Top Banner

Click here to load reader

An Introduction to Cryptography - Symantecorigin- · PDF fileAn Introduction to Cryptography. tember 2006. ... Cryptography is hard because the problems we are solving, ... In understanding

Aug 16, 2018

ReportDownload

Documents

duongthien

  • An Introduction to Cryptography

    Jon CallasChief Technology Officer and Chief Security Officer

    Rest Secured

  • Release Information

    An Introduction to Cryptography. tember 2006.

    Copyright Information

    2009 by PGP Corporation. All Rights Reserved.

    Licensing and Patent Information

    The IDEA cryptographic cipher described in US patent number 5,214,703 is licensed from AscomTech AG. The CAST encryption algorithm is licensed from Northern Telecom, Ltd. PGP Corpor-ation has secured a license to the patent rights contained in the patent application Serial Number10/655,563 by The Regents of the University of California, entitled Block Cipher Mode of Operationfor Constructing a Wide-blocksize block Cipher from a Conventional Block Cipher. PGP Corpora-tion may have patents and/or pending patent applications covering subject matter in this softwareor its documentation; the furnishing of this software or documentation does not give you any licenseto these patents.

    Trademarks

    PGP , the PGP logo, Pretty Good Privacy , and Pretty Good are all registered trademarks of PGPCorporation. All other registered and unregistered trademarks are the sole property of their respectiveowners.

    Acknowledgements

    The compression code in PGP software is by Mark Adler and Jean-Loup Gailly, used with permissionfrom the free Info-ZIP implementation.

    Limitations

    The information in this document is subject to change without notice. PGP Corporation does notwarrant that the information meets your requirements or that the information is free of errors. Theinformation may include technical inaccuracies or typographical errors. Changes may be made tothe information and incorporated in new editions of this document, if and when made available byPGP Corporation.

    Export Information

    Export of PGP software may be subject to compliance with the rules and regulations promulgatedfrom time to time by the Bureau of Industry and Security, US Department of Commerce, whichrestrict the export and re-export of certain products and technical data.

    About PGP Corporation

    PGP Corporation, a global security software company, is the leader in email and data encryption.Based on a d key management and policy infrastructure, the PGP Encryption Platform

    s the broadest set o ntegrated applications for enterprise data security. The platform enables

    ii

  • organizations to meet current needs and expand as security requirements evolve for email, laptops,desktops, instant messaging, PDAs, network storage, FTP and bulk data transfers, and backups.PGP solutions are used by more than 30,000 enterprises, businesses, and governments worldwide,including 84 percent of the Fortune 100 and 66 percent of the Fortune Global 100, As a res-ult, PGP Corporation has earned a global reputation for innovative, standards-based, and trustedsolutions. PGP solutions help protect confidential information, secure customer data, achieve reg-ulatory and audit compliance, and safeguard companies brands and reputations. Contact PGPCorporation at http://www.pgp.com or +1 650 319 9000.

    iii

    http://www.pgp.com/

  • iv

  • Contents

    1 About This Book 1Who Should Read This Book . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1Bricks Made of Mist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1Cryptography is Hard And That Makes it Easy . . . . . . . . . . . . . . . . . . . . . . 1Perfectly Hard or Hardly Perfect? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2What is Cryptography, Anyway? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3A History of This Book . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4Special Thanks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

    2 Why Cryptography is Important 7Into the Breach: Horror Stories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

    Stolen Laptops . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8Insecurely Protected Network Resources . . . . . . . . . . . . . . . . . . . . . . . . . 9A Few Words About Identity Theft . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

    Laws and Regulations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11Privacy Regulations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11Compliance Regulations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12Breach Notification Regulations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

    Laws and Regulations Limiting Cryptography . . . . . . . . . . . . . . . . . . . . . . . . . 13

    3 An Inadequate History of Cryptography 15Human Cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15Machine Cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18Computer Cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

    Public-Key Cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20The Rise of Standard Cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . 22The Advanced Encryption Standard . . . . . . . . . . . . . . . . . . . . . . . . . . . 23The Crypto Wars . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

    4 The Basics of Cryptography 29Basic Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

    Participants and Variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29Random Numbers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30Ciphers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

    Block Sizes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

    v

  • CONTENTS

    Families of Public-Key Ciphers . . . . . . . . . . . . . . . . . . . . . . . . . . 33The Factoring Family . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33The Logarithm Family . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34Key Sizes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36Unbreakable Ciphers or How Many Bits Are Enough? . . . . . . . . . . . . . 37One-Time Pads, the Truly Unbreakable Encryption . . . . . . . . . . . . . . . 38The Seduction of the One-Time Pad . . . . . . . . . . . . . . . . . . . . . . . 39

    Hash Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41Commonly Used Hash Functions . . . . . . . . . . . . . . . . . . . . . . . . . 42Difficulties with Hash Functions . . . . . . . . . . . . . . . . . . . . . . . . . . 42

    Data Integrity Functions: MACs and Signatures . . . . . . . . . . . . . . . . . . . . . 45Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

    Why Certificates? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47Trust and Authority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

    Direct Trust . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47Hierarchical Trust . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48Cumulative Trust . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48Hybrids of the Trust Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

    Certificate Dialects and Gory Details . . . . . . . . . . . . . . . . . . . . . . . . . . . 49Certificates and Certification . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

    Putting it All TogetherConstructing Ciphertext from Plaintext . . . . . . . . . . . 51Taking It All ApartGetting Plaintext from Ciphertext . . . . . . . . . . . . . . . . 51Going on from Here . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

    5 The Future of Cryptography 53From Noun to Adjective, From Syntax to Semantics . . . . . . . . . . . . . . . . . . . . . 53

    Social Expectations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54Digital Signatures and Semantics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54

    Digital Signatures Arent Signatures . . . . . . . . . . . . . . . . . . . . . . . . . . . 54The Myth of Non-Repudiation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

    The Paradox of Stronger Keys . . . . . . . . . . . . . . . . . . . . . . . . . . 56Signatures and Liability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57A Real-Wold Semantic Shift . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

    Cryptography and Reliability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59The Rise of Hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59Rights Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60Privacy-Enhancing Technologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62What Will Cause Little Change? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

    New Hash Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63New Ciphers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64

    Encrypt+Authenticate Ciphers . . . . . . . . . . . . . . . . . . . . . . . . . . 64New and Redesigned Ciphers . . . . . . . . . . . . . . . . . . . . . . . . . . . 64Elliptic Curve Cryptography . . .