by Girish Venkatachalam
Girish Venkatachalam is a UNIX hacker with more than a decade of
networking and crypto programming experience.
His hobbies include yoga,cycling, cooking and he runs his own
business. Details here:
Music has existed since eternity. In India, music has enjoyed and still
enjoys a special place in the life of Hindus and others alike. A look at
this video will show you a sample of what richness is found.
Veena fusion in Sumanesa Ranjani raaga
Veena is one of the
greatest stringed instruments and its music is very special. I have a
plan to learn the instrument one day. I had such a plan 8 years go. I
wanted to learn cryptography.
Learning a musical instrument takes at least 5 years. If you practice
for 2 hours in the morning after bath and in the evening for another 2
hours with full devotion to Guru and its art, then you achieve some
mastery over the instrument.
A similar devotion is necessary when you are tackling something as
abstruse and difficult as cryptography. The web has enough resources to
help you in this long journey. The book Applied Cryptography by
Bruce Schneier is a must. But
first you have to clear the haze in the brain about what public
cryptography means. How it works and how it is different from symmetric
ciphers like AES or DES and why RSA keylengths are usually 1024 bits and
why 192 bits is incredibly secure for an AES key.
Obviously such a deep topic filled with mathematical concepts, logic and
extensive theory cannot be understood in a teeny weeny article like
this. I will endeavor to get you interested perhaps. If not at least you
are assured of some entertainment in reading this.
Practical applications of cryptography
Practical applications of cryptography include the PGP encryption system
for e-mail invented by Phil Zimmerman, the Enigma cipher of World War II
which was a hardware with moving parts and the OpenSSH project.
The OpenSSL library is also a widely used open source project which have
all the cryptographic algorithms and protocols implemented. It is the
most comprehensive crypto toolkit. You have facilities (both high level
and low level) for message digest, symmetric cryptography, public key
cryptography, signing and for generating certificates.
You can obtain a shell prompt into OpenSSL once you install it on any
linux or UNIX box. It is also found in Windows. You can enter simple
commands for encrypting a file or BASE64 conversion or even generating
There are several OpenSSL command lines you can find by browsing the
Internet. It is easy to use and you can play with it to learn a lot
about crypto and to learn its application in real life. But it cannot
substitute for theoretical knowledge.
Certain concepts that can help you
Encryption can be achieved in broadly two ways - using a
symmetric cipher like DES, AES, DES3, RC4 or RC6 . Or using a public key
crypto system like RSA, DSA, Diffie Hellman or El Gamal. There is a lot
of difference in their application and theory.
Symmetric ciphering works by a process involving substitution and
transposition. This is also known as confusion and diffusion. You use a
key and derive a key sequence(known as round keys) and a variation of
the EX-OR bit operation is used to combine the round keys with the input
bits. This is continued for typically around 16 rounds and this is
combined with the previous block or the next block depending on the mode
in which the cipher is operating. And you have block and stream ciphers
in symmetric cryptography. Too much work but done very quickly since
none of these steps are costly. All this finishes in no time with even a
modest computer or an embedded system like a mobile phone or PDA.
This was a very quick rundown of what happens in a symmetric cipher
which is the most common encryption variant available. But this does not
solve the basic problem involved in secure communications. How to
exchange the secret key over an insecure channel?
It is to solve this problem and other associated problems like digital
signing that crypto systems like RSA are employed. Normally all that
happens is that the secret key is encrypted using the RSA public key of the
recipient and the message is transmitted by symmetric ciphering.
The recipient decrypts the secret key(symmetric) using his RSA private
key and then recovers the message by symmetric decryption. All this
might sound very confusing but suffice it to say that the theory of RSA
is very different from that of AES or DES.
How does RSA work?
Public key cryptographic algorithms typically involve either of two hard
problems also known as NP complete problems in computer science. One is
prime number factorization. You can easily multiply two prime numbers
but you cannot divide them easily. The other problem is known as
discrete logarithm computation. I don't know anything more about this.
And RSA in particular uses this basic mathematical concept.
a^b^c = a^c^b = a^bc
If you raise a to the power of b and then to c, it is the same as doing
it in the reverse direction since this mathematical equation is
transitive in nature.
The other concept used frequently is that of message digests like SHA1
or MD5. Nowadays you even have SHA-512. If you use a secret key with it,
it is known as HMAC. This is used for the online banking transactions
and even with e-mail authentication for websites like gmail and hotmail.
Basically all SSL implementations have to generate a master secret with
Modulo arithmetic is another frequently used technique in message
digests and public key cryptography. It is very simple. Your hour clock
wraps around at 24 hours, the weekdays wrap around at 7 days and
circular linked lists and circular buffers are used in computing which
use the same concept. Basically the same set of values wrap around to
prevent growth in values.
Modulo arithmetic puts boundaries in results without affecting the
effectiveness of the algorithm employed. Then you have other advanced
protocols like zero knowledge protocols, challenge response
authentication mechanisms and so on.
You can use the resources given in the reference section to explore this
References and further reading
OpenSSL crypto library
Pretty Good Privacy
OpenSSH under the hood
Got something to add? Send me email.
Increase ad revenue 50-250% with Ezoic
More Articles by Girish Venkatachalam
© 2012-07-01 Girish Venkatachalam