Friday 27 October 2006

Cryptography & Keys

Cryptography is securing (encrypting and ultimately decrypting) data so that sensitive information can be stored safely or transmitted across insecure networks.

Some Terminology -

Key - A sequence of bits, used by encryption algorithmns.

A 40 bit key > 10011110 01010101 00001010 01101001 00011100

Plaintext - The original message / content that was encrypted
Ciphertext - The encrypted version of a message
Cryptographic Strength - Time / Resources to break the ciphertext.

Cryptography works by applying a cipher or algorithm to plaintext to produce the ciphertext.
A key is used in conjunction with the algorithm. This way, the same algorithmn encrypts differently with different keys.

Cryptographic strength is dependent on a) algorithmn strength and b) key secrecy

Cryptographic Systems : Symmetric vs Asymmetric

Symmetric Cryptography (Private-key cryptography) -
Both sender & receiver have the SAME key.

Asymmetric Cryptography (Public-key cryptography)
Both sender & receiver have a PAIR of keys (public & private).
The public key is published (eg in the email signature of PGP users) whereas the private key is exactly that.
The receiver's key can decrypt messages encyrpted with the sender's key (& vice versa)
Any knowing the public key can Encrypt, but only people knowing the private key can Decrypt.
Asymmetric decryption is much slower and key sizes are bigger than symmetric keys.

n-bit Encryption
Simply, this refers to the key length used to encrypt data.
1 ASCII character = 8 bits, hence 128bit encyrption with an ASCII key means (8 x 13 = 128), a 13 character key length.
1 HEX character = 4 bits, hence 128bit encryption with a HEX key means (4 x 26 = 128), a 26 character key length

The number of combinations possible (i.e sequential attempts required to crack ciphertext via brute force) can be expressed as 2^n, where n is the represents the bit strength of the key.

For 40 bit encryption >
2^40 = 1099511627776 combinations

For 64 bit encryption >
2^64 = 18446744073709551616 combinations

For 128 bit encryption >
2^128 = 3.40282367 × 10^38 combinations

For 256 bit encryption >
2^256 = 1.1579208923731619542357098500869 x 10^77 combinations

No comments: