The Basics of Crypto 1: Encryption in it's Simplest Form
- andy1265
- Jun 20, 2022
- 4 min read
Encryption is the purpose of cryptography; The goal being to make data reliably incomprehensible and then return it to it's original format afterwards. In order to encrypt something we need a cipher (an algorithm for encrypting something) and a key (which ideally will be kept secret). Without the key (ideally) neither you, I, nor any attacker will be able to gain any information about the unencrypted data from the encrypted data.
In this instalment we will be covering symmetric encryption mostly because it is the simplest form of encryption. Symmetric encryption utilises the same key to both encrypt and decrypt data unlike asymmetric encryption such as PGP which uses different keys for encryption and decryption with the encryption key being public.
Basics
At a basic level when encrypting a message "plaintext" referrers to the unencrypted text and "ciphertext" referrers to the encrypted text. This means we take the key, plaintext and cipher to produce the ciphertext and using the ciphertext, key and cipher the plaintext can be recovered.
Hint: It is worth noting that a ciphertext can be of equal length or greater than a plaintext however a ciphertext can never be shorter than it's plaintext.
Ciphers
Ciphers consist of two main components, the permutation and the mode of operation. The permutation consists of a set of mutations to be performed on a specific set of data (e.g. each character in a string) which results in a unique output. The mode of operation specifies how large the set of data in each permutation is to be (e.g. 128 bits) and how it is delivered to the cipher.
Permutations
In classical ciphers like the Caesar cipher or the Vigenere cipher permutations are done by substituting one letter for another, normally through shifting through the alphabet by X places (e.g. if your substitution was 2 and you started with A you would move two letters to C). These need not just be linear increases or decreases and can be any set of instructions that ensure each input has a unique output.
Hint: 1234 -> 4321 is good because each input has a unique output. 1234 -> 4432 is bad because both 1 and 2 map to 4
A good permutation should:
The key should define the permutations.
Different keys should produce different permutations.
The ciphertext should look completely random.
Mode of Operation
The mode of operation is best described by thinking about the Vigenere cipher. Where the Caesar cipher just shifts each letter by 3 places the Viegenere cipher shifts each letter by having a word and shifting each letter of the plaintext by the numerical position in the alphabet the letter in the key appears. So if the key was "ABC" you would shift the first letter of plaintext by 1 letter, the second by 2, the third by 3, the fourth by 1, the fifth by 2 etc etc.
If the shifting by 3 is the permutation then the length of the key would be the mode of operation. In order to keep a plaintext secure a combination of both a secure permutation and secure mode of operation is required.
Secure Encryption
So at this point we have discussed what encryption is, specifically what symmetric encryption is and what the components of a cipher are. Now we need to discuss what constitutes secure encryption. It is importatnt to note that it is possible to achieve perfect secrecy with encryption using a one-time-pad however these are impractical as they require a key of equal length to the plaintext and the key must be kept secret. As such if you can transfer the key securely you might as well just send the plaintext instead. It is also important to point out that as the name implies a one time pad may not be used more than once.
Hint: A one time pad works through XORing each plaintext character with the corresponding key character. Thus it is possible to achieve perfect secrecy given a truly random key that is used only once, a ciphertext can be translated into any plaintext of the same length, and all are equally likely.
In general a cipher can be considered secure if given a large number of both plaintexts and ciphertexts no information about the operation of the cipher is revealed. This notion can be further defined by ascertaining if an encryption mechanism has the following properties:
Indistinguishability (IND)
This means that given a truly random string and a ciphertext they should be indistinguishable from each other. As such given two plaintexts and the corresponding ciphertext of one of the plaintexts an attacker should not be able to identify which plaintext was encrypted.
Non-Malleability (NM)
An encryption algorithm is "malleable" if it is possible to transform a ciphertext into another ciphertext which decrypts to a related plaintext. I.e. If a ciphertext can be modified in a such a way that when encrypted the plaintext was "TRANSFER $5.00 TO ACCOUNT #111" and after the alterations decrypted to "TRANSFER $5.00 TO ACCOUNT #444" then the cipher would be considered malleable and subsequently not secure.</span>
The above mechanisms if implemented will help improve the security of any encryption scheme. Whilst no encryption scheme is secure forever excluding the one time pad it is important to understand the underlying principles of what keeps all of our information *somewhat* secure.
Comments