Basic Issues and Concepts in Privacy and Cryptography

  Locations of visitors to this page
be notified of website changes? subscribe
Crypto Freedom!

 

Privacy

Concepts

Crypto Software

Digital Money

Keys & Servers

Steganography

Anonymous Remailers

PGPfone

Zimmermann Legal Defense

CypherPunks

Pretty Good Privacy

.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.

Basic Issues and Concepts in Privacy and Cryptography

On this page...

Why do I need to know and care about this stuff?

What is encryption?

So what algorithms are out there?

Related information elsewhere on the net.

Why do I need to know and care about this stuff?

To those in the know, it seems that the next hurdle to significant use of the Internet is the participation of people in less trivial ways than what we're used to. This path leads us directly into an on-going conflict between the needs of the people and the desires of government.

How do you know it's really your boss who emailed you to lay off these ten people? What if this isn't your customer who is telling you to "sell short"? Consider that the most minute changes in email can completely change the tenor of a graph you send to someone, or similar sensitive data.

What we need is a way of ensuring that

the sender of information is who they claim to be

the information hasn't been tampered with en route

that only the intended recipient can read the communique

Once we can satisfy ourselves (and, if need be, a court) of these things then we are a long way toward being able to conduct our business and social lives with people around the world.

The capability to do this is given to us by the field of cryptography. There is publicly-available free software to allow you to securely represent yourself to others (through "digital signatures").

But there's more. One can reasonably expect to participate anonymously and pseudononymously.

Anonymity The state of being unknown. A person participating anonymously cannot be identified from contribution to contribution. There is no way to reply to someone who is remaining anonymous, and there is no way of ascertaining the above "truths" about someone who is participating anonymously. (The machine anon.penet.fi, best-known "anonymous" gateway, is actually a pseudononymous gateway, but the name is too well known now to change it (although I think that the alias pseudonym.penet.fi wouldn't be a bad idea).)

Pseudonymity The state of being known by another identity (known as a "nym"). One's real identity cannot be inferred from the nyms one uses. As someone said:

Nyms allow for continuity of identity to be maintained over a period of time. A person posting under a nym can develop an image and a reputation just like any other online personality. Most people we interact with online are just a name and an email address, plus whatever impression we have formed of them by what they say. The same thing can be true of nyms. ... Cryptography can also help maintain the continuity of the nym, by allowing the user to digitally sign messages under the name of the nym. The digital signature cannot be forged, nor can it be linked to the True Name of the user. But it makes sure that nobody can send a message pretending to be another person's nym.

What is encryption?

These then are the issues. The old axiom "If you want something to stay a secret, don't tell anyone" (or write it down) is good advice, but not much help in a digital world. It wasn't even much help centuries ago, during early organized warfare. (The military arts have always been in the greatest need for secure communications.) Many creative methods of hiding messages have been invented over the ages, starting from shaving a messenger's head and writing the communique there. By the time hostile territory was reached a full head of hair had grown back.

Cryptography ("hidden writing") involves the translation of a message in plain language into one in a secret language. Before computers this translation was done mechanically, for example by winding paper around dowels of different diameters (you needed the correct one to see the original message). In the computer age we use mathematics instead of dowels. One encrypts the original message (known as plaintext) by applying a generic algorithm with a specific key. The resultant ciphertext can (hopefully) only be read by the indended recipient. Just like you need to open the lock on a door with a key, the algorithm and key protects the contents of your message from unauthorized access.

In olden days, both the algorithm and key were kept secret. That's because early algorithms were a significant part of the encryption process. For example, consider the algorithm of converting plaintext to ciphertext by changing each letter to a "later" one in the alphabet. Using the digit '1' as the key means you "add one" to each letter, converting "ABZ" to "BCA". Using a key of 2 results in "CDB", and so on. This method is known as a substitution cipher and is reputed to have been used by Julius Caesar. If I know you've used a substitution cipher, than I can apply a "brute force" attack on your ciphertext simply by trying all the possible keys (which for a Latin alphabet would be from 1 to 25). If you included digits I'd have to deal with 36 elements. (A modern implementation of the substitution cipher is the Rot-13 feature found in many email and USENET newsgroup readers; that just encrypts and decrypts with a key of 13.)

Keeping the algorithm secret was important to keeping the ciphertext secret.

