveillance technologies, the growth of encryption technologies have assisted individuals to protect their privacy. The battle for the privacy of the individuals has accelerated the growth of cryptography. cryptanalysis is also growing alongside the growing cryptography.
We are indeed following the goals set by Claude Shannon in 1958. He formalized the three goals of modern cryptography. They were secrecy, authenticity, and integrity. These goals have led to the development of secure cryptographic tools like DES (data encryption standard) in 1975, RSA ( named after it three inventors first initials of their last name ) in 1977, AES (advanced encryption standard) in 2001, and ECC ( elliptical-Curve cryptography) in 2005. These algorithms have proved to be computationally secure.
Yet power analysis that studies the power used though the encryption process has become useful to break the DES code . It has opened us to simple power analysis (SPA) and differential power analysis ( DPA) that can assist us to break the codes of some of the above cryptographic tools. This is called side-channel analysis. It has been shown that electromagnetic radiations as well as magnetic fields can reveal side-channel information about the operation of the computational cryptographic tools. Side-channel analysis enables u to break the passwords without changing the underlying algorithms
Locks and Keys that Close and Open our Lives… 2
Fr. Victor Ferrao,
We all need encryptions to keep safe every shade of information about us. Today we need in safety three different scenarios. They are the privacy of communication, the privacy of storage, and forward secrecy. Privacy of communication is concerned with the safety of the communication/ information while it is in the process of moving from the sender to the receiver. This is why the sender encrypts the information/ message and the receiver authenticates or verifies the same. Privacy of storage is about the security of our files and information that we store in our computers, USB drives or even cloud services. To secure these files, we need to encrypt them so that no one hacks into them. Forward secrecy maintains the secrecy of the communication not only at the time it occurs but also in the future.
The information that is scrambled using a code is called ciphertext or cryptogram. The set of rules that are used to encrypt information is called encryption algorithms. Normally the encoding of the message/ information needs an encryption key. To decode the message/ information, we need an appropriate decryption algorithm. With an appropriate decryption key we can open the hidden message or information. Those who decode or hack into the ciphertext are called cryptanalysts and their art is termed as cryptanalysis.
There are different kinds of encryptions each with their advantages and disadvantages that help us to solve our needs for security. The first among them is called the symmetric key/ secret key encryption. The communicators, in this case, keep their key secret and share it with each other in advance. It hides the information very well. The receiver who has the key can decrypt the correct message. But the sender and receiver of the cryptogram/ message have to first exchange a secret key with each other before they send or receive any message. The next type encryptions are called asymmetric / public key. In this context, the encryption key is different from the decryption key unlike the symmetric key where the encryption key is the same as decryption key. The encrypting key is usually made public but it is of no use to decrypt the message. The secrecy of this communication depends only on keeping the decryption key secret.
Modern algorithms of encryption do not make use of substitutions that we saw earlier. Instead, they to use a coding scheme that tends to convert the message/ information into a sequence of binary digits ( bits) that is zero and one. Most commonly used code of encryption in this context is called the Bit-sequence. The algorithm may act on a bit- sequence in several ways. Stream ciphers for instance, encrypts the sequence bit by bit while the block ciphers divides the sequence into blocks of predetermined size and then the encrypting algorithm acts on them. The same bit-string can be written in different ways depending on the size of the block.
To understand the complexity of representation of the plain text/ message / information in the computers to form a bit-sequence, we will have to deal with binary numbers to the base two. When we deal with the binary numbers to the base two the basic digits are 1 and 2. Like the way we have units and tens and hundred …. columns when we deal with binary numbers to the base ten, we have in the context of binary numbers to the base two, we have units column, two’s column and four’s column and eight’s column and so on. This means every binary string can be regarded as a number. For instance, 101 in binary terms is 1 fours , 2 zeroes, and 1 (units) one. So the binary string will be (4×1)+(2X0)+(1×1) or 4+0+1= 5. In a similar manner 1101 in binary terms is 1 eights, 1 fours, 2 zeroes, and 1 one which makes the binary string 8+4+0+1=13. Thus, any positive integer can be written in a binary form. Based on this we calculate the bits. When we refer to an n-bit number, we mean that its binary form requires n-beats. Thus, for instance, the above instances 5 are a single bit number while 13 is a two-bit number.
Now American standard code of information exchange (ASCII) requires eight bits to represent one character and therefore for a block cipher, it has to be 64 bits block. In this case, the encryption algorithm acts on eight characters at once. For the stream-sequence, the encryption operations consists of only two operations: Change and live unchanged. This sequence is determined by an encryption key that we call the key stream sequence. Thus, we may agree to write 0 as unchanged and 1 as changed. Hence, suppose we have a plain text or stream sequence as 1100 101 and the key stream is 1000110 then 1 in the key stream means to change the bit of the plain text then 0100011 becomes the ciphered text. This is obtained just by placing both the sequence of the plain-text above the sequence of the key stream and then following our agreement to change one and leave zero unchanged we get 0100011. The stream ciphers can be still be encrypted through strong encryptions. To do this , we use the operation XOR which is a bit more complex and requires a lengthy elaboration. Modern cryptography is stronger and is used vigorously to guard precious information.
