Fundamentals of Cryptology - Research Proposal Example

? FUNDAMENTALS OF CRYPTOLOGY by Introduction Modern communication and data transfer across the internet has posed numerous challenges in terms of security and authenticity. Data protection from eavesdropping and potential hackers has seen a rise to complex and fool proