The DES (Data Encryption Standard) data encryption algorithm was published in 1977 and remains a common block symmetric algorithm used in commercial information security systems.

The DES algorithm is constructed in accordance with the Feistel network methodology and consists of an alternating sequence of permutations and substitutions. The DES algorithm encrypts 64-bit blocks of data using a 64-bit key, in which 56 bits are significant (the remaining 8 are parity check bits).

The encryption process consists of an initial permutation of the bits of a 64-bit block, 16 cycles (rounds) of encryption, and, finally, a final permutation of the bits (Fig. 6.2).

Rice. 6.2.

Decryption in DES is the inverse operation of encryption and is performed by repeating the encryption operations in reverse order.

The main advantages of the DES algorithm:

• only one 56-bit key is used;
• the relative simplicity of the algorithm ensures high processing speed;
• Having encrypted a message using one software package, you can use any other software package that complies with the DES algorithm for decryption;
• The cryptographic strength of the algorithm is quite sufficient to ensure the information security of most commercial applications.

Modern microprocessor technology makes it possible to crack symmetric block ciphers with a key length of 40 bits in a fairly reasonable time. For such hacking, the brute force method is used - a total testing of all possible key values ​​(the “brute force” method). Until recently, DES was considered a relatively secure encryption algorithm.

There are many ways to combine block algorithms to create new, more robust algorithms. One such way is multiple encryption - using a block algorithm multiple times with different keys to encrypt the same block of plaintext. With triple encryption, three different keys can be used.

The 3-DES algorithm (Triple DES) is used in situations where the reliability of the DES algorithm is considered insufficient.

Today, two modern strong encryption algorithms are increasingly used: the domestic encryption standard GOST 28147-89 and the new US crypto standard - AES (Advanced Encryption Standard).

The GOST 28147-89 encryption standard is intended for hardware and software implementation, meets cryptographic requirements and does not impose restrictions on the degree of secrecy of the protected information. The data encryption algorithm, defined by GOST 28147-89, is a 64-bit block algorithm with a 256-bit key.

The data to be encrypted is divided into 64-bit blocks. These blocks are divided into two subblocks Nx And N 2 32 bits each (Fig. 6.3). The /V subblock is processed in a certain way, after which its value is added to the value of the subblock N 2(addition is performed modulo 2, i.e. the logical operation XOR is applied - “exclusive or”), and then

Rice. 6.3.

subblocks are swapped. This transformation is performed a certain number of times (“rounds”) - 16 or 32, depending on the operating mode of the algorithm.

In each round, two operations are performed.

The first operation is key application. The contents of the /V subblock are added modulo 2 32 with the 32-bit part of the key K x. The full encryption key is represented as a concatenation of 32-bit subkeys: K 0, K (, K 2, K 3, K 4, K 5, K 6, K 7. During the encryption process, one of these subkeys is used, depending on the round number and the operating mode of the algorithm.

The second operation is table replacement. After applying the key subblock N ( is divided into 8 parts of 4 bits, the value of each of which is replaced in accordance with the replacement table for this part of the subblock. The subblock is then bit-rotated to the left by 11 bits.

Table replacements. The 5-box substitution box is often used in modern encryption algorithms, so it is worth explaining how such an operation is organized.

The 5-box substitution block consists of eight replacement nodes (5-replacement blocks) 5, S2,..., 5 8 with 64 bit memory each. Arriving at the substitution block S The 32-bit vector is divided into 8 sequential 4-bit vectors, each of which is converted into a 4-bit vector by the corresponding replacement node. Each replacement node can be represented as a permutation table of 16 4-bit binary numbers in the range 0000... 1111. The input vector specifies the address of a row in the table, and the number in that row is the output vector. The 4-bit output vectors are then sequentially combined into a 32-bit vector. Replacement nodes (permutation tables) are key elements that are common to the computer network and rarely change. These replacement nodes must be kept secret.

The algorithm defined by GOST 28147-89 provides four operating modes: simple replacement, gamming, gamming with feedback And generation of imitation prefixes. They use the same encryption transformation described above, but since the purpose of the modes is different, this transformation is carried out differently in each of them.

In mode easy replacement To encrypt each 64-bit block of information, the 32 rounds described above are performed. In this case, 32-bit subkeys are used in the following sequence:

K 0, K (, K 2, K 3, K 4, K 5, K 6, K 7, K 0,/G, etc. - in rounds 1 to 24;

K 7, K b, K 5, K 4, K 3, K 2, K x, K 0 - in rounds 25 to 32.

Decryption in this mode is carried out in exactly the same way, but with a slightly different sequence of using subkeys:

K 0, AG, K 2, K 3, K 4, K 5, K b, K 7 - in rounds 1 to 8;

K 7, K 6, K 5, K 4, K 3, K 2, K (, K 0, K 7, K b etc. - in rounds from 9 to 32.

All blocks are encrypted independently of each other, i.e. the result of encrypting each block depends only on its contents (the corresponding block of the original text). If there are several identical blocks of original (plain) text, the corresponding ciphertext blocks will also be identical, which provides additional useful information for a cryptanalyst trying to crack the cipher. Therefore, this mode is used mainly for encrypting the encryption keys themselves (multi-key schemes are very often implemented, in which, for a number of reasons, the keys are encrypted on each other). Two other operating modes are intended for encrypting the information itself - gamma and gamma with feedback.

IN gamma mode Each plaintext block is added bit by bit modulo 2 to a 64-bit cipher gamma block. Cipher gamma - this is a special sequence that is obtained as a result of certain operations with registers N1 And S 2(Fig. 6.9):

• 1. To registers N^ And 1U 2 their initial filling is recorded - a 64-bit value called a sync message.
• 2. The contents of the registers are encrypted N1 And M 2(in this case - sync messages) in simple replacement mode.
• 3. Register contents N^ is added modulo (2 32 - 1) with constant C, = 2 24 + 2 16 + 2 8 + 2 4, and the result of the addition is written to the register N1 .
• 4. The contents of the register CU 2 are added modulo 232 with the constant C 2 = 2 24 + 2 16 + 2 8 + 1, and the result of the addition is written to the register CU 2.
• 5. Contents of registers N, And S 2 output as a 64-bit cipher gamma block (in this case N^ and VU 2 form the first block of the scale).

If the next gamma block is needed (i.e., encryption or decryption needs to continue), it returns to step 2.

To decrypt, the gamma is generated in a similar way, and then the X(G) operation is again applied to the ciphertext and gamma bits. Since this operation is reversible, in the case of a correctly generated gamma, the original text is obtained (Table 6.1).

Table 6.1. Encryption and decryption in gamma mode

To develop the cipher needed to decrypt the gamma, the user decrypting the cryptogram must have the same key and the same value of the synchronization message that were used when encrypting the information. Otherwise, it will not be possible to obtain the original text from the encrypted one.

In most implementations of the GOST 28147-89 algorithm, the synchronization message is not secret, but there are systems where the synchronization message is the same secret element as the encryption key. For such systems, the effective key length of the algorithm (256 bits) is increased by another 64 bits of the secret synchronization message, which can also be considered as a key element.

IN gamma mode with feedback to fill the L" and IU 2 registers, starting from the 2nd block, not the previous gamma block is used, but the result of encrypting the previous plaintext block (Fig. 6.4). The first block in this mode is generated completely similarly to the previous one.

Considering the mode generating imitation prefixes, the concept of the subject of generation should be defined. Imitation prefix - is a cryptographic checksum calculated using

Rice. 6.4.

calling an encryption key and designed to verify the integrity of messages. When generating an imitation prefix, the following operations are performed: the first 64-bit block of the information array, for which the imitation prefix is ​​calculated, is written to the ^ and A^ 2 registers and encrypted in the reduced simple replacement mode (the first 16 rounds out of 32 are performed). The obtained result is summed modulo 2 with the next block of information, storing the result in L", and S 2.

The cycle repeats until the last block of information. The resulting 64-bit contents of the A^, and A^2 registers or part of it is called an imitation prefix. The size of the imitation attachment is selected based on the required reliability of messages: with the length of the imitation attachment G bit the probability that a message change will go unnoticed is 2~ g.

The most commonly used is a 32-bit imitative prefix, i.e. half the contents of the registers. This is enough, since, like any checksum, the imitation attachment is intended primarily to protect against accidental distortion of information. To protect against intentional modification of data, other cryptographic methods are used - primarily an electronic digital signature.

When exchanging information, the imitation prefix serves as a kind of additional means of control. It is calculated for the plaintext when any information is encrypted and is sent along with the ciphertext. After decryption, a new value of the imitation prefix is ​​calculated and compared with the sent one. If the values ​​do not match, it means the ciphertext was corrupted during transmission or incorrect keys were used during decryption. The imitation prefix is ​​especially useful for checking the correct decryption of key information when using multi-key schemes.

The GOST 28147-89 algorithm is a very robust algorithm - at present, no more effective methods have been proposed for its disclosure than the “brute force” method mentioned above. Its high security is achieved primarily due to the large key length - 256 bits. When using a secret sync message, the effective key length increases to 320 bits, and encrypting the replacement table adds additional bits. In addition, cryptographic strength depends on the number of transformation rounds, which according to GOST 28147-89 should be 32 (the full effect of input data dispersion is achieved after 8 rounds).

AES encryption standard. In 1997, the American Standards Institute NIST (National Institute of Standards & Technology) announced a competition for a new standard for a symmetric cryptographic algorithm, called AES (Advanced Encryption Standard). The largest cryptology centers around the world were involved in its development. The winner of this competition actually became the world crypto standard for the next 10-20 years.

The following requirements were presented to cryptographic algorithms - candidates for the new AES standard:

• the algorithm must be symmetric;
• the algorithm must be a block cipher;
• the algorithm must have a block length of 128 bits and support three key lengths: 128, 192 and 256 bits.

Additionally, crypto algorithm developers were recommended to:

• use operations that are easily implemented both in hardware (in microchips) and software (on personal computers and servers);
• focus on 32-bit processors;
• do not unnecessarily complicate the structure of the cipher, so that all interested parties are able to independently conduct an independent cryptanalysis of the algorithm and make sure that it does not contain any undocumented capabilities.

The results of the competition were summed up in October 2000 - the Rijndael algorithm, developed by two cryptographers from Belgium, Vincent Rijmen and Joan Daemen, was declared the winner. The Rijndael algorithm has become the new AES data encryption standard.

The AES algorithm is not similar to most known symmetric encryption algorithms, the structure of which is called the “Feistel network” and is similar to the Russian GOST 28147-89. Unlike the domestic encryption standard, the AES algorithm represents each block of processed data in the form of a two-dimensional byte array of size 4x4, 4x6 or 4 x 8, depending on the set block length (the use of several fixed sizes of the encrypted block of information is allowed). Further, at the appropriate stages, transformations are performed either on independent columns, or on independent rows, or even on individual bytes.

The AES algorithm consists of a certain number of rounds (from 10 to 14 - this depends on the block size and key length) and performs four transformations:

BS (ByteSub) - table replacement of each byte of the array (Fig. 6.5);

SR (ShiftRow) - shift rows of the array (Fig. 6.6). With this operation, the first line remains unchanged, and the rest are cyclically shifted byte-by-byte to the left by a fixed number of bytes, depending on the size of the array. For example, for a 4x4 array, lines 2, 3, and 4 are shifted by 1, 2, and 3 bytes, respectively;

MS (MixColumn) is an operation on independent columns of an array (Fig. 6.7), when each column is multiplied by a fixed matrix c(x) according to a certain rule;

AK (AddRoundKey) - adding a key. Each bit of the array is added modulo 2 with the corresponding bit of the round key, which in turn is calculated in a certain way from the encryption key (Fig. 6.8).

Rice. 6.5.

to process each byte of the State array

Rice. 6.6. The SR (ShiftRow) transformation cyclically shifts the last three

strings in the State array

		d 2 j

			to oz
			to zz

Rice. 6.8. The AK transformation (AddRoundKey) performs the XOR addition of each

State array column with a word from the key set

These conversions affect the State array, which is addressed by the "state" pointer. The AddRoundKey transformation uses an additional pointer to address the Round Key.

The BS (ByteSub) transformation is a non-linear byte substitution that acts independently on each byte of the State array using the iS-box substitution table.

In each round (with some exceptions), the following are performed in turn on the encrypted data:

transformations (Fig. 6.9). Exceptions apply to the first and last rounds: before the first round, the A K operation is additionally performed, and in the last round there is no MS.

Rice. 6.9.

As a result, the sequence of operations during encryption looks like this:

AK, (BS, SR, MC, AK) (repeated R- 1 time), BS, SR, AK.

Number of encryption rounds R in the AES algorithm is variable (10, 12 or 14 rounds) and depends on the block size and the encryption key (there are also several fixed sizes for the key).

Decryption is performed using the following reverse operations. The table is inverted and the table is replaced with an inverse table (relative to the one used for encryption). The inverse operation to SR is to rotate rows to the right rather than to the left. The inverse operation for MS is multiplication using the same rules by another matrix d(x), satisfying the condition c(x) d(x) = 1. Adding the key AK is the inverse of itself, since it only uses the XOR operation. These reverse operations are applied during decryption in the reverse sequence to that used during encryption.

All transformations in the AES cipher have a strict mathematical basis. The structure itself and the sequence of operations allow this algorithm to be executed effectively on both 8-bit and 32-bit processors. The structure of the algorithm includes the possibility of parallel execution of some operations, which can increase the encryption speed on multiprocessor workstations by 4 times.

The AES algorithm has become a new standard for data encryption due to a number of advantages over other algorithms. First of all, it provides high encryption speed on all platforms: both software and hardware implementation. In addition, the resource requirements for its operation are minimal, which is important when used in devices with limited computing capabilities.

The only drawback of the AES algorithm is its unconventional design. The fact is that the properties of algorithms based on the “Feistel network” have been well researched, and AES, in contrast, may contain hidden vulnerabilities that can only be discovered after some time has passed since its widespread use.

Other symmetric block cryptographic algorithms are also used to encrypt data.

Basic operating modes of block symmetrical

algorithm

Most block symmetric cryptographic algorithms directly convert the 64-bit input plaintext into a 64-bit output ciphertext, but the data is rarely limited to 64 bits.

To take advantage of the block symmetric algorithm to solve a variety of cryptographic problems, four operating modes have been developed:

• electronic code book EU B (Electronic Code Book);
• chaining of CBC cipher blocks (Cipher Block Chaining);
• CFB (Cipher Feed Back) ciphertext feedback;
• OFB (Output Feed Back) feedback.

These operating modes were originally designed for the DES block algorithm, but other block cryptographic algorithms can operate in any of these modes.

09.07.2003

What is encryption?

Encryption has been used by humanity since the very moment the first secret information appeared, i.e., such information to which access should be limited. This was a very long time ago - for example, one of the most famous encryption methods is named after Caesar, who, if he did not invent it himself, then actively used it (see sidebar).

Cryptography ensures that the meaning of a message is hidden and is revealed by decryption using special algorithms and keys. We understand the key as a specific secret state of the parameters of the encryption and decryption algorithms. Knowing the key makes it possible to read the secret message. However, as you will see below, ignorance of the key does not always guarantee that the message cannot be read by a stranger.

The process of breaking a cipher without knowing the key is called cryptanalysis. The time required to break a cipher is determined by its cryptographic strength. The larger it is, the “stronger” the encryption algorithm is. It is even better if it is initially impossible to find out at all whether the result of the hack is achievable.

Basic modern encryption methods

Among the various encryption methods, the following main methods can be distinguished:

• Replacement or substitution algorithms - characters of the source text are replaced with characters of another (or the same) alphabet in accordance with a predetermined scheme, which will be the key of this cipher. Separately, this method is practically not used in modern cryptosystems due to its extremely low cryptographic strength.
• Rearrangement algorithms - characters of the original text are swapped according to a certain principle, which is a secret key. The permutation algorithm itself has low cryptographic strength, but is included as an element in many modern cryptosystems.
• Gamma algorithms - the characters of the source text are added to the characters of a certain random sequence. The most common example is the encryption of “username.pwl” files, in which the Microsoft Windows 95 operating system stores passwords to the network resources of a given user (passwords for logging into NT servers, passwords for DialUp Internet access, etc.).

When a user enters their password when logging into Windows 95, a gamma (always the same) is generated from it using the RC4 encryption algorithm, which is used to encrypt network passwords. The simplicity of password selection in this case is due to the fact that Windows always prefers the same color scheme.

• Algorithms based on complex mathematical transformations of the source text according to a certain formula. Many of them use unsolved math problems. For example, the RSA encryption algorithm widely used on the Internet is based on the properties of prime numbers.

Symmetric and asymmetric cryptosystems

Before moving on to individual algorithms, let's briefly consider the concept of symmetric and asymmetric cryptosystems. Generating a secret key and encrypting a message with it is only half the battle. But how can such a key be sent to someone who must use it to decrypt the original message? The transmission of the encryption key is considered one of the main problems of cryptography.

While remaining within the framework of a symmetric system (so named because the same key is used for encryption and decryption), it is necessary to have a reliable communication channel for transmitting the secret key. But such a channel is not always available, and therefore the American mathematicians Diffie, Hellman and Merkle developed the concept of a public key and asymmetric encryption in 1976. In such cryptosystems, only the key for the encryption process is publicly available, and the decryption procedure is known only to the owner of the secret key.

For example, when I want a message to be sent to me, I generate public and private keys. I send it to you, you encrypt the message and send it to me. Only I can decrypt the message, since I did not give the secret key to anyone. Of course, both keys are linked in a special way (in different ways in each cryptosystem), and distribution of the public key does not destroy the cryptographic strength of the system.

In asymmetric systems, the following requirement must be satisfied: there is no algorithm (or it is not yet known) that would derive the original text from the cryptotext and the public key. An example of such a system is the well-known RSA cryptosystem.

RSA algorithm

The RSA algorithm (after the first letters of the last names of its creators Rivest-Shamir-Adleman) is based on the properties of prime numbers (and very large ones). Prime numbers are those numbers that have no divisors other than themselves and one. And coprime numbers are those numbers that have no common divisors other than 1.

First, let's choose two very large primes (large primes are needed to construct large, strong keys. For example, the Unix program ssh-keygen generates keys 1024 bits long by default).

Let's define the parameter n as a result of multiplication p And q. Let's choose a large random number and call it d, and it must be coprime with the result of multiplication (p -1)*(q -1).

Let us find a number e for which the relation is true

(e*d) mod ((p -1)*(q -1)) = 1

(mod- remainder of division, i.e. if e multiplied by d is divided by ((p -1)*(q -1)), then the remainder is 1).

The public key is a pair of numbers e and n, and closed - d and n.

When encrypting, the source text is treated as a number series, and we perform an operation on each number

C(i)= (M(i) e) mod n.

The result is the sequence C(i), which will make up the cryptotext. Decoding of information occurs according to the formula

M(i) = (C(i) d) mod n.

As you can see, decryption requires knowledge of the secret key.

Let's try it on small numbers.

Let's install p=3, q=7. Then n=p*q=21. Choose d as 5. From the formula (e*5) mod 12=1 calculate e=17. Public key 17, 21 , secret - 5, 21 .

Let's encrypt the sequence "12345":

C(1)= 1 17 mod 21= 1

C(2)= 2 17 mod 21 =11

C(3)= 3 17 mod 21= 12

C(4)= 4 17 mod 21= 16

C(5)= 5 17 mod 21= 17

Cryptotext - 1 11 12 16 17.

Let's check the decryption:

M(1)= 1 5 mod 21= 1

M(2)= 11 5 mod 21= 2

M(3)= 12 5 mod 21= 3

M(4)= 16 5 mod 21= 4

M(5)= 17 5 mod 21= 5

As you can see, the result coincided.

The RSA cryptosystem is widely used on the Internet. When you connect to a secure server via SSL, install a WebMoney certificate on your PC, or connect to a remote server using Open SSH or SecureShell, all of these programs use public key encryption using ideas from the RSA algorithm. Is this system really that reliable?

RSA hacking competitions

Since its creation, RSA has been constantly subject to Brute-force attacks. In 1978, the authors of the algorithm published an article where they presented a string encrypted using the method they had just invented. The first person to decipher the message was given a reward of $100, but this required dividing a 129-digit number into two factors. This was the first competition to crack RSA. The problem was solved only 17 years after the publication of the article.

RSA's cryptographic strength is based on the assumption that it is extremely difficult, if not impossible, to determine the private key from the public key. To do this, it was necessary to solve the problem of the existence of divisors of a huge integer. Until now, no one has solved it using analytical methods, and the RSA algorithm can only be cracked through brute force. Strictly speaking, the assertion that the factorization problem is difficult and that breaking the RSA system is difficult is also not proven.

The number obtained as a result of processing the message text by the hash function is encrypted using the RSA algorithm on the user’s private key and sent to the recipient along with the letter and a copy of the public key. The recipient, using the sender's public key, performs the same hash function on the incoming message. If both numbers are equal, this means that the message is genuine, but if at least one character has been changed, then the numbers will not match.

One of the most common email clients in Russia, The Bat! program, has built-in capabilities to add digital signatures to letters (pay attention to the Privacy menu item when editing a letter). Read more about this technique in the article (see “PC World”, No. 3/02).

Rice. 3

Cryptography

Cryptography is the science of the principles, means and methods of transforming information to protect it from unauthorized access and distortion. Lately it has been developing very, very rapidly. It's a never-ending, exciting race that requires a lot of time and effort: cryptanalysts crack algorithms that until recently were standards and widely used. By the way, recently mathematicians Dan Goldston (USA) and Kem Ildirim (Turkey) proved the first regularity in the distribution of prime numbers (such regularities had not been noticed until now). Prime numbers are located on the number axis in certain clusters, which makes them somewhat easier to find.

Mathematical research conducted all over the world constantly leads to new discoveries. Who knows, maybe we are on the verge of breaking the RSA algorithm or other cryptosystems based on unsolved mathematical problems.

Oleg Bunin- specialist in software development for large Internet projects, employee of the Rambler company, [email protected] .

Literature

1. Lukashov I.V. Cryptography? Iron! // PC World. 2003. No. 3 (
2. Nosov V. A. A brief historical outline of the development of cryptography // Proceedings of the conference "Moscow University and the development of cryptography in Russia", MSU, October 17-18, 2002.
3. Salomaa A. Public key cryptography. M., 1996.
4. Zimmerman F. PGP - public key encryption for everyone.

Caesar Cipher System

An example of a replacement algorithm is the Caesar encryption system. This method is based on replacing each letter of the message with another by shifting from the original by a fixed number of characters. Try to decipher the quatrains of Omar Khayyam (completion time - 10 minutes).

RLZ YOMEYZ AVBZHU IZAVLU, BZHSCHLU ZHSHCHEZZHZ ZHUOSCHZ, EYSH YSHCHAZhFO IYSHCHYVESH BSHCHIZHV EESH ZHSCHRSCH: LF EMRSYU ЪZEZESCHG, RYU RLZ IZISHCHZ YUKLU, IN EMRSYU BMEU ZEVZH, RYU Y YOYUKLU K DUYO IZISHCHEZ.

Did you make it? Here's the answer:

To live your life wisely, you need to know a lot,

Remember two important rules to get started:

You'd rather starve than eat anything

And it’s better to be alone than with just anyone.

Decryption key: shift by seven characters (take the seventh) to the left alphabetically. The alphabet is looped. Character case is not sensitive.

Windows and passwords

How does Windows encrypt passwords?

The system takes the password, converts it to upper case, trims it to 14 characters, then divides them into two halves of 7, encrypts each separately and saves it that way, which makes hacking a little easier. By the way, when you come up with a password, keep in mind that a combination longer than 14 characters has little meaning.

AES (Advanced Encryption Standard) Competition

In the 80s in the USA they adopted a symmetric encryption standard for internal use - DES ((Data Encryption Standard, there is a similar standard in Russia). But in 1997, when it became clear that the 56-bit DES key was not enough for a reliable cryptosystem, the American Standards Institute announced competition for a new standard algorithm.Out of 15 options, the best was chosen: the Belgian algorithm Rijndael (its name is made up of the names of the authors - Rijmen and Daemen, read as "Rijndael". This algorithm is already built into various cryptographic tools supplied to the market). Other finalists The winners of the competition were MARS, RC6, Serpent, TwoFish.All these algorithms were found to be quite robust and successfully resist all well-known methods of cryptanalysis.

Cryptographic hash functions

Cryptographic hash functions convert input data of any size into a fixed-size string. It is extremely difficult to find for them:

• two different data sets with the same transformation result (collision resistance); for example, the number of arithmetic operations required to find a data block that also has a short message for the MD5 hash function is approximately 2 64;
• input value based on a known hashing result (irreversibility); for MD5, the estimated number of operations required to compute the original message is 2,128.

Entertaining encryption

A review of encryption algorithms common in the world allows you not only to select the algorithm necessary for your task, but also to estimate the costs of its implementation and the capabilities and requirements awaiting the user.

Encryption is a method of protecting information

From time immemorial there has been no value greater than information. The twentieth century is the century of computer science and informatization. Technology makes it possible to transmit and store increasingly large amounts of information. This benefit also has a downside. Information is becoming increasingly vulnerable for various reasons:

increasing volumes of stored and transmitted data;

expanding the circle of users with access to computer resources, programs and data;

increasing complexity of operating modes of computer systems.

Therefore, the problem of protecting information from unauthorized access (UNA) during transmission and storage is becoming increasingly important. The essence of this problem is the constant struggle between information security specialists and their “opponents.”

Characteristics of composite encryption algorithms

Information protection is a set of measures, methods and means that ensure:

• exclusion of non-compliance documents to computer resources, programs and data;
• checking the integrity of information;
• exclusion of unauthorized use of programs (protection of programs from copying).

The obvious trend towards the transition to digital methods of transmitting and storing information makes it possible to use unified methods and algorithms to protect discrete (text, fax, telex) and continuous (speech) information.

A proven method of protecting information from unauthorized access is encryption (cryptography). Encryption is the process of converting open data (plaintext) into encrypted data (ciphertext) or encrypted data into open data according to certain rules using keys. In English literature, encryption/decryption is enciphering/deciphering.

Using cryptographic methods it is possible to:

encryption of information;

implementation of electronic signature;

distribution of encryption keys;

protection against accidental or intentional changes to information.

There are certain requirements for encryption algorithms:

• high level of data protection against decryption and possible modification;
• the security of information should be based only on knowledge of the key and not depend on whether the algorithm is known or not (Kirkhoff’s rule);
• a small change in the source text or key should lead to a significant change in the ciphertext (the “crash” effect);
• the key value range must exclude the possibility of data decryption by enumerating the key values;
• economical implementation of the algorithm with sufficient speed;
• the cost of decrypting data without knowing the key must exceed the cost of the data.

Legends of deep antiquity...

Boris Obolikshto

Cryptology is an ancient science and this is usually emphasized by the story of Julius Caesar (100 - 44 BC), whose correspondence with Cicero (106 - 43 BC) and other “subscribers” in Ancient Rome was encrypted . The Caesar cipher, also known as the cyclic substitution cipher, consists of replacing each letter in a message with a letter of the alphabet that is a fixed number of letters away from it. The alphabet is considered cyclic, that is, after Z comes A. Caesar replaced a letter with a letter three away from the original one.
Today in cryptology it is customary to operate with symbols not in the form of letters, but in the form of numbers corresponding to them. So, in the Latin alphabet we can use numbers from 0 (corresponding to A) to 25 (Z). Denoting the number corresponding to the original symbol, x, and the encoded one, y, we can write down the rule for using a substitution cipher:

y = x + z (mod N), (1)

Where z- The secret key, N is the number of characters in the alphabet, and addition modulo N is an operation similar to ordinary addition, with the only difference being that if ordinary summation gives a result greater than or equal to N, then the value of the sum is the remainder of dividing it by N.

The Caesar cipher in the accepted notation corresponds to the value of the secret key z = 3 (and for Caesar Augustus z = 4). Such ciphers can be solved extremely simply even without knowing the value of the key: it is enough to know only the encryption algorithm, and the key can be found by simple brute force (the so-called force attack). Cryptology consists of two parts - cryptography, which studies methods of encrypting and/or verifying the authenticity of messages, and cryptanalysis, which considers ways of decrypting and substituting cryptograms. The instability of the first ciphers for many centuries created an atmosphere of secrecy around the work of a cryptographer and slowed down the development of cryptology as a science.

For more than two thousand years, so-called “pre-scientific” cryptography has semi-intuitively “groped” for quite a few interesting solutions. The simplest action is to perform the substitution in a non-alphabetical order. It is also a good idea to rearrange the symbols in the message (permutation ciphers).

The work of the great architect Leon Battista Alberti (1404 - 1472) is considered to be the first systematic work on cryptography. The period until the middle of the 17th century was already full of work on cryptography and cryptanalysis. The intrigues around ciphergrams in Europe at that time are surprisingly interesting. Alas, limited by the magazine’s capabilities, we will choose only one surname known from school - François Viète (1540 - 1603), who at the court of King Henry IV of France was so successful in cryptanalysis (which did not yet bear this proud name) that the Spanish King Philip II complained to the Pope about the French use of black magic. But everything happened without bloodshed - at that time, advisers from the Argenti family, whom we would call today cryptanalysts, were already serving at the Pope’s court.

It can be argued that for centuries, the decryption of cryptograms has been helped by frequency analysis of the appearance of individual symbols and their combinations. The probabilities of the appearance of individual letters in the text vary greatly (for the Russian language, for example, the letter “o” appears 45 times more often than the letter “f”). This, on the one hand, serves as the basis for both key discovery and analysis of encryption algorithms, and on the other hand, it is the reason for significant redundancy (in the information sense) of natural language text. Any simple substitution does not allow one to hide the frequency of occurrence of a symbol - the symbols corresponding to the letters “o”, “e”, “a”, “i”, “t”, “n” stick out like an awl from a bag in the Russian text. But information theories and a measure of redundancy have not yet been created, and to combat the enemy of the cryptographer - frequency analysis - RANDOMIZATION is proposed. Its author, Carl Friedrich Gauss (1777 - 1855), mistakenly believed that he had created an unbreakable cipher.

The next notable figure in the history of cryptology that we should not miss is the Dutchman Auguste Kerkhoff (1835 - 1903). He is responsible for the remarkable “Kerkhoff rule”: the strength of a cipher should be determined ONLY by the secrecy of the key. Considering the time when this rule was formulated, it can be considered the greatest discovery (more than half a century before the creation of a systematic theory!). This rule assumes that the encryption ALGORITHM IS NOT SECRET, which means that an open discussion of the advantages and disadvantages of the algorithm can be held. Thus, this rule transfers works on cryptology to the category of OPEN scientific works, allowing discussion, publication, etc.

20th century - from intuition to science

The last name we will mention in pre-scientific cryptology is AT&T engineer Gilbert Vernam (G.S. Vernam). In 1926, he proposed a truly unbreakable cipher. The idea of ​​the cipher is to select a new z value in equation (1) for each subsequent symbol. In other words, the private key should only be used once. If such a key is chosen at random, then, as Shannon rigorously proved 23 years later, the cipher is unbreakable. This cipher is the theoretical basis for the use of so-called "cipher pads", the widespread use of which began during the Second World War. A cipherpad contains a set of one-time use keys that are selected sequentially when encrypting messages. Vernam's proposal, however, does not solve the problem of secret communication: instead of a way to transmit a secret message, it is now necessary to find a way to transmit a secret key EQUAL to it in LENGTH, i.e., containing the same number of characters as there are in the plaintext.

In 1949, Claude Shannon's paper "Communication Theories in Secret Systems" marked the beginning of scientific cryptology. Shannon showed that for some "random cipher" the number of ciphertext characters that a cryptanalyst with unlimited resources can obtain to recover the key (and solve the cipher) is

H (Z)/(rlog N), (2)

Where H(Z) is the entropy of the key, r is the redundancy of the plaintext, and N- volume of the alphabet.

Based on the efficiency with which archivers compress text files, we know well how great the redundancy of plain text is - after all, their job is to reduce redundancy (and only on the most easily eliminated part of it). With a plaintext redundancy of about 0.75 and using a 56-bit key (as assumed by DES), 11 characters of ciphertext are sufficient to recover the key with unlimited cryptanalyst resources.

Strictly speaking, relation (2) has not been proven for an arbitrary cipher, but is true for known special cases. A remarkable conclusion follows from (2): the work of a cryptanalyst can be made more difficult not only by improving the cryptosystem, but also by reducing the redundancy of the plaintext. Moreover, if plaintext redundancy is reduced to zero, then even a short key will produce a cipher that a cryptanalyst cannot solve.

Before encryption, information should be subjected to statistical coding (compression, archiving). At the same time, the volume of information and its redundancy will decrease, and entropy will increase (the average amount of information per character). Since the compressed text will not contain repeated letters and words, decryption (cryptanalysis) will be difficult.

Classification of encryption algorithms

1. Symmetrical (with a secret, single key, single-key, single-key).
1.1. Streaming (data stream encryption):

with a one-time or infinite key (infinite-key cipher);

with a final key (Vernam system);

based on a pseudorandom number generator (PRN).

1.2. Block (data encryption block by block):
1.2.1. Permutation ciphers (P-blocks);
1.2.2. Substitution ciphers (substitution, S-boxes):

• monoalphabetic (Caesar code);
• polyalphabetic (Widgenere cipher, Jefferson cylinder, Whetstone disk, Enigma);

1.2.3. components (table 1):

• Lucipher (IBM, USA);
• DES (Data Encryption Standard, USA);
• FEAL-1 (Fast Enciphering Algoritm, Japan);
• IDEA/IPES (International Data Encryption Algorithm/
• Improved Proposed Encryption Standard, Ascom-Tech AG, Switzerland);
• B-Crypt (British Telecom, UK);
• GOST 28147-89 (USSR); * Skipjack (USA).

2. Asymmetric (with public key, public-key):

• Diffie-Hellman DH (Diffie, Hellman);
• Rivest-Shamir-Adleman RSA (Rivest, Shamir, Adleman);
• ElGamal ElGamal.

In addition, there is a division of encryption algorithms into ciphers themselves and codes. Ciphers work with individual bits, letters, and symbols. Codes operate on linguistic elements (syllables, words, phrases).

Symmetric encryption algorithms

Symmetric encryption algorithms (or secret key cryptography) are based on the fact that the sender and recipient of information use the same key. This key must be kept secret and transmitted in a manner that cannot be intercepted.

Information exchange is carried out in 3 stages:

the sender transfers the key to the recipient (in the case of a network with several subscribers, each pair of subscribers must have its own key, different from the keys of other pairs);

the sender, using the key, encrypts the message, which is sent to the recipient;

If a unique key is used for each day and for each communication session, this will increase the security of the system.

Stream ciphers

In stream ciphers, that is, when encrypting a data stream, each bit of the original information is encrypted independently of the others using gamma.

Gamma is the imposition of a cipher gamma (a random or pseudo-random sequence of ones and zeros) on open data according to a certain rule. Typically, "exclusive OR" is used, also called modulo 2 addition and implemented in assembly programs with the XOR instruction. For decryption, the same gamma is applied to the encrypted data.

When a random gamma of the same size is used once with the encrypted data, breaking the code is impossible (so-called cryptosystems with a one-time or infinite key). In this case, "infinite" means that the scale does not repeat.

In some stream ciphers, the key is shorter than the message. Thus, the Vernam telegraph system uses a paper ring containing a gamma. Of course, the strength of such a cipher is not ideal.

It is clear that exchanging keys the size of the information being encrypted is not always appropriate. Therefore, the gamma obtained using a pseudorandom number generator (PSG) is more often used. In this case, the key is the generating number (initial value, initializing value, IV) for starting the PNG generator. Each PNG generator has a period, after which the generated sequence is repeated. Obviously, the period of the pseudo-random gamma must exceed the length of the encrypted information.

A PNG generator is considered correct if observation of fragments of its output does not allow one to restore the missing parts or the entire sequence with a known algorithm, but an unknown initial value.

When using a PSC generator, several options are possible:

Bitwise encryption of the data stream. The digital key is used as the initial value of the PNG generator, and the output bit stream is summed modulo 2 with the original information. Such systems lack the property of error propagation.

Bit-by-bit encryption of a data stream with feedback (OS) using ciphertext. This system is similar to the previous one, except that the ciphertext is returned as a parameter to the PNG generator. The property of error propagation is characteristic. The area of ​​error propagation depends on the structure of the PNG generator.

Bitwise encryption of the data stream from the OS using the source text. The base of the PNG generator is the initial information. The property of unlimited error propagation is characteristic.

Bitwise encryption of the data stream from the OS using ciphertext and source text.

Block ciphers

With block encryption, information is divided into blocks of a fixed length and encrypted block by block. Block ciphers come in two main types:

permutation ciphers (transposition, permutation, P-blocks);

substitution ciphers (substitution, S-boxes).

Permutation ciphers rearrange plain data elements (bits, letters, symbols) into some new order. There are ciphers of horizontal, vertical, double permutation, grids, labyrinths, slogans, etc.

Replacement ciphers replace elements of plain data with other elements according to a specific rule. There are simple, complex, pair substitution ciphers, alpha-syllabic encryption and column substitution ciphers. Substitution ciphers are divided into two groups:

monoalphabetic (Caesar code);

polyalphabetic (Widgenere cipher, Jefferson cylinder, Whetstone disk, Enigma).

In monoalphabetic substitution ciphers, a letter in the original text is replaced by another, predetermined letter. For example, in the Caesar code, a letter is replaced by a letter that is separated from it in the Latin alphabet by a certain number of positions. Obviously, such a cipher is quite easy to crack. You need to calculate how often letters appear in the ciphertext and compare the result with the frequency of occurrence of letters known for each language.

In polyalphabetic substitutions, different characters from a certain set are used sequentially to replace some character of the original message in each case of its occurrence. It is clear that this set is not infinite; after a certain number of characters it must be used again. This is the weakness of purely polyalphabetic ciphers.

In modern cryptographic systems, as a rule, both encryption methods (substitution and permutation) are used. Such an encoder is called a product cipher. It is more secure than a scrambler that uses only substitutions or permutations.

Block encryption can be implemented in two ways:

Without feedback (OS). Multiple bits (a block) of the plaintext are encrypted simultaneously, and each bit of the plaintext affects every bit of the ciphertext. However, there is no mutual influence of the blocks, that is, two identical blocks of source text will be represented by the same ciphertext. Therefore, such algorithms can only be used to encrypt a random sequence of bits (for example, keys). Examples are DES in ECB mode and GOST 28147-89 in simple replacement mode.

With feedback. Typically the OS is organized like this: the previous encrypted block is added modulo 2 to the current block. An initialization value is used as the first block in the OS chain. An error in one bit affects two blocks - the erroneous one and the next one. Example - DES in CBC mode.

The PNG generator can also be used for block encryption:

1. Block-based encryption of the data stream. Encryption of consecutive blocks (substitution and permutation) depends on the PNG generator, controlled by a key.
2. Block-by-block encryption of data flow from the OS. The PNG generator is driven by ciphertext or plaintext or both.

The US federal standard DES (Data Encryption Standard) is very widespread, on which the international standard ISO 8372-87 is based. DES has been endorsed by the American National Standards Institute (ANSI) and recommended for use by the American Bankers Association (ABA). DES provides 4 operating modes:

• ECB (Electronic Codebook) electronic cipher pad;
• CBC (Cipher Block Chaining) block chain;
• CFB (Cipher Feedback) ciphertext feedback;
• OFB (Output Feedback) output feedback.

GOST 28147-89 - domestic standard for data encryption. The standard includes three algorithms for encrypting (decrypting) data: a simple replacement mode, a gamma mode, a gamma mode with feedback - and a simulation insertion generation mode.

Using simulated insertion, you can record accidental or intentional modification of encrypted information. You can generate a simulated insertion either before encrypting (after decrypting) the entire message, or simultaneously with encrypting (decrypting) block by block. In this case, the block of information is encrypted with the first sixteen cycles in the simple replacement mode, then added modulo 2 with the second block, the result of the summation is again encrypted with the first sixteen cycles, etc.

GOST 28147-89 encryption algorithms have the advantages of other algorithms for symmetric systems and surpass them in their capabilities. Thus, GOST 28147-89 (256-bit key, 32 encryption cycles) compared to such algorithms as DES (56-bit key, 16 encryption cycles) and FEAL-1 (64-bit key, 4 encryption cycles) has more high cryptographic strength due to a longer key and a greater number of encryption cycles.

It should be noted that, unlike DES, in GOST 28147-89 the substitution block can be arbitrarily changed, that is, it is an additional 512-bit key.

GOST 28147-89 gamma algorithms (256-bit key, 512-bit substitution block, 64-bit initialization vector) are superior in cryptographic strength to the B-Crypt algorithm (56-bit key, 64-bit initialization vector).

The advantages of GOST 28147-89 are also the presence of protection against the imposition of false data (generation of imitative insertion) and the same encryption cycle in all four GOST algorithms.

Block algorithms can also be used to generate gamma. In this case, the gamma is generated in blocks and added block by block modulo 2 with the source text. Examples include B-Crypt, DES in CFB and OFB modes, GOST 28147-89 in gamma and feedback gamma modes.

Asymmetric encryption algorithms

Asymmetric encryption algorithms (or public key cryptography) use one key (public) to encrypt information and another (secret) to decrypt it. These keys are different and cannot be derived from each other.

The information exchange scheme is as follows:

the recipient calculates the public and private keys, keeps the secret key secret, and makes the public key available (informs the sender, a group of network users, publishes);

the sender, using the recipient's public key, encrypts the message that is sent to the recipient;

the recipient receives the message and decrypts it using his private key.

RSA

Protected by US patent N 4405829. Developed in 1977 at the Massachusetts Institute of Technology (USA). It was named after the first letters of the authors' surnames (Rivest, Shamir, Adleman). Cryptographic strength is based on the computational complexity of the problem of factoring a large number into prime factors.

