There’s a continual battle between those who want to keep data private and those that want to break in we can’t lazily use bad encryption, and call it secure imagine if your bank secured their records with the Caesar cipher so in this article, we’re going to look the ciphers, and how they work, so we can get some understanding on what is secure and what it is?
what are Cipher
an algorithm is a set of instructions that explain how something is done a cipher is an algorithm that is used to encrypt information this means that a cipher is the process that takes plaintext and converts it to ciphertext there are a lot of different ciphers out there some are quite old and some are relatively new some are similar and some have a unique approach for this reason, we will sometimes use a combination of ciphers, depending on the task given enough time though flaws are found in ciphers this can lead to their being is known as insecure now that doesn‘t necessarily mean they’ve been broken, but you do a vulnerability that has been found it’s only a matter of time a cipher is just a way to encrypt data, and the way they work is usually very well known it’s like a lock on the door of your house the security behind this comes with the key the cipher along with the secret key is what makes our data secures.
keys are essentially a large number keys come in different sizes with larger keys being more secure think of a combination lock with three rotating disks each numbered 0 through 9 this allows for 1,000 different combinations if you know the right combination you can open the lock if you don‘t know it you either have to break the lock or guess your way through each combination if you tried a new combination every second you could go through them all in less than 17 minutes that’s not really that long to break in, especially considering that you likely wouldn’t have to try all 1,000 for finding the right one but what if you had 4 disks instead of 3 we now have 10,000 different combinations which will take over two and a half hours to go through the lock is like our cypher and each combination is one possible key larger keys means more possible combinations which means better security a small key might be 64 bits long that’s over 18 quintillion different key combinations, and apparently that’s called 18 trillion if you’re from Europe that’s more than twice the grains of sand in the entire world 128-bit numbers are astronomically bigger every bit we add doubles the key size, so what do you think 128 bit is double the size of a 64-bit key it’s really much bigger this is 340 undecillion this is around 340 trillion times more than the estimated number of stars in the known universe, and then we have 256-bit numbers, I’m not even gonna try to work out the name for a number this big I’m just gonna say that this is larger than all the atoms in the entire perceivable universe with this many key combinations trying to find the right one through brute force is nearly impossible a cipher like AES which is a very common cipher today will typically use either 128 or 256 bits for its key size either is fine but 256 is considered more secure other algorithms like RSA use massive keys you thought 256 bit was big right now RSA keys are typically using 2048-bit keys, and they can go bigger we’ll talk about why those keys are so big in the next article, you might remember that. I said that the DES cipher was insecure this was mainly due to its key size of only 56 bits, and that’s way too small by today’s standards back in 1998 when I was still in high school a group called the Electronic Frontier Foundation built a supercomputer called deep crack for about 250 thousand dollars he could figure out your desk key in about four, and a half days they estimated that for 1 million they could build a machine that could do it in under a day and that was 20 years ago imagine what they could do now.
these type of ciphers can be broken into two categories stream ciphers and block ciphers a block cipher will take the plaintext information and will break it into specially sized blocks and encrypt each one we’ll have a better look at this soon stream ciphers, on the other hand, don‘t need to break up the plain text before encrypting it instead of using the secret key a stream cipher will create a special piece of information called a one-time pad or OTP the one-time pad is essentially a large number that looks random it will be the same size as the piece of information that needs to be encrypt a stream cipher will then use a simple function like exclusive-or to combine the two resulting in ciphertext you may not have heard of exclusive or before, and that’s ok because I’ll give you a really quick overview exclusive or XOR is a simple logic function that combines the individual bits in two numbers together, and that results in a third different number if you want to try, it out you can do it on a Windows calculator for yourself the interesting part is XOR is reversible if you have any two of these three numbers you can use XOR to find the third a stream cipher will use the plaintext as one of these values and the one-time pad as the other X whoring them together creates the ciphertext when decrypting we can use the key to generate the same one-time pad we also have the ciphertext so if we then XOR them together we will get the original plaintext keep in mind that the XOR function itself does not provide the encryption the real encryption comes from generating the one-time pad which can be done with the secret key stream ciphers have an advantage each part of plaintext is encrypted by a different part of the one-time pad and this makes it very unlikely that anyone will find any patterns in the ciphertext that they could then use to break the encryption the downside is that large amounts of data required the use of a very large one time pad which can use up a lot of memories also streams cyphers use regularly changing keys to regularly change the one time pad distributing these keys can be difficult to do securely if you’re interested in learning more about stream ciphers I recommend looking into the rc4 cipher it’s quite old, and it is very insecure but as a learning tool it can be quite useful for everything we’ve been talking about I can also recommend a good book called network security private communication in a public world it’s getting a bit old itself but it does still explain the concepts really well I’ll put a link in the description if you’d like to have a look.
