Cryptography

The means of cryptographic protection of state secrets are still equated with weapons. Very few countries in the world have their own cryptographic companies that make really good means of protecting information. Even in many developed countries, there is no such opportunity: there is no school there that would allow these technologies to be supported and developed. Russia is one of the few countries in the world - there may be five such countries, or so - where all this is developed. Moreover, in both the commercial and public sectors there are companies and organizations that have retained the continuity of the school of cryptography since its inception.

Encryption algorithms

Today there are a lot of encryption algorithms that have significant resistance to cryptanalysis (cryptographic resistance). It is customary to divide encryption algorithms into three groups:

• Symmetric algorithms
• Asymmetric algorithms
• Hash function algorithms

Symmetric algorithms

Symmetric encryption involves using the same key for both encryption and decryption. Two basic requirements apply to symmetric algorithms: the complete loss of all statistical patterns in the encryption object and the lack of linearity. It is customary to divide symmetrical systems into block and flow systems.

In block systems, the source data is divided into blocks, followed by conversion using a key.

In flow systems, a certain sequence (output gamma) is generated, which is subsequently superimposed on the message itself, and data encryption occurs in a stream as the gamma is generated. The scheme of communication using a symmetric cryptosystem is shown in the figure.

Communication scheme using a symmetric cryptosystem

Where M is the plaintext, K is the private key transmitted over the closed channel, En (M) is the encrypting operation, and Dk (M) is the decrypting operation

Typically, symmetric encryption uses a complex and multi-stage combination of substitutions and permutations of original data, with multiple steps (passes), each of which must correspond to a "pass key"

The substitution operation fulfills the first requirement of a symmetric cipher, getting rid of any statistical data by mixing the bits of the message according to a certain predetermined law. Permutation is necessary to fulfill the second requirement - to give the algorithm non-linearity. This is achieved by replacing a certain part of the message of a given volume with a standard value by accessing the original array.

Symmetric systems have both advantages and disadvantages over asymmetric ones. The advantages of symmetric ciphers include a high encryption speed, a shorter required key length with similar durability, greater knowledge and ease of implementation. The disadvantages of symmetric algorithms are considered primarily the complexity of key exchange due to the high probability of breaking the secrecy of the key during exchange, which is necessary, and the complexity of key management in a large network.

Examples of symmetric ciphers

• GOST 28147-89 - domestic encryption standard
• 3DES (Triple-DES, Triple DES)
• RC6 (Rivest Cipher)
• Twofish
• SEED - Korean Encryption Standard
• Camellia - Japanese encryption standard
• CAST (by the initials of the developers Carlisle Adams and Stafford Tavares)
• IDEA
• XTEA is the easiest algorithm to implement
• AES is an American encryption standard
• DES - US Data Encryption Standard to AES

Asymmetric algorithms

Asymmetric systems are also called public-key cryptosystems. This is a method of encrypting data in which a public key is transmitted over an open channel (not hidden) and is used to verify an electronic signature and to encrypt data. To decrypt and create an electronic signature, a second key, secret, is used.

The device of asymmetric cryptosystems itself uses the idea of ​ ​ one-way functions ƒ (x), in which it is easy to find x, knowing the value of the function itself, but it is almost impossible to find the ƒ itself (x), knowing only the value of x. An example of such a function is the telephone directory of a large city, in which it is easy to find a person's number, knowing his last name and initials, but it is extremely difficult, knowing the number, to calculate the owner.

Principle of asymmetric systems operation

Let's say there are two subscribers: A and B, and subscriber B wants to send an encrypted message to subscriber A. He encrypts the message using a public key and transmits it already encrypted over an open communication channel. Having received the message, subscriber A decrypts it with a secret key and reads it.

Asymmetric Network Operation Diagram

Here you need to make a clarification. Upon receipt of the message, subscriber A must authenticate his identity to subscriber B so that the ill-wishers cannot impersonate subscriber A and replace his public key with his own.

Examples of asymmetric fonts

• RSA (Rivest-Shamir-Adleman, Rivest-Shamir-Adleman)
• DSA (Digital Signature Algorithm)
• Elgamal (El Gamal Cipher System)
• Diffie-Hellman (Diffie-Helman Key Exchange)
• ECC (Elliptic Curve Cryptography)
• GOST R 34.10-2001
• Rabin
• Luc
• McEliece

Hash function

Hashing (from the English hash) is the transformation of the original information array of arbitrary length into a bit string of fixed length.

There are many hash function algorithms, and they differ in their characteristics - cryptographic resistance, bit size, computational complexity, etc.

We are interested in cryptographically strong hash functions. These are usually subject to two requirements:

• For a given message C, it is almost impossible to find another message C'with the same hash
• It is almost impossible to match pairs of messages (CC ') that have the same hash.

Requirements are called collision resistance of the first kind and the second kind, respectively. For such functions, another requirement remains important: with a slight change in the argument, a significant change in the function itself must occur. Thus, the hash value should not give information even about individual bits of the argument.