ElGamal

Developed in 1985. Named after the author's surname - El-Gamal. Used in the US standard for digital signature DSS (Digital Signature Standard). Cryptographic strength is based on the computational complexity of the problem of taking the logarithm of integers in finite fields.

Comparison of symmetric and asymmetric encryption algorithms

In asymmetric systems, it is necessary to use long keys (512 bits or more). A long key dramatically increases encryption time. In addition, key generation is very time-consuming. But you can distribute keys over unsecured channels.

Symmetric algorithms use shorter keys, meaning encryption is faster. But in such systems, key distribution is difficult.

Therefore, when designing a secure system, both symmetric and asymmetric algorithms are often used. Since a public key system allows keys to be distributed in symmetric systems, it is possible to combine asymmetric and symmetric encryption algorithms in a system for transmitting protected information. The first one is used to distribute keys, while the second one is used to actually encrypt the transmitted information.

Information can be exchanged as follows:

the recipient calculates the public and private keys, keeps the secret key secret, and makes the public key available;

the sender, using the recipient's public key, encrypts the session key, which is sent to the recipient over an insecure channel;

the recipient receives the session key and decrypts it using his private key;

the sender encrypts the message with a session key and forwards it to the recipient;

the recipient receives the message and decrypts it.

It should be noted that in government and military communication systems only symmetric algorithms are used, since there is no strictly mathematical justification for the stability of public key systems, just as the opposite has not been proven.

Verifying the authenticity of information. Digital signature

When transmitting information, the following must be provided together or separately:

• Confidentiality - an attacker should not be able to find out the content of the transmitted message.
• Authenticity, which includes two concepts:

1. integrity - the message must be protected from accidental or intentional modification;
2. Sender identification (authorship verification) - the recipient must be able to verify who sent the message.

Encryption can provide confidentiality and, in some systems, integrity.

The integrity of the message is checked by calculating the check function of the message - a certain number of small length. This control function must be highly likely to change even with small changes in the message (deletion, inclusion, permutation or reordering of information). The control function is called and calculated in different ways:

Message Authentic Code (MAC);

quadratic congruentical algorithm (Quadratic Congruentical Manipulation Detection Code, QCMDC);

Manipulation Detection Code (MDС);

Message Digest Algorithm (MD5);

check sum;

Block Check Character (BCC);

cyclic redundancy check (CRC);

hash function (hash);

imitation insert in GOST 28147-89;

algorithm with truncation to n bits (n-bit Algorithm with Truncation).

When calculating the control function, some encryption algorithm can be used. It is possible to encrypt the checksum itself.

A digital signature is widely used (a digital addition to the transmitted information, guaranteeing the integrity of the latter and allowing its authorship to be verified). Digital signature models are known based on symmetric encryption algorithms, but when using public key systems, digital signatures are more convenient.

To use the RSA algorithm, the message must be compressed by a hashing function (MD5 - Message Digest Algorithm) to a 256-bit hash (H). The message signature S is calculated as follows:

d
S = H mod n

The signature is sent along with the message.

The identification process consists of obtaining the hash function of the message (H") and comparing it with

e
H = S mod n

Where H- message hash,

S- his signature,

d- The secret key,
e- public key.

The following standards are devoted to authentication:

• authentication (authentication) - ISO 8730-90, ISO/IES 9594-90 and ITU X.509;
• integrity - GOST 28147-89, ISO 8731-90;
• digital signature - ISO 7498, P 34.10-94 (Russia), DSS (Digital Signature Standard, USA).

ISO- International Organization for Standardization /IOS/,
ITU- International Telecommunication Union /ITU/.

Implementation of encryption algorithms

Encryption algorithms are implemented in software or hardware. There are a great variety of purely software implementations of various algorithms. Due to their low cost (some are completely free), as well as the increasing speed of PC processors, ease of operation and reliability, they are very competitive. The Diskreet program from the Norton Utilities package, which implements DES, is widely known.

It is impossible not to mention the PGP package (Pretty Good Privacy, version 2.1, author Philip Zimmermann), which comprehensively solves almost all problems of protecting transmitted information. Data compression before encryption, powerful key management, symmetric (IDEA) and asymmetric (RSA) encryption algorithms, calculation of a control function for a digital signature, and reliable key generation are used.

Publications of the magazine "Monitor" with detailed descriptions of various algorithms and corresponding listings give everyone the opportunity to write their own program (or use a ready-made listing).

Hardware implementation of algorithms is possible using specialized microcircuits (crystals are produced for the DH, RSA, DES, Skipjack algorithms, GOST 28147-89) or using general-purpose components (due to their low cost and high performance, digital signal processors - DSP, Digital Signal Processor, DSP - are promising ).

Among Russian developments, noteworthy are the boards "Krypton" (company "Ankad") and "Grim" (methodology and algorithms of the company "LAN-Crypto", technical development of the Scientific and Production Center "ELiPS").

"Krypton" are single-board devices that use cryptoprocessors (specialized 32-bit microcomputers, also called "blooming"). Bloomings implement GOST 28147-89 algorithms in hardware; they consist of a computer and RAM for storing keys. Moreover, the cryptoprocessor has three areas for storing keys, which allows you to build multi-level key systems.

For greater encryption reliability, two cryptoprocessors operate simultaneously, and a 64-bit data block is considered correctly encrypted only if the information at the output of both bloomings matches. Encryption speed - 250 KB/s.

In addition to two bloomings, the board contains:

controller for interface with the computer bus (with the exception of Krypton-ES boards are designed to work with the ISA bus);

BIOS of the board, designed to interface with the computer and perform self-testing of the device and entering keys into cryptoprocessors;

a random number sensor (RNS) for generating encryption keys, made using noise diodes.

The following types of Krypton boards are produced:

• "Krypton-EC" is intended for PCs of the EC series 1841-1845;
• "Krypton-3";
• "Krypton-4" (overall dimensions have been reduced by moving a number of discrete elements into the base crystals, the exchange speed has been increased thanks to an internal 8-byte buffer);
• "Krypton-IR" is additionally equipped with an IR controller (smart card, smart card, smart card).

In the Krypton-EC, Krypton-3, and Krypton-4 devices, the keys are stored as a file on a floppy disk. In Krypton-IR, the keys are located on the IR, which makes it difficult to forge and copy.

The Grim board uses digital signal processors from Analog Devices ADSP-2105 and ADSP-2101, which gives encryption speeds of 125 and 210 KB/s, respectively. The board has a physical DNG and ROM with programs for the initial test, checking access rights, loading and generating keys. The keys are stored on a non-standard formatted floppy disk. The board implements GOST 28147-89 and digital signature algorithms.

To protect information transmitted over communication channels, channel encryption devices are used, which are manufactured in the form of an interface card or a stand-alone module. The encryption speed of various models is from 9600 bps to 35 Mbps.

In conclusion, we note that information encryption is not a panacea. It should be considered only as one of the methods of information protection and must be used in combination with legislative, organizational and other measures.

Public key cryptology

Boris Obolikshto

It would seem that the impetus given by Shannon should have caused a collapse in results in scientific cryptology. But that did not happen. Only the rapid development of telecommunications, remote access to computers with the imperfection of existing cryptosystems with a secret key brought to life the next and, perhaps, the most interesting stage of cryptology, which dates back to the article by Whitfield Diffie and Marty E. Hellman that appeared in November 1976, “New Directions in cryptography". W. Diffie himself dates the receipt of the results published in November 1976 to May of the same year; Thus, we have a reason to celebrate the TWENTIETH ANNIVERSARY of public key cryptology from May to November.

One of the problems that has remained unresolved in traditional cryptography is the distribution of secret keys. The idea of ​​transmitting a “secret” key over an open channel seems crazy at first glance, but if, abandoning perfect secrecy, we limit ourselves to practical security, then we can come up with a way to exchange keys.

The first of the popular methods was exponential key exchange. Its essence is as follows:

• Alice and Bob (involving as parties not the abstract “A” and “B”, but the cute Alice and Bob, has become a tradition in this field of cryptology) choose random numbers Xa and Xb, respectively.
• Alice gives Bob Ya =aXa (mod q), and Bob to Alice - Yb =aXb (mod q).

Here a- the so-called primitive element of a finite Galois field GF (q), the remarkable property of which for us is that its powers give all non-zero values ​​of the field elements. The value is used as the secret key

Ya =aXaXb (mod q),

which Alice obtains by raising the number given by Bob to a power Xa, known only to her, and Bob - a number received from Alice to a power known only to him Xb. The cryptanalyst is forced to calculate the logarithm of at least one of the transmitted numbers.

The stability of exponential key exchange is based on the so-called one-sidedness of the exponentiation function: the computational complexity of obtaining Ya from Xa for a q of length 1000 bits is on the order of 2000 multiplications of 1000 bit numbers, while the inverse operation will require approximately 1030 operations. ONE-WAY functions, which have a similar asymmetry in the computational complexity of the forward and inverse problems, play a leading role in public key cryptography.

Even more interesting is the one-way function with a secret passage (“trapdoor”). The idea is to build a function that can only be reversed by knowing some “loophole” - a secret key. Then the function parameters serve as a public key that Alice can transmit over an insecure channel to Bob; Bob, using the received public key, performs encryption (calculating a direct function) and transmits the result to Alice over the same channel; Alice, knowing the "loophole" (secret key), easily calculates the inverse function, while the cryptanalyst, not knowing the secret key, is doomed to solve a much more complex problem.

In 1976, R.C. Merkle managed to construct such a function based on the problem of packing a backpack. The task itself is one-sided: knowing the subset of loads placed in the backpack, it is easy to calculate the total weight, but knowing the weight, it is not easy to determine the subset of loads. In our case, we used a one-dimensional version of the problem: a load vector and the sum of the components of its subvectors. Having built in a “loophole”, it was possible to obtain the so-called Merkle-Hellman backpack system. The first public key cryptosystem worked, and Merkle offered $100 to anyone who could solve it.

The award went to Adi Shamir six years after his March 1982 publication of a single-iteration Merkle-Hellman backpack system. At the Crypto"82 conference, L. Adleman demonstrated the disclosure of the backpack system on an Apple II computer. Note that Shamir did not construct a way to reverse the task of obtaining the value of the secret key; he managed to construct a key that is not necessarily equal to the secret one, but allows revealing cipher This is one of the greatest dangers for public key cryptography: there is no strict proof of the one-sidedness of the algorithms used, i.e., no one is guaranteed that it will be possible to find a decryption method that probably does not require solving the inverse problem, the high complexity of which allows one to hope for practical strength of the cipher.It is good if a world-renowned scientist (in 1982, A. Shamir was already known as one of the authors of the RSA system) is able to crack a particular system.But what if an unambitious hacker succeeds in this?