block ciphers are generally more common than stream ciphers today the original data is broken into fixed sized blocks typically 64 128 or 256 bits long and each block is encrypted individually the way each block is handled is called the mode of operation the simplest mode is electronic code book or ECB this mode simply breaks the data into blocks and then uses the cipher to encrypt each block with the same secret key nothing fancy at all and decryption is just as simple each block is decrypted with the same key, and then the blocks are reassembled together in the right order makes a lot of sense right unfortunately this has a critical flaw what if two blocks of plaintext are the same then these two blocks of cipher text will also look the same, and this can give the bad guys some clues around how to break the encryption this is similar to the floor and the Caesar cipher that we saw in the last article, so although it’s simple ECB is not really used in practice another mode of operation called cipher blocks chain attempted to resolve the floor in ECB before any encryption is done a random number is generated this is known as the initialization vector or IV the first block is exiled with the IV and then the result is encrypted using the secret key the second block is then ex-ored with the results of the first block, and then it is encrypted this process is repeated with all remaining blocks making each block reliant on the block so even if sections the plaintexts are the same the ciphertext will look different this is similar to the enigma cipher which we saw in the last article for decryption we start by decrypting the last block, we can then XOR this with a previous block to gain the plaintext block this can be repeated until all blocks are decrypted, and the original message can be reassembled all good now no not quite there are still some complicated weaknesses in CBC so there are a few other modes of operation they’re all similar to CBC in some respects but a bit more secure unfortunately they’re also far more complicated some modes will use a small one-time pads to make the block cipher behave a little like a stream cipher these include output feedback mode cipher feedback mode and counter mode but right now the one to use is GCM it’s very, fast, and it’s very secure.
Everything we’ve talked about so far is reversible that is we can encrypt some data, and we can than decrypt it again would surprise you then to learn there is a type of encryption that works in only one direction that is it cannot be decrypted one-way encryption is also known as a hash algorithm a message digest or a one-way transformation but what you call it’s not really all that important in your mind right now is it what you want to know is why would we ever want any kind of encryption that cannot be reversed well I’m gonna make you wait a little before we look at why we need to look at how a hashing algorithm takes a message of any length and from this it computes a short fixed length value this message is called the hash, and it is a way to represent the original message if we were to change even a single bit of the original the hash would change completely common hash algorithms include md5 sha-1 and sha-256 as we’re producing a fixed length number we’re going to lose a lot of information that is we simply can’t have all the information from the original message encoded in the hash value, and that’s why can no one decrypt a hash there simply is impossible as the hash does not contain enough information, so now back to the original question why would we ever want to do this it’s surprisingly useful for a few different things you may have seen this when downloading certain files from the Internet takethis Ubuntu download as an example, once we’re finished downloading we can generate the hash of the file it should match what’s been listed here if it doesn’t the file may not have downloaded correctly if we’re sending a message it’s important that the message has not been tampered with but simply we could calculate the hash of the message before it’s sent and send it along with the message itself the receiver once they have the message can also generate a hash and compare it to the sender’s this is often called a message authentications code or a message integrity code depending on the exact weights used a third use is for storing passwords it’s a bad idea to store passwords in plain text just in case someone steals the password database so instead we could generate hashes of the passwords and store them instead this would be secure as they can’t be reversed and therefore no one could steal the passwords whenever someone enters their password the computer generates the hash from what they entered which is then compared to the hash in the password database of course it’s going to be a little more complicated than that but you get the general idea in this article, we talked about a type of encryption called symmetric encryption, but there’s another type called asymmetric encryption, and you use it far more than you realize it is critical to modern security, and we will discuss why and how it works in part 3, and I hope to see you there.