Examples of hash algorithms

• Adler-32
• CRC
• SHA-1
• SHA-2 (SHA-224, SHA-256, SHA-384, SHA-512)
• HAVAL
• MD2
• MD4
• MD5
• N-Hash
  • RIPEMD-160

• RIPEMD-256
• RIPEMD-320
• Skein
• Snefru
• Tiger (TTH)
• Whirlpool
• GOST R34.11-94 (GOST 34.311-95)
• IP Internet Checksum (RFC 1071)

Cryptographic primitives

To give encrypted information greater cryptographic resistance, relatively simple transformations - primitives - can be repeatedly used in a cryptographic system. Substitutes, permutations, cyclic shift, or gamming can be used as primitives.

Quantum cryptography

Quantum cryptography is rightfully considered a new round in the evolution of information protection. It is she who allows you to create almost absolute protection of encrypted data from hacking. The idea of ​ ​ using quantum objects to protect information from fake and unauthorized access was first expressed by Stefan Weisner in 1970. After 10 years, scientists Bennett and Brassard, who were familiar with Weisner's work, proposed using quantum objects to transmit a secret key. Read the article "Quantum cryptography (encryption)"

Post-quantum cryptography

Main article: Post-quantum cryptography

Post-quantum cryptography is cryptographic algorithms that are resistant to cyber attacks using quantum computers.

Cryptography in Digital Technology

Cryptography in digital technologies is necessary as a tool for protecting confidential data, as well as a means of countering the illegal copying and distribution of data that is intellectual property. Read the article "Cryptography in Digital Technologies"

History

German Enigma encryption machine from World War II in action

Cryptography is an ancient science, and its original objects were text messages, which, using certain algorithms, lost meaning for everyone who does not have special knowledge of decrypting this message - the key.

Initially, the methods used today were used only for puzzles, that is, in the opinion of a contemporary, the simplest. Such methods of encryption include, for example, the replacement method, when each letter is replaced by another letter, spaced from it at a strictly defined distance in the alphabet. Or the permutation encryption method, when letters are swapped in a specific sequence within a word.

In ancient times, encryption was used mainly in military and commercial affairs, espionage, among smugglers.

Somewhat later, history scientists determine the date of the appearance of another related science - steganography. This science is engaged in masking the very fact of sending a message. It originated in antiquity, and an example here is the receipt by the Spartan king Leonid before the battle with the Persians of a let-off plaque with text covered with a dry, easy-to-wash solution. When cleaned, the signs left on the wax by the stylus became clearly visible. Today, sympathetic inks, microdots, microfilms, etc. are used to hide the message.

With the development of mathematics, mathematical encryption algorithms began to appear, but all these types of cryptographic information protection retained statistical data to varying volumetric degrees and remained vulnerable. The vulnerability became especially noticeable with the invention of frequency analysis, which was developed in the 9th century AD by the presumably Arab encyclopedist al-Kindi. And only in the 15th century, after the invention of polyalphabetic fonts by Leon Battista Alberti (presumably), the defense moved to a qualitatively new level. However, in the mid-17th century, Charles Babbage presented convincing evidence of the partial vulnerability of polyalphabitic fonts to frequency analysis.

The development of mechanics made it possible to create devices and mechanisms that facilitate encryption - devices such as the square Tritemius board, the disk cipher of Thomas Jefferson appeared. But all these instruments ri do not compare with those created in the 20th century. It was at this time that various encryption machines and mechanisms of high complexity began to appear, for example, rotary machines, the most famous of which is Enigma.

Before the rapid development of science in the 20th century, cryptographers had to deal only with linguistic objects, and in the 20th century they discovered the possibility of using various mathematical methods and theories, statistics, combinatorics, number theory and abstract algebra.

But the real breakthrough in cryptographic science came with the possibility of representing any information in binary form, divided into bits using computers, which made it possible to create fonts with hitherto unprecedented cryptographic resistance. Such encryption systems, of course, can be hacked, but the time spent on hacking themselves is overwhelmingly not justified.

Today we can talk about significant developments in quantum cryptography.

Literature

• Barichev S.G., V.V. Goncharov, Serov R.E. Fundamentals of modern cryptography. - M.: * Barfolomeev A.A., Zhukov A.E., Pudovkina M.A. Flow cryptosystems. Main properties and methods of resistance analysis. M.: PAIMS, 2000.
• Yashchenko V.V. Introduction to cryptography. St. Petersburg: Peter, 2001. ISBN 5-318-00443-1.
• GOST 28147-89. Information processing systems. Cryptographic protection. Cryptographic transformation algorithm. M.: USSR Civil Code by Standards, 1989.
• GOST R 34.10-94. Information technology. Cryptographic information protection. * GOST R 34.11-94. Information technology. Cryptographic information protection. Hash function. M., 1995.
• GOST R 34.10-2001 Information Technology. Cryptographic information protection. Electronic digital signature generation and verification processes. M., 2001.
• Nechaev V.I. Elements of cryptography (Fundamentals of the theory of information protection). M.: Higher School, 1999.
• Zhelnikov V. Cryptography from papyrus to computer. M.: AVR,1996.

Links

• Information Security and Encryption
• Cryptographic educational program
• Cryptographic Reference Book
• Cryptolog blog
• Collection of articles on cryptography

Read also

Order of Vladimir Putin on the transition of government agencies to the use of Russian encryption tools.