To conclude the drama about the backpack system, let us mention another bet that Merkle made with those who wanted to discover an improved system with many iterations for the amount of $1000. And this amount had to be paid. It was obtained by E. Brickell, who in the summer of 1984 discovered a system with forty iterations and one hundred parcels per hour of Cray-1 operation.

The fate of the RSA system, named after the first letters of the surnames of its authors R. Rivest and the already familiar A. Shamir and L. Adlman, is much more successful today. By the way, Alice and Bob owe their birth to the first systematic presentation of the RSA algorithm. With their “help,” the authors in 1977 described a system based on the one-sided properties of the factorization function (multiplying is easy, but factoring is not).

The development of public key cryptology allowed cryptological systems to quickly find widespread commercial use. But intensive use of cryptography does not come without its complications. From time to time we learn about troubles in one or another security system. The latest high-profile incident in the world was the hacking of the Kerberos system. This system, developed in the mid-80s, is quite popular in the world, and its hacking caused considerable concern among users.

In the case of Kerberos, the problem was not in the encryption algorithm, but in the way the random numbers were obtained, that is, in the method of implementing the algorithm. When news of a random number generation flaw in Netscape software discovered by Berkeley students last October came through, Stephen Laudin discovered a similar problem in Kerberos. Together with Brian Dole, he managed to find a hole in the Kerberos system. The characters in this story are not amateurs. Graduates of Purdue University (Illinois) collaborated with the COAST (Computer Operations, Audit, and Security Technology) laboratory, professionally engaged in computer security issues and led by Prof. Spafford, who is also the founder of PCERT (Purdue Computer Emergency Response Team), the university's "quick response" team for computer emergencies. PCERT, in turn, is a member of a similar international organization FIRST (Forum of Incident Response Teams). As we can see, sappers found the mine, and this gives us hope that users of cryptosystems will not remain defenseless even if flaws are identified.

The content of the first address to the press (dated February 16, 1996), which was made on behalf of the discoverers by Prof. Spafford. It, along with information about the unreliability of the password system and the possibility of hacking it within five minutes, refers to the delay in further dissemination of technical information until the developers make adjustments to prevent unauthorized access.

Our mistakes were not spared either. Fortunately, there are professionals in our area who can promptly find and show the weak points of the security system. Another month has not passed since the specialists of the Kyiv LLC "Fintronik" P.V. Leskov and V.V. Tatyanin demonstrated the shortcomings of one of the popular banking security systems: the time for opening ciphertexts was less than 6 minutes, and the time required for an uncontrolled violation of the integrity of a document (bypassing the authentication system) was less than 5 minutes. And here we, the reader, will also have to wait until the developers make the necessary changes. And then we will be able to tell you in more detail about how and what was done.

Literature:

1. Vodolazsky V. Commercial encryption systems: basic algorithms and their implementation. Part 1. // Monitor. - 1992. - N 6-7. - c. 14 - 19.
2. Ignatenko Yu.I. How to make it so?.. // PC World. - 1994. - N 8. - p. 52 - 54.
3. Kovalevsky V., Maksimov V. Cryptographic methods. // ComputerPress. - 1993. - N 5. - p. 31 - 34.
4. Maftik S. Protection mechanisms in computer networks. - M.: Mir, 1993.
5. Spesivtsev A.V., Wegner V.A., Krutyakov A.Yu. and others. Information protection in personal computers. - M.: Radio and communications, 1992.
6. Xiao D., Kerr D., Madnik S. Computer protection. - M.: Mir, 1982.
7. Shmeleva A. Make-up - what is it? // Hard "n" Soft. - 1994. - N 5.
8. GOST 28147-89. Information processing systems. Cryptographic protection. Cryptographic conversion algorithm.

Data encryption is extremely important to protect privacy. In this article, I will discuss the different types and methods of encryption that are used to protect data today.

Did you know?
Back in Roman times, encryption was used by Julius Caesar to make letters and messages unreadable to the enemy. It played an important role as a military tactic, especially during wars.

As the capabilities of the Internet continue to grow, more and more of our businesses are being conducted online. Among these, the most important are Internet banking, online payment, emails, exchange of private and official messages, etc., which involve the exchange of confidential data and information. If this data falls into the wrong hands, it can harm not only the individual user, but also the entire online business system.

To prevent this from happening, several network security measures have been taken to protect the transmission of personal data. Chief among these are the processes of encrypting and decrypting data, which is known as cryptography. There are three main encryption methods used in most systems today: hashing, symmetric and asymmetric encryption. In the following lines, I will talk about each of these encryption types in more detail.

Encryption types

Symmetric encryption

In symmetric encryption, normal readable data, known as plain text, is encrypted so that it becomes unreadable. This data scrambling is done using a key. Once the data is encrypted, it can be sent securely to the receiver. At the recipient, the encrypted data is decoded using the same key that was used for encoding.

Thus, it is clear that the key is the most important part of symmetric encryption. It must be hidden from outsiders, since anyone who has access to it will be able to decrypt private data. This is why this type of encryption is also known as a "secret key".

In modern systems, the key is usually a string of data that is derived from a strong password, or from a completely random source. It is fed into symmetric encryption software, which uses it to keep the input data secret. Data scrambling is achieved using a symmetric encryption algorithm, such as Data Encryption Standard (DES), Advanced Encryption Standard (AES), or International Data Encryption Algorithm (IDEA).

Restrictions

The weakest link in this type of encryption is the security of the key, both in terms of storage and transmission to the authenticated user. If a hacker is able to obtain this key, he can easily decrypt the encrypted data, defeating the entire purpose of encryption.

Another disadvantage is that the software that processes the data cannot work with encrypted data. Therefore, to be able to use this software, the data must first be decoded. If the software itself is compromised, then an attacker can easily obtain the data.

Asymmetric encryption

Asymmetric key encryption works similar to symmetric key in that it uses a key to encrypt the messages being transmitted. However, instead of using the same key, he uses a completely different one to decrypt this message.

The key used for encoding is available to any and all network users. As such it is known as a "public" key. On the other hand, the key used for decryption is kept secret and is intended for private use by the user himself. Hence, it is known as the "private" key. Asymmetric encryption is also known as public key encryption.

Since, with this method, the secret key needed to decrypt the message does not have to be transmitted every time, and it is usually known only to the user (receiver), the likelihood that a hacker will be able to decrypt the message is much lower.

Diffie-Hellman and RSA are examples of algorithms that use public key encryption.

Restrictions

Many hackers use man-in-the-middle as a form of attack to bypass this type of encryption. In asymmetric encryption, you are given a public key that is used to securely exchange data with another person or service. However, hackers use network deception to trick you into communicating with them while you are led to believe that you are on a secure line.

To better understand this type of hacking, consider two interacting parties, Sasha and Natasha, and a hacker, Sergei, with the intent to intercept their conversation. First, Sasha sends a message over the network intended for Natasha, asking for her public key. Sergei intercepts this message and obtains the public key associated with her and uses it to encrypt and send a false message to Natasha containing his public key instead of Sasha's.

Natasha, thinking that this message came from Sasha, now encrypts it with Sergei's public key, and sends it back. This message was again intercepted by Sergei, decrypted, modified (if desired), encrypted again using the public key that Sasha originally sent, and sent back to Sasha.

Thus, when Sasha receives this message, he has been led to believe that it came from Natasha and remains unaware of foul play.

Hashing

The hashing technique uses an algorithm known as a hash function to generate a special string from the given data, known as a hash. This hash has the following properties:

• the same data always produces the same hash.
• It is not possible to generate raw data from a hash alone.
• It is not practical to try different combinations of inputs to try to generate the same hash.

Thus, the main difference between hashing and the other two forms of data encryption is that once the data is encrypted (hashed), it cannot be retrieved back in its original form (decrypted). This fact ensures that even if a hacker gets his hands on the hash, it will be of no use to him, since he will not be able to decrypt the contents of the message.

Message Digest 5 (MD5) and Secure Hashing Algorithm (SHA) are two widely used hashing algorithms.

Restrictions

As mentioned earlier, it is almost impossible to decrypt data from a given hash. However, this is only true if strong hashing is implemented. In the case of a weak implementation of the hashing technique, using enough resources and brute force attacks, a persistent hacker can find data that matches the hash.

Combination of encryption methods

As discussed above, each of these three encryption methods suffers from some disadvantages. However, when a combination of these methods is used, they form a secure and highly effective encryption system.

Most often, private and public key techniques are combined and used together. The private key method allows for quick decryption, while the public key method offers a safer and more convenient way to transmit the secret key. This combination of methods is known as the "digital envelope". PGP email encryption software is based on the "digital envelope" technique.

Hashing is used as a means of checking the strength of a password. If the system stores a hash of the password instead of the password itself, it will be more secure, since even if a hacker gets his hands on this hash, he will not be able to understand (read) it. During verification, the system will check the hash of the incoming password, and see if the result matches what is stored. This way, the actual password will only be visible during brief moments when it needs to be changed or verified, greatly reducing the likelihood of it falling into the wrong hands.

Hashing is also used to authenticate data using a secret key. A hash is generated using the data and this key. Therefore, only the data and hash are visible, and the key itself is not transmitted. This way, if changes are made to either the data or the hash, they will be easily detected.

In conclusion, these techniques can be used to efficiently encode data into an unreadable format that can ensure that it remains secure. Most modern systems typically use a combination of these encryption methods along with strong algorithm implementations to improve security. In addition to security, these systems also provide many additional benefits, such as verifying the user's identity and ensuring that the data received cannot be tampered with.

Send your good work in the knowledge base is simple. Use the form below

Students, graduate students, young scientists who use the knowledge base in their studies and work will be very grateful to you.

Course work

On the topic of:

Data encryption algorithms

Introduction

1. Purpose and structure of encryption algorithms

1.1 Overview of cryptographic methods

2. Symmetric encryption algorithm

2.1 Structure of encryption algorithms

3. Application of a symmetric encryption algorithm

Conclusion

Bibliography

Introduction

The problem of protecting information by transforming it so that it cannot be read by an outsider has worried the human mind since ancient times.

Why has the problem of using cryptographic methods in information systems become particularly relevant at the moment?

To this day, every known form of commerce is potentially susceptible to fraud, from market markings to false invoices and counterfeit currency. E-commerce schemes are no exception. Only strong cryptography can prevent these forms of attack.