Brute force is one way of attacking your ciphertext, but it can be time-consuming. (The time it takes for a brute force attack to work increases with the number of possible keys and with the amount of time it takes to try each key.) If I know you're using English, for example, I can use my knowledge of the usage frequency of letters in the language to analyze your ciphertext. Viewers of "Wheel of Fortune" know the value of buying the vowel 'e', or as Netsurfer Focus notes, English-speaking parents of a child with a "Speak-and-Spell" toy know that the letter 'e' key usually wears out first.

In the computer age, when a hulking silicon idiot can be brought in for a brute force attack, the secrecy of the algorithm becomes far less important than your choosing a strong algoritm. Modern mathematics - and a good idea by Whitfield Diffie - allows the strength of an algorithm to be independent of the knowledge of how it works. This is very important to understand.

Cryptographers prefer to trust published algorithms over proprietary ones. Since algorithms that appeared impregnable at first glance have later yielded to specific techniques of attack, publishing an algorithm allows the community of experts to look for systematic weaknesses. The longer an algorithm remains unbroken, the stronger it is likely to be. Never trust a secret algorithm, no matter what the "inventor" says, or how persuasive they are. Experience has shown that home-brew algorithms are best at providing a very false sense of security. Philip Zimmermann gives a nice account of this in his PGP introduction, included with the software.

The key is another source of attack. Repeatedly using the same key is a weakness; modern cryptographic software generates a per-message key. This will be covered later.

So what algorithms are out there?

Here are some acronyms you may have heard or read about.

DES

One of the most widely-used encryption algorithms is DES (Data Encryption Standard). It was developed by IBM and adopted as an official Federal Information Processing Standard (FIPS PUB 46) in 1976. DES uses a 56-bit key - considered to be just beyond a brute force approach given the technology of the times. By 1993, a custom computer costing US$1 million could theoretically be built to crack DES by brute force in 7 hours. In the following year, a new technique called "linear cryptanalysis" enabled another researcher to break DES in 50 days on a single workstation, or about 14 MIPS-years assuming a 100 MIPS machine. Efforts to extend the life of DES include lengthening the key to 128 bits (beyond the realm of computer horsepower today) and "Triple DES", which involves three passes of encryption and decryption using two different keys.

RSA

The RSA algorithm, named after its first implemeters, Ron Rivest, Adi Shamir, and Len Adelman, is used in public key cryptography and patented in the USA. Its strength is based on the fact that it's easy to multiply two large prime numbers together, but hard to factor them out of the product. The RSA-129 Challenge, factoring the key based on a 129 digit number (or 429 bits), issued in 1977, was finally met in 1994 by an international group of over 600 volunteers and 1500 computers working for 8 months. The estimated effort was somewhere between 100,000 amd 1,000,000 MIPS-years. The decrypted message read, "THE WORDS ARE SQUEAMISH OSSIFRAGE", starting the tradition of using those words in key-breaking challenges.

IDEA

IDEA, International Data Encryption Algorithm, is a new DES-like algorithm invented in 1991 in Switzerland. It uses a 128-bit key and was designed with more mathematical theory than DES. It is believed to be a strong algorithm, but no challenge has yet been mounted, and only time will tell whether it will withstand the attacks of cryptographers. IDEA is patented internationally.

RC

RC2 qnd RC4 are two proprietary, DES-like algorithms that allow variable key lengths. They were developed by RSA Data Security, Inc, and are notable for having an exportable version with a limited, 40-bit key size. The 40-bit RC4 algorithm is used in the International versions of many software packages including the Netscape web browser. In the last week, a French programmer successfully broke a 40-bit key and decrypted a single secure Netscape transaction (created as a Challenge to Decrypt a Secure Netscape Transaction using data from a hypothetical Mr. Cosmic Kumquat at 1234 Squeamish Ossifrage Road). Netscape estimates that the effort took 64 MIPS-years.

Have you found errors nontrivial or marginal, factual, analytical and illogical, arithmetical, temporal, or even typographical? Please let me know; drop me email. Thanks!
 

What's New?  •  Search this Site  •  Website Map
Travel  •  Burning Man  •  San Francisco
Kilts! Kilts! Kilts!  •  Macintosh  •  Technology  •  CU-SeeMe
This page is copyrighted 1993-2008 by Lila, Isaac, Rose, and Mickey Sattler. All rights reserved.