Locks and Keys that open and Close our Lives …3
Fr. Victor Ferrao
Block ciphers have many applications. Mathematically we can view block cipher as a pseudo random permutations. They provide confidentiality, data integrity and user authentication. We encrypt block by block into ciphertext and not character by character as we do with stream ciphers. We do not encrypt by focusing on the encryption of characters and words but put our energies into the encryptions of bits. This means in the case of block ciphers, a n-bit plaintext block is fed as an input to an encryption algorithm with K-bit key, we get an encrypted output of an n-bit ciphertext. When the same n-bit ciphertext is fed an input with an decryption algorithm with the same K-bit key , we get t he plaintest/ message . Here we have the plaintext and the cipher text have the same n bits.
This means we need plaintext that we wish to encrypt , we need two algorithms ( encryption and decryption) and one key . We use substitution ciphers or transposition ciphers in this context. Transposition ciphers are akin to permutations. They are not very safe and can be hacked easily. It has been found that substitutions ciphers are safer and secure. In the case of the substitution ciphers , we substitute the given plain text with 01s to represent the bits ( binaries).
Block ciphers are a bit tough to create. Here we shall try and understand them by taking into consideration of only two main types: 3DES (Triple Data encryption Standard) and AES (Advanced Encryption Standard) . AES works with substitution and permutation while DES Works with Feistel Cipher principle. A fiestel structure is named after the German physicist and cryptographer Horst Feistel. It simplifies the decryption process as it involves the reverse of the steps of encryption.
We break the key into blocks and apply the divided keys say K1, K2 , K3,…. Kn to the steps of encryption. The manner in which we break the key is interesting. We cannot elaborate all of it. Thus, for DES (Data Encryption Standard) which have 64 bits, key K , we need to divide it into 16 keys. WE do so by dividing the 64 bits into 8 equal parts. We have now 8 blocks. Like block 1 will have bits from 1,2,3,4,5,6,7,8 and block 2 will have bits from 9,10,11,12,13,14,15, 16 ……. block 8 will have 57,58,59,60, 61,62,63,64 bits. So the K1 is calculated by subtracting the last bit from each of the 8 blocks. Now adding each last bit of 8 blocks will give us 8. Therefore, we will have to subtract 8 from 64 and we have 56 bits. This mean K1 is of 56 bits. Each round thus has to discard the last beat and therefore the Key K2 will have 56-8= 48 bits. This is how the generation of the keys will continue.
There are two main types of block ciphers: 3DES and AES. Now to step into the mode of encryption we need to have two algorithms: Encryption (E) and Decryption (D). These algorithms take inputs from key K. The main feature of a block cipher is that it takes same bits as input which is the plaintext / massage/ information and gives the same bits as output / encrypted message/ Cophertext. Now 3DES can have 64 bits of block size and the key K is 168 bits while AES can have block size of 128 bits and the Key K can be 128, 192, and 256 bits. This means our input is of the size 64 and 128 bits respectively. This also means that output will be also 64 and 128 bits respectively.
Block ciphers are built by iteration. It means we repeat a sequence of operations. In the case of AES let’s say we take the key K of 128 bits. We break the key into smaller units… K1, K2, K3,…..kn. We call them round keys. Each of these round keys iterate the message by using what is called the round function. Thus, we apply the first round key, K1 to the message and we get an output of encryption, M1. Then we apply the key, K2 to message, M1 and we get the output of this encryption M2. We continue applying the keys K3 and we get M3 and we continue all the way to Kn and reach the encrypted message Mn. This means our cipher is Mn. The bits size of Mn is exactly of the size of input that is 128 bits.
The iteration of 3DES is a bit different although it has similarities. In the case of 3DES the input size is 64 bits and the Key K is 168 bits. Now we break the Key into two smaller units…K1, K2 . k1 and K2 are respective inscription and decryption keys of normal DS. We then apply the k1 to the input message and we get the out message/cipher A . Next we apply K 2 to cipher A and we will get the output cipher B. Next, we apply the Key K1 to B and we get the 64 bits ciphertext. We can similarly encrypt the plaintext / message by dividing the key K into… K1, K2, and K3 where K1 and K3 are Normal DES encrypting keys and K 2 is a decrypting are the decrypting Key of the same. The output size is same as the input size that is 64 bits. We name this operation 3DES because we make DES operations three times.
This would mean we will have to understand what DES is. DES is a symmetric blog cipher where the input (message/ information) is of size 64 bits. This means our plaintext is of 64 bits. In the first step we re-arrange it by doing an initial permutation. Next, we pass the initial permuted bits which are our input through 16 rounds that have different keys to each each. We have seen how we get the key for DES earlier. This means for DES we divide the Key into K1, K2,K3……K16. Finally, we do the permutation operation and we get the output/ Ciphertext of 64 bits. It being tedious involving 16 rounds , it seem that 3DES is preferred choice of encryption.