You will find references to various types of encryption methods and algorithms throughout this book. This section is a very brief summary of some of the terms and algorithms relevant to discussions in later chapters. For more detailed information on this complex topic, consult a good cryptography reference.[21]
With public key cryptography, each party has a key-pair consisting of a private key and a public key. The public key is published while the private key is kept secret. Data encrypted with the public keys can only be decrypted using the private key and vice versa. Public key cryptography can also be used for authentication (through the use of digital signatures).
An important advantage of public key cryptography is that there are less complicated key distribution problems. All parties that want to be able to communicate using public key cryptography need to publish their public key in some kind of directory. When Alice wants to send an encrypted message to Bob, she uses Bob’s public key to encrypt the data. Alice can also digitally sign a message by encrypting it with her private key. Bob can then decrypt the message using his private key and verify Alice’s signature by decrypting using her public key.
The main disadvantage is that public key cryptography is slow compared to symmetric key cryptography.
Two common public key systems are:
- Rivest-Shamir-Adleman (RSA)
The RSA cryptosystem is the most widely used public key cryptosystem. It’s designed for doing both digital signatures and data encryption. RSA is used in Internet standards and drafts like IPSec, S/MIME, and TLS (the successor to SSL). RSA was patented in the U.S. until September 20, 2000.
- Digital Signature Algorithm (DSA)
The Digital Signature Algorithm is an unpatented alternative to RSA. DSA was intended for performing digital signatures only, but it can be adapted for encryption as well. DSA is described in the Digital Signature Standard (DSS).[22] DSA was designed by the National Security Agency (NSA) based on the ElGamal algorithm, which is unpatented.
With symmetric key cryptography, a single key is used for both encryption and decryption. Symmetric key cryptography is also known as secret key cryptography. The two most common methods that use symmetric key cryptography are stream ciphers and block ciphers, described in the following sections.
An important advantage of symmetric cryptography is that it’s generally faster than public key cryptography. The main disadvantage is that it’s hard to manage and distribute the keys to all parties in a secure manner.
Stream ciphers use a key stream that is the same length as the cleartext (unencrypted) data to produce the ciphertext (encrypted) data. The key stream can be independent of the data, or it can be generated based on it. Stream ciphers can be designed to be extremely fast. The most commonly used stream cipher is probably RC4 (Rivest Cipher 4), which is used in SSL-enabled browsers, for example.
Block ciphers use a fixed-size encryption key to encrypt fixed blocks (generally 64 bits) of data. The following are some commonly used block ciphers:
- Data Encryption Standard (DES)
The U.S. Government’s Data Encryption Standard is a block cipher, originally created by IBM, that operates on 64-bit blocks using a 56-bit key. This version is known as Single DES. The latest revision of DES now incorporates the Triple DES (3-DES) algorithm. This is also referred to as the TDEA (Triple Data Encryption Algorithm). 3-DES is simply Single DES performed three times (encrypt, decrypt, encrypt) with three different keys (3 × 56-bit keys) on the same 64-bit block — hence the name 3-DES. DES is described in FIPS 46-3, available from http://csrc.nist.gov/fips/fips46-3.pdf.
- Advanced Encryption Standard (AES)
The Advanced Encryption Standard, currently under development, will eventually replace DES as the U.S. government encryption standard. The AES development effort is led by the U.S. National Institute for Standards and Technology (NIST). NIST initiated the AES effort in 1997 as a “call for algorithms” in which the cryptographic community was invited to submit AES candidates. On October 2, 2000, the Rijndael (pronounced Rhine-doll) algorithm was declared the winner. It will eventually become the official AES in 2001. Follow the progress at http://www.nist.gov/aes/.
- Blowfish
Bruce Schneier’s Blowfish algorithm is another block cipher that operates on 64-bit blocks. Blowfish uses variable-length keys (32 to 448 bits) and offers very good performance. Blowfish is unpatented and free. You can get it from http://www.counterpane.com/blowfish.html.
- International Data Encryption Algorithm (IDEA)
The International Data Encryption Algorithm is yet another block cipher that operates on 64-bit blocks. Many consider IDEA the best block cipher algorithm to date. It is used in several products and protocols such as PGP and some SSH implementations. Ascom Systec Ltd. ( http://www.ascom.ch/infosec/idea.html ) holds the rights to the IDEA algorithm. The licensing cost is about $10 per end user.
Hash algorithms provide a method for reducing variable-length data to a small fixed-length hash. Hashes are also called message digests or fingerprints. Hash algorithms are often used to produce message integrity checksums or to store passwords in a secure manner. A hash algorithm has the following requirements:
It should not be possible to deduce the data from the hash.
No sets of data should produce the same hash.
It should not be possible to generate a given hash.
Two of the more common hash algorithms are:
- Message Digest (MD5)
MD5 is available from RSA Data Security. Ronald Rivest (the “R” in RSA) published the MD5 hash algorithm in 1992 as RFC 1321. MD5 was an improvement over the previously published MD4 algorithm, which has some design weaknesses. MD5 produces a 128-bit hash from an input of any length.
- Secure Hash Algorithm (SHA-1)
Available from the U.S. National Institute of Standards and Technology, SHA-1 is the NIST Secure Hash Standard.[23] It’s considered to be the most secure hash algorithm today. It produces a 160-bit hash from a variable-length input.
[21] I particularly recommend Bruce Schneier’s Applied Cryptography, Second Edition ( John Wiley & Sons, 1996). You can also find a very readable summary of fundamental cryptography terms and algorithms in Appendix C of Building Internet Firewalls, Second Edition, referenced earlier in this book. There’s a good online FAQ at RSA Labs as well (http://www.rsasecurity.com/rsalabs/faq/ ).
[22] Digital Signature Standard, Federal Information Processing Standard (FIPS) 186-2 ( http://csrc.nist.gov/fips/fips186-2.pdf ).
[23] The Secure Hash Standard, FIPS 180-1 (http://csrc.nist.gov/fips/fip180-1.pdf).
Get Securing Windows NT/2000 Servers for the Internet now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