Electronic money without cryptography will not survive. The Internet is gradually turning into an Information Highway. This is due to the fact that the number of Internet users is constantly growing, like an avalanche. In addition to the usual exchange of information, business relationships penetrate the Network, which always entail monetary payments. There are many examples of online trading of various goods and services. This is traditional trade, supported by the capabilities of the Network, when the buyer can choose a product from huge catalogs and even examine this product (such a service, based on the transfer of three-dimensional images, is becoming increasingly common). This is access to tourist services, when you can find out in advance everything about the place of your trip and the level of service, look at photographs (nature, restaurants, swimming pools, room furnishings...), book a trip and book air tickets. There are quite a few such examples, and many of them involve monetary payments.

As for payments using a credit card, its disadvantages are obvious: you need to get a card (and in Russia not everyone knows what it is), there are also fears that everyone on the Internet will know your credit card codes and evil people will clear your account. In fact, the likelihood of such fraud is no greater than that when exchanging currency you will be given counterfeit money. And in general, there are no more problems with electronic money than with ordinary ones. Several payment systems have been developed to carry out payments on the Internet. Which either cleverly use existing credit cards, or rely on pure electronic money, that is, a secure file system that stores records of your account status. There are more than a dozen such systems in the world, and there are also several in Russia, the most common of which is CyberPlat.

1. Payments on the Internet involve the transfer of special information that cannot be disclosed to unauthorized persons.

2. When making payments, it is necessary to have a guarantee that all actors (buyer, seller, bank or payment system) are exactly who they say they are.

These two factors are enough to understand that without cryptography, payments on the Internet are impossible, and the very idea of ​​​​electronic money presupposes reliable protection of information and a guarantee that no one will be able to replace the participant in the transaction and thus steal electronic money.

The emergence of new powerful computers, network and neutron computing technologies has made it possible to discredit cryptographic systems that until recently were considered unbreakable.

All this constantly pushes researchers to create new cryptosystems and carefully analyze existing ones.

The relevance and importance of the problem of ensuring information security is due to the following factors:

* Current levels and rates of development of information security tools lag significantly behind the levels and rates of development of information technologies.

* High growth rates of the fleet of personal computers used in various areas of human activity.

1. Purpose and structure of encryption algorithms

Encryption is the most widely used cryptographic method for maintaining the confidentiality of information; it protects data from unauthorized access. First, let's look at the basic methods of cryptographic information protection. In a word, cryptography- the science of information security using mathematical methods. There is also a science opposite to cryptography and dedicated to methods of opening protected information - cryptanalysis. The combination of cryptography and cryptanalysis is commonly called cryptology. Cryptographic methods can be classified in various ways, but most often they are divided depending on the number of keys used in the corresponding cryptographic algorithms (see Fig. 1):

1. Keyless, which does not use any keys.

2. Single-key - they use some additional key parameter - usually a secret key.

3. Two-key, using two keys in their calculations: secret and public.

Rice. 1. Cryptoalgorithms

1.1 Overview of Cryptographic Methods

Encryption is the main method of protection; Let's look at it in detail below.

It is worth saying a few words about other cryptographic methods:

1. An electronic signature is used to confirm the integrity and authorship of the data. Data integrity means that the data has not been accidentally or intentionally altered during storage or transmission.

Electronic signature algorithms use two types of keys:

o the secret key is used to calculate the electronic signature;

o the public key is used to verify it.

When using a cryptographically strong electronic signature algorithm and when properly storing and using the secret key (that is, when it is impossible for anyone other than its owner to use the key), no one else is able to calculate the correct electronic signature of any electronic document.

2. Authentication allows you to verify that the user (or remote computer) really is who he claims to be. The simplest authentication scheme is a password one - a password is used as a secret element, which is presented by the user when checking it. Such a scheme has been proven to be weak if special administrative and technical measures are not applied to strengthen it. And based on encryption or hashing (see below), you can build really strong user authentication schemes.

3. There are various cryptographic checksumming methods:

o key and keyless hashing;

o calculation of imitation prefixes;

o use of message authentication codes.

In fact, all of these methods, in various ways, calculate from data of arbitrary size, with or without a secret key, a checksum of a fixed size that uniquely matches the original data.

Such cryptographic checksumming is widely used in various information security methods, for example:

o to confirm the integrity of any data in cases where the use of an electronic signature is impossible (for example, due to high resource consumption) or is redundant;

o in the electronic signature schemes themselves, it is usually the hash of the data that is “signed”, and not the entire data;

o in various user authentication schemes.

4. Random and pseudo-random number generators allow you to create sequences of random numbers that are widely used in cryptography, in particular:

o Random numbers are needed to generate secret keys, which, ideally, should be completely random;

o random numbers are used in many electronic signature algorithms;

o Random numbers are used in many authentication schemes.

It is not always possible to obtain absolutely random numbers - this requires high-quality hardware generators. However, based on symmetric encryption algorithms, it is possible to build high-quality pseudo-random number generators.

2 Symmetric encryption algorithm

Encryption information is the transformation of open information into encrypted information (which is most often called ciphertext or cryptogram), and vice versa. The first part of this process is called encryption, second - decryption.

You can think of encryption as the following formula:

C = E k1(M), Where:

M(message) - open information,

WITH(cipher text) - the ciphertext obtained as a result of encryption,

E(encryption) - an encryption function that performs cryptographic transformations over M,

k1(key) - function parameter E, called key encryption.

In the GOST 28147-89 standard (the standard defines the domestic symmetric encryption algorithm) the concept key is defined as follows: “A specific secret state of some parameters of a cryptographic transformation algorithm, ensuring the selection of one transformation from a set of all possible transformations for a given algorithm.”

The key can belong to a specific user or group of users and be unique for them. Information encrypted using a specific key can only be decrypted using only the same key or a key related to it by a certain relationship.

The decryption can be represented in a similar way:

M" = D k2(C), Where:

M"- message received as a result of decryption,

D(decryption) - decryption function; just like the encryption function, it performs cryptographic transformations on the ciphertext,

k2- decryption key.

To obtain the correct plaintext as a result of decryption (that is, the same one that was previously encrypted: M" = M), the following conditions must be simultaneously met:

1. The decryption function must match the encryption function.

2. The decryption key must match the encryption key.

If the correct key is missing k2 get original message M" = M using the correct function D impossible. The word “impossible” in this case usually means the impossibility of computing in real time with existing computing resources.

Encryption algorithms can be divided into two categories (see Fig. 1):

1. Symmetric encryption algorithms.

2. Asymmetric encryption algorithms.

In algorithms symmetric encryption For decryption, the same key is usually used as for encryption, or a key related to it by some simple relationship. The latter is much less common, especially in modern encryption algorithms. Such a key (common for encryption and decryption) is usually called simply encryption key.

IN asymmetric encryption encryption key k1 easily calculated from the key k2 in such a way that reverse calculation is impossible. For example, the key relationship could be:

k1 = ak2 mod p,

where a and p are the parameters of the encryption algorithm, which have a sufficiently large dimension.

This key relationship is also used in electronic signature algorithms.

The main characteristic of the encryption algorithm is cryptographic strength, which determines its resistance to disclosure by cryptanalysis methods. Typically this characteristic is determined by the time interval required to crack the cipher.

Symmetric encryption is less convenient due to the fact that when transmitting encrypted information to someone, it is necessary for the recipient to receive a key in advance to decrypt the information. Asymmetric encryption does not have this problem (since the public key can be freely transmitted over the network), however, it does have its own problems, in particular the problem of public key spoofing and slow encryption speed. Most often, asymmetric encryption is used in conjunction with symmetric encryption - to transmit the symmetric encryption key, which encrypts the bulk of the data. However, key storage and transfer schemes are a topic for a separate article. Here I will allow myself to state that symmetric encryption is used much more often than asymmetric encryption, so the rest of the article will be devoted only to symmetric encryption.

There are two types of symmetric encryption:

· Block encryption- information is divided into blocks of a fixed length (for example, 64 or 128 bits), after which these blocks are encrypted one by one. Moreover, in different encryption algorithms or even in different operating modes of the same algorithm, blocks can be encrypted independently of each other or “with chaining” - when the result of encrypting the current block of data depends on the value of the previous block or on the result of encrypting the previous block.

· Stream encryption- necessary, first of all, in cases where information cannot be divided into blocks - say, a certain stream of data, each character of which must be encrypted and sent somewhere, without waiting for the remaining data sufficient to form the block. Therefore, stream encryption algorithms encrypt data bit by bit or character by character. Although it is worth saying that some classifications do not distinguish between block and stream encryption, considering that stream encryption is the encryption of blocks of unit length.

Let's look at what block symmetric encryption algorithms look like from the inside.

2.1 Structure of encryption algorithms

The vast majority of modern encryption algorithms work in a very similar way: a certain transformation is performed on the ciphertext using the encryption key, which is repeated a certain number of times (rounds). At the same time, depending on the type of repeated transformation, encryption algorithms are usually divided into several categories. There are also various classifications here, I will give one of them. So, according to their structure, encryption algorithms are classified as follows:

1. Algorithms based on the Feistel network.

The Feistel network involves dividing the processed data block into several subblocks (most often into two), one of which is processed by a certain function f() and overlaps one or more other subblocks. In Fig. Figure 2 shows the most common structure of algorithms based on the Feistel network.

Rice. 2. Structure of algorithms based on the Feistel network.

Additional function argument f(), indicated in Fig. 2 how Ki, called round key. The round key is the result of processing the encryption key by the key expansion procedure, the task of which is to obtain the required number of keys Ki from an initial encryption key of a relatively small size (currently, a size of 128 bits is considered sufficient for a symmetric encryption key). In the simplest cases, the key expansion procedure simply splits the key into several fragments, which are used alternately in encryption rounds; Much more often, the key expansion procedure is quite complex, and the keys Ki depend on the values ​​of most bits of the original encryption key.

The superposition of a processed subblock onto an unprocessed one is most often done using the logical XOR operation (as shown in Fig. 2). Quite often, instead of XOR, modulo addition is used here 2 n, Where n- subblock size in bits. After overlay, the subblocks are swapped, that is, in the next round of the algorithm, a different subblock of data is processed.

This structure of encryption algorithms got its name from Horst Feistel, one of the developers of the Lucifer encryption algorithm and the DES (Data Encryption Standard) algorithm developed on its basis, a former (but still widely used) US encryption standard. Both of these algorithms have a structure similar to that shown in Fig. 2. Among other algorithms based on the Feistel network, we can cite as an example the domestic encryption standard GOST 28147-89, as well as other very well-known algorithms: RC5, Blowfish, TEA, CAST-128, etc.

