Protecting Against Eavesdroppers with Symmetric Cryptography - Implementing SSL/TLS Using Cryptography and PKI

Cryptography Reference

In-Depth Information

accept a huge range of potential keys so that an attacker has to try for a very, very

long time before hitting on the right combination. There's no defense against a

brute-force attack; the best you can hope for is to ensure that an attacker spends

so much time performing one that the data loses its value before a brute force

attack might be successful.

The application of encryption to SSL is obvious — encrypting data is effectively

the point. When transmitting one's credit card number over the public Internet,

it's reassuring to know that only the intended recipient can read it. When you

transmit using an SSL-enabled algorithm, such as HTTPS, all traffi c is encrypted

prior to transmission, and must subsequently be decrypted before processing.

There are two very broad categories of cryptographic algorithms — symmetric

and public. The difference between the two is in key management:

Symmetric algorithms are the simpler of the two, at least conceptually

(although the implementations are the other way around), and are exam-

ined in this chapter.

Public algorithms, properly public key algorithms, are the topic of the next

chapter.

With symmetric cryptography algorithms, the same key is used both for

encryption and decryption. In some cases, the algorithm is different, with

decryption “undoing” what encryption did. In other cases, the algorithm is

designed so that the same set of operations, applied twice successively, cycle

back to produce the same result; encryption and decryption are actually the

same algorithms. In all cases, though, both the sender and the receiver must

both agree what the key is before they can perform any encrypted communica-

tion. This key management turns out to be the most diffi cult part of encryption

operations and is where public-key cryptography enters in Chapter 3. For now,

just assume that this has been worked out and look at what to do with a key

after you have one.

NOTE This chapter is the most technically dense chapter in this topic; this

is the nature of symmetric cryptography. If you're not entirely familiar with

terminology such as left shift and big endian , you might want to take a quick

look at Appendix A for a refresher.

Understanding Block Cipher Cryptography

Algorithms

Julius Caesar is credited with perhaps the oldest known symmetric cipher algo-

rithm. The so-called Caesar cipher — a variant of which you can probably fi nd

as a diversion in your local newspaper — assigns each letter, at random, to a

Search WWH ::

Custom Search

Home