Cryptography
Cryptography (from Greek. κρυπτός - hidden and γράφω - to write) is the oldest science about ways to protect confidential data from unwanted third-party reading. Cryptanalysis is a science that studies methods of violating information privacy. Cryptanalysis and cryptography together make up the science of cryptology, which studies methods of encryption and decryption.
Information Security Catalog - Encryption tools for systems and projects are available on TAdviser
Content |
The means of cryptographic protection of state secrets are still equated with weapons. Very few countries in the world have their own cryptographic companies that make really good means of protecting information. Even in many developed countries, there is no such opportunity: there is no school there that would allow these technologies to be supported and developed. Russia is one of the few countries in the world - there may be five such countries, or so - where all this is developed. Moreover, in both the commercial and public sectors there are companies and organizations that have retained the continuity of the school of cryptography since its inception.
Encryption algorithms
Today there are a lot of encryption algorithms that have significant resistance to cryptanalysis (cryptographic resistance). It is customary to divide encryption algorithms into three groups:
- Symmetric algorithms
- Asymmetric algorithms
- Hash function algorithms
Symmetric algorithms
Symmetric encryption involves using the same key for both encryption and decryption. Two basic requirements apply to symmetric algorithms: the complete loss of all statistical patterns in the encryption object and the lack of linearity. It is customary to divide symmetrical systems into block and flow systems.
In block systems, the source data is divided into blocks, followed by conversion using a key.
In flow systems, a certain sequence (output gamma) is generated, which is subsequently superimposed on the message itself, and data encryption occurs in a stream as the gamma is generated. The scheme of communication using a symmetric cryptosystem is shown in the figure.
Where M is the plaintext, K is the private key transmitted over the closed channel, En (M) is the encrypting operation, and Dk (M) is the decrypting operation
Typically, symmetric encryption uses a complex and multi-stage combination of substitutions and permutations of original data, with multiple steps (passes), each of which must correspond to a "pass key"
The substitution operation fulfills the first requirement of a symmetric cipher, getting rid of any statistical data by mixing the bits of the message according to a certain predetermined law. Permutation is necessary to fulfill the second requirement - to give the algorithm non-linearity. This is achieved by replacing a certain part of the message of a given volume with a standard value by accessing the original array.
Symmetric systems have both advantages and disadvantages over asymmetric ones. The advantages of symmetric ciphers include a high encryption speed, a shorter required key length with similar durability, greater knowledge and ease of implementation. The disadvantages of symmetric algorithms are considered primarily the complexity of key exchange due to the high probability of breaking the secrecy of the key during exchange, which is necessary, and the complexity of key management in a large network.
Examples of symmetric ciphers
- GOST 28147-89 - domestic encryption standard
- 3DES (Triple-DES, Triple DES)
- RC6 (Rivest Cipher)
- Twofish
- SEED - Korean Encryption Standard
- Camellia - Japanese encryption standard
- CAST (by the initials of the developers Carlisle Adams and Stafford Tavares)
- IDEA
- XTEA is the easiest algorithm to implement
- AES is an American encryption standard
- DES - US Data Encryption Standard to AES
Asymmetric algorithms
Asymmetric systems are also called public-key cryptosystems. This is a method of encrypting data in which a public key is transmitted over an open channel (not hidden) and is used to verify an electronic signature and to encrypt data. To decrypt and create an electronic signature, a second key, secret, is used.
The device of asymmetric cryptosystems itself uses the idea of one-way functions ƒ (x), in which it is easy to find x, knowing the value of the function itself, but it is almost impossible to find the ƒ itself (x), knowing only the value of x. An example of such a function is the telephone directory of a large city, in which it is easy to find a person's number, knowing his last name and initials, but it is extremely difficult, knowing the number, to calculate the owner.
Principle of asymmetric systems operation
Let's say there are two subscribers: A and B, and subscriber B wants to send an encrypted message to subscriber A. He encrypts the message using a public key and transmits it already encrypted over an open communication channel. Having received the message, subscriber A decrypts it with a secret key and reads it.
