Protecting Against Eavesdroppers with Symmetric Cryptography - Implementing SSL/TLS Using Cryptography and PKI

Cryptography Reference

In-Depth Information

number. This mapping of letters to numbers is the key in this simple algorithm.

Modern cipher algorithms must be much more sophisticated than Caesar's in

order to withstand automated attacks by computers. Although the basic premise

remains — substituting one letter or symbol for another, and keeping track of

that substitution for later — further elements of confusion and diffusion were

added over the centuries to create modern cryptography algorithms. One such

hardening technique is to operate on several characters at a time, rather than

just one. By far the most common category of symmetric encryption algorithm

is the block cipher algorithm , which operates on a fi xed range of bytes rather than

on a single character at a time.

In this section you examine three of the most popular block cipher algo-

rithms — the ones that you'll most likely encounter in modern cryptographic

implementations. These algorithms will likely remain relevant for several

decades — changes in cryptographic standards come very slowly, and only

after much analysis by cryptographers and cryptanalysts.

Implementing the Data Encryption Standard (DES)

Algorithm

The Data Encryption Standard (DES) algorithm, implemented and specifi ed by IBM

at the behest of the NSA in 1974, was the fi rst publicly available computer-ready

encryption algorithm. Although for reasons you see later, DES is not considered

particularly secure any more, it's still in widespread use (!) and serves as a good

starting point for the study of symmetric cryptography algorithms in general.

Most of the concepts that made DES work when it was fi rst introduced appear

in other cryptographic algorithms. DES is specifi ed at the following web site:

http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf .

DES breaks its input up into eight-byte blocks and scrambles them using

an eight-byte key. This scrambling process involves a series of fi xed permuta-

tions — swapping bit 34 with bit 28, bit 28 with bit 17, and so on — rotations,

and XORs. The core of DES, though, and where it gets its security, is from what

the standard calls S boxes where six bits of input become four bits of output in

a fi xed, but non-reversible (except with the key) way.

Like any modern symmetric cryptographic algorithm, DES relies heavily on

the XOR operation. The logic table for XOR is shown in Table 2-1:

Table 2-1: XOR Operation

INPUT

OUTPUT

A

B

A XOR B

0

(Continued)

Search WWH ::

Custom Search

Home