Most modern encryption algorithms are based on the Feistel network - due to the many advantages of such a structure, among which the following are worth noting:

o Algorithms based on the Feistel network can be designed in such a way that the same algorithm code can be used for encryption and decryption - the difference between these operations can only be in the order of application of the keys Ki; This property of the algorithm is most useful when implemented in hardware or on platforms with limited resources; An example of such an algorithm is GOST 28147-89.

o Algorithms based on the Feistel network are the most studied - a huge amount of cryptanalytic research has been devoted to such algorithms, which is an undoubted advantage both in the development of the algorithm and in its analysis.

There is also a more complex structure of the Feistel network, an example of which is shown in Fig. 3.

Rice. 3. Structure of the Feistel network.

This structure is called generalized or expanded Feistel network and is used much less frequently than the traditional Feistel network. An example of such a Feistel network is the RC6 algorithm.

2. Algorithms based permutation networks (SP network- Substitution-permutation network).

Unlike the Feistel network, SP networks process the entire encrypted block in one round. Data processing comes down mainly to replacements (when, for example, a fragment of an input value is replaced by another fragment in accordance with a replacement table, which may depend on the key value Ki) and permutations depending on the key Ki(a simplified diagram is shown in Fig. 4).

Rice. 4. Substitution-permutation network.

However, such operations are also typical for other types of encryption algorithms, therefore, in my opinion, the name “substitution-permutation network” is quite arbitrary.

SP networks are much less common than Feistel networks; Examples of SP networks include the Serpent or SAFER+ algorithms.

3. Algorithms with structure "square"(Square).

The “square” structure is characterized by the representation of the encrypted data block in the form of a two-dimensional byte array. Cryptographic transformations can be performed on individual bytes of an array, as well as on its rows or columns.

The algorithm structure takes its name from the Square algorithm, which was developed in 1996 by Vincent Rijmen and Joan Daemen, the future authors of the Rijndael algorithm, which became the new US AES encryption standard after winning an open competition. The Rijndael algorithm also has a Square-like structure; also examples include the Shark algorithm (an earlier development of Ridgeman and Damen) and Crypton. The disadvantage of algorithms with a “square” structure is their lack of knowledge, which did not prevent the Rijndael algorithm from becoming the new US standard.

Rice. 5. Rijndael algorithm.

In Fig. Figure 5 shows an example of an operation on a data block performed by the Rijndael algorithm.

4. Algorithms with a non-standard structure, that is, those algorithms that cannot be classified into any of the listed types. It is clear that ingenuity can be limitless, so it is difficult to classify all possible options for encryption algorithms. An example of an algorithm with a non-standard structure is the FROG algorithm, which is unique in its structure, in each round of which two bytes of encrypted data are modified according to fairly complex rules (see Fig. 6).

Rice. 6. Modification of two bytes of encrypted data.

Strict boundaries between the structures described above are not defined, so quite often there are algorithms classified by various experts as different types of structures. For example, the CAST-256 algorithm is referred to by its author as an SP network, and many experts call it an extended Feistel network. Another example is the HPC algorithm, called the Feistel network by its author, but considered by experts to be an algorithm with a non-standard structure.

3. Application of SIMmetric encryption algorithm

cryptography algorithm symmetric encryption

Symmetric encryption methods are convenient because to ensure a high level of data transmission security, it is not necessary to create long keys. This allows you to quickly encrypt and decrypt large amounts of information. At the same time, both the sender and the recipient of the information own the same key, which makes authentication of the sender impossible. In addition, to begin working with the use of a symmetric algorithm, the parties need to securely exchange a secret key, which is easy to do in person, but very difficult if it is necessary to transfer the key through any means of communication.

The work scheme using a symmetric encryption algorithm consists of the following stages:

the parties install software on their computers that provides encryption and decryption of data and the primary generation of secret keys;

a secret key is generated and distributed between participants in the information exchange. Sometimes a list of one-time keys is generated. In this case, a unique key is used for each information transfer session. In this case, at the beginning of each session, the sender notifies the recipient about the serial number of the key that he used in this message;

the sender encrypts the information using installed software that implements a symmetric encryption algorithm;

encrypted information is transmitted to the recipient via communication channels;

the recipient decrypts the information using the same key as the sender.

Below is an overview of some symmetric encryption algorithms:

DES (Data Encryption Standard). Developed by IBM and widely used since 1977. Currently somewhat outdated, since the key length used in it is not sufficient to ensure resistance to attack by exhaustive search of all possible key values. The discovery of this algorithm was made possible thanks to the rapid development of computer technology, which has made a huge leap since 1977;

Triple DES. This is an advanced version of DES that uses the DES algorithm for encryption three times with different keys. It is significantly more resistant to hacking than DES;

Rijndael. The algorithm was developed in Belgium. Works with keys of length 128, 192 and 256 bits. At the moment, cryptography experts have no complaints about it;

Skipjack. The algorithm was created and used by the US National Security Agency. The key length is 80 bits. Encryption and decryption of information is performed cyclically (32 cycles);

IDEA. The algorithm is patented in the USA and a number of European countries. The patent holder is Ascom-Tech. The algorithm uses cyclic processing of information (8 cycles) by applying a number of mathematical operations to it;

RC4. The algorithm is specially designed for quickly encrypting large volumes of information. It uses a key of variable length (depending on the required level of information security) and works much faster than other algorithms. RC4 refers to the so-called stream ciphers.

In accordance with US law (International Traffic in Arms Peguiation Agreement), cryptographic devices, including software, are classified as weapons systems.

Therefore, when exporting software products that use cryptography, permission from the State Department is required. In fact, the export of cryptographic products is controlled by the NSA (National Security Agency). The US government is very reluctant to issue such licenses, as it could harm US national security. However, Hewlett-Packard was recently granted permission to export its Ver Secure cryptographic suite to the UK, Germany, France, Denmark and Australia. Now HP can operate systems in these countries that use the 128-bit Triple DES crypto standard, which is considered absolutely reliable.

CONCLUSION

The choice for specific IP should be based on an in-depth analysis of the strengths and weaknesses of certain protection methods. A justified choice of a particular protection system, in general, should be based on some efficiency criteria. Unfortunately, suitable methods for assessing the effectiveness of cryptographic systems have not yet been developed.

The simplest criterion for such efficiency is the probability of revealing a key or the power of a set of keys. In essence, this is the same as cryptographic strength. To estimate it numerically, you can also use the complexity of solving the cipher by trying all the keys.

However, this criterion does not take into account other important requirements for cryptosystems:

* impossibility of disclosing or meaningful modification of information based on analysis of its structure,

* perfection of the security protocols used,

* minimum amount of key information used,

* minimum complexity of implementation (in the number of machine operations), its cost,

* high efficiency.

It is, of course, desirable to use some integral indicators that take into account these factors.

To take into account the cost, labor intensity and volume of key information, you can use specific indicators - the ratio of the specified parameters to the power of the set of cipher keys.

It is often more effective to use expert judgment and simulation when selecting and evaluating a cryptographic system.

In any case, the selected set of cryptographic methods must combine both convenience, flexibility and efficiency of use, as well as reliable protection of information circulating in the information system from attackers.

Elliptic functions are also a symmetric encryption method.

Elliptic curves are mathematical objects that mathematicians have studied intensively since the 17th century. N. Koblitz and V. Miller independently proposed public key cryptographic security systems that use the properties of an additive group of points on an elliptic curve for encryption. These works formed the basis of cryptography based on the elliptic curve algorithm.

Many researchers and developers have tested the ECC algorithm for strength. Today, ECC offers a shorter and faster public key, providing a practical and secure technology applicable in various fields. The use of cryptography based on the ECC algorithm does not require additional hardware support in the form of a cryptographic coprocessor. All this allows us to now use public key cryptographic systems to create inexpensive smart cards.

Bibliography

1) Chmora A.L. Modern applied cryptography. 2nd ed., erased. - M.: Helios ARV, 2004. - 256 pp.: ill.

2) A.G. Rostovtsev, N.V. Mikhailova Methods of cryptanalysis of classical ciphers.

3) A. Salomaa Public key cryptography.

4) Gerasimenko V.A. Information protection in automated data processing systems book. 1.-M.: Energoatomizdat. -2004.-400s.

5) Gregory S. Smith. Data encryption programs // PC World -2007. -No. 3.

6) Rostovtsev A. G., Mikhailova N. V. Methods of cryptanalysis of classical ciphers. -M.: Nauka, 2005. -208 p.

Posted on http://www.allbest.ru/

Similar documents

The history of the emergence of symmetric encryption algorithms. The role of a symmetric key in ensuring the degree of secrecy of a message. Diffusion and confusion as methods of converting data bits. Encryption algorithms DES and IDEA, their main advantages and disadvantages.

laboratory work, added 03/18/2013


Features of data encryption, purpose of encryption. The concept of cryptography as a science, the main tasks. Analysis of the gamma method, substitution and permutation method. Symmetric private key encryption methods: advantages and disadvantages.

course work, added 05/09/2012


The principle of software implementation of classical cryptographic methods. Encryption method using the Vigenère table. Creating a text editor "Notepad" containing encryption methods. Verbal algorithm and program for encryption methods.

course work, added 01/20/2010


History of cryptography. Comparison of encryption algorithms, application in the operating system. Analysis of products in the field of custom encryption. Enable or disable elliptic curve encryption. Using a hash function. Electronic signature.

course work, added 09/18/2016


The emergence of ciphers, the history of the evolution of cryptography. A method of applying knowledge of the features of natural text for encryption needs. Criteria for determining naturalness. A method for constructing symmetric encryption algorithms. Public key cryptosystem.

abstract, added 05/31/2013


Cryptography and encryption. Symmetric and asymmetric cryptosystems. Basic modern encryption methods. Encryption algorithms: replacement (substitution), permutation, gamma. Combined encryption methods. Software encryptors.

abstract, added 05/24/2005


Automation of the encryption process based on modern information technologies. Cryptographic security measures. Cryptographic key management. Comparison of symmetric and asymmetric encryption algorithms. Information encryption programs.

course work, added 12/02/2014


History of symmetric encryption algorithms (private key encryption). Standards for cryptographic algorithms. Random number sensors, key generation. Area of ​​interest: cryptanalysis. Electronic signature systems. Reverse transformation of information.

summary, added 06/12/2013


Basic methods of cryptographic information protection. Caesar encryption system with a numeric key. Double permutation algorithms and magic squares. El Gamal encryption scheme. Method of single permutation by key. RSA data encryption cryptosystem.

laboratory work, added 02/20/2014


A brief history of the development of cryptographic methods of information security. The essence of encryption and cryptography with symmetric keys. Description of analytical and additive encryption methods. Public key cryptography methods and digital certificates.