Here you need to make a clarification. Upon receipt of the message, subscriber A must authenticate his identity to subscriber B so that the ill-wishers cannot impersonate subscriber A and replace his public key with his own.
Examples of asymmetric fonts
- RSA (Rivest-Shamir-Adleman, Rivest-Shamir-Adleman)
- DSA (Digital Signature Algorithm)
- Elgamal (El Gamal Cipher System)
- Diffie-Hellman (Diffie-Helman Key Exchange)
- ECC (Elliptic Curve Cryptography)
- GOST R 34.10-2001
- Rabin
- Luc
- McEliece
Hash function
Hashing (from the English hash) is the transformation of the original information array of arbitrary length into a bit string of fixed length.
There are many hash function algorithms, and they differ in their characteristics - cryptographic resistance, bit size, computational complexity, etc.
We are interested in cryptographically strong hash functions. These are usually subject to two requirements:
- For a given message C, it is almost impossible to find another message C'with the same hash
- It is almost impossible to match pairs of messages (CC ') that have the same hash.
Requirements are called collision resistance of the first kind and the second kind, respectively. For such functions, another requirement remains important: with a slight change in the argument, a significant change in the function itself must occur. Thus, the hash value should not give information even about individual bits of the argument.
Examples of hash algorithms
- Adler-32
- CRC
- SHA-1
- SHA-2 (SHA-224, SHA-256, SHA-384, SHA-512)
- HAVAL
- MD2
- MD4
- MD5
- N-Hash
- RIPEMD-160
- RIPEMD-256
- RIPEMD-320
- Skein
- Snefru
- Tiger (TTH)
- Whirlpool
- GOST R34.11-94 (GOST 34.311-95)
- IP Internet Checksum (RFC 1071)
Cryptographic primitives
To give encrypted information greater cryptographic resistance, relatively simple transformations - primitives - can be repeatedly used in a cryptographic system. Substitutes, permutations, cyclic shift, or gamming can be used as primitives.
Quantum cryptography
Quantum cryptography is rightfully considered a new round in the evolution of information protection. It is she who allows you to create almost absolute protection of encrypted data from hacking. The idea of using quantum objects to protect information from fake and unauthorized access was first expressed by Stefan Weisner in 1970. After 10 years, scientists Bennett and Brassard, who were familiar with Weisner's work, proposed using quantum objects to transmit a secret key. Read the article "Quantum cryptography (encryption)"
Post-quantum cryptography
Main article: Post-quantum cryptography
Post-quantum cryptography is cryptographic algorithms that are resistant to cyber attacks using quantum computers.
Cryptography in Digital Technology
Cryptography in digital technologies is necessary as a tool for protecting confidential data, as well as a means of countering the illegal copying and distribution of data that is intellectual property. Read the article "Cryptography in Digital Technologies"
History
Cryptography is an ancient science, and its original objects were text messages, which, using certain algorithms, lost meaning for everyone who does not have special knowledge of decrypting this message - the key.
Initially, the methods used today were used only for puzzles, that is, in the opinion of a contemporary, the simplest. Such methods of encryption include, for example, the replacement method, when each letter is replaced by another letter, spaced from it at a strictly defined distance in the alphabet. Or the permutation encryption method, when letters are swapped in a specific sequence within a word.
In ancient times, encryption was used mainly in military and commercial affairs, espionage, among smugglers.
Somewhat later, history scientists determine the date of the appearance of another related science - steganography. This science is engaged in masking the very fact of sending a message. It originated in antiquity, and an example here is the receipt by the Spartan king Leonid before the battle with the Persians of a let-off plaque with text covered with a dry, easy-to-wash solution. When cleaned, the signs left on the wax by the stylus became clearly visible. Today, sympathetic inks, microdots, microfilms, etc. are used to hide the message.
With the development of mathematics, mathematical encryption algorithms began to appear, but all these types of cryptographic information protection retained statistical data to varying volumetric degrees and remained vulnerable. The vulnerability became especially noticeable with the invention of frequency analysis, which was developed in the 9th century AD by the presumably Arab encyclopedist al-Kindi. And only in the 15th century, after the invention of polyalphabetic fonts by Leon Battista Alberti (presumably), the defense moved to a qualitatively new level. However, in the mid-17th century, Charles Babbage presented convincing evidence of the partial vulnerability of polyalphabitic fonts to frequency analysis.
The development of mechanics made it possible to create devices and mechanisms that facilitate encryption - devices such as the square Tritemius board, the disk cipher of Thomas Jefferson appeared. But all these instruments ri do not compare with those created in the 20th century. It was at this time that various encryption machines and mechanisms of high complexity began to appear, for example, rotary machines, the most famous of which is Enigma.
Before the rapid development of science in the 20th century, cryptographers had to deal only with linguistic objects, and in the 20th century they discovered the possibility of using various mathematical methods and theories, statistics, combinatorics, number theory and abstract algebra.
But the real breakthrough in cryptographic science came with the possibility of representing any information in binary form, divided into bits using computers, which made it possible to create fonts with hitherto unprecedented cryptographic resistance. Such encryption systems, of course, can be hacked, but the time spent on hacking themselves is overwhelmingly not justified.
Today we can talk about significant developments in quantum cryptography.
2024: Quantum computer cracks military-grade encryption for the first time
On October 11, 2024, it became known that Chinese specialists using a quantum computer for the first time hacked encryption algorithms, which are widely used in the banking and military industries. This is said to pose a "real and significant threat" to the long-standing mechanism for protecting digital systems.
The work was led by Wang Chao from Shanghai University. A quantum computer manufactured by the Canadian company D-Wave Systems was used. The researchers attacked Present, Gift-64 and Rectangle algorithms based on the Substitution-Permutation Network (SPN) method, which is included in the AES block encryption standard. It is noted that AES-256 is considered the best coding method available and is often called military-level encryption. The SP network is a type of block cipher proposed in 1971 by Horst Feistel.
As part of the study, Chinese experts combined quantum normalization with mathematical methods for creating computational architecture. The significance of the work lies in the transformation of a real cryptographic problem into a binary optimization problem that a quantum computer can cope with.
This is the first time that an existing quantum computer poses a real threat to the many full-scale structured SPN algorithms in use today, the study says. |
Despite these advances, Wang points to existing limitations of quantum computing. Among them are named environmental factors, immature hardware and the difficulty of developing a single attack algorithm that can hack many cryptographic systems.[1]
Literature
- Barichev S.G., V.V. Goncharov, Serov R.E. Fundamentals of modern cryptography. - M.: * Barfolomeev A.A., Zhukov A.E., Pudovkina M.A. Flow cryptosystems. Main properties and methods of resistance analysis. M.: PAIMS, 2000.
- Yashchenko V.V. Introduction to cryptography. St. Petersburg: Peter, 2001. ISBN 5-318-00443-1.
- GOST 28147-89. Information processing systems. Cryptographic protection. Cryptographic transformation algorithm. M.: USSR Civil Code by Standards, 1989.
- GOST R 34.10-94. Information technology. Cryptographic information protection. * GOST R 34.11-94. Information technology. Cryptographic information protection. Hash function. M., 1995.
- GOST R 34.10-2001 Information Technology. Cryptographic information protection. Electronic digital signature generation and verification processes. M., 2001.
- Nechaev V.I. Elements of cryptography (Fundamentals of the theory of information protection). M.: Higher School, 1999.
- Zhelnikov V. Cryptography from papyrus to computer. M.: AVR,1996.
Links
- Information Security and Encryption
- Cryptographic educational program
- Cryptographic Reference Book
- Cryptolog blog
- Collection of articles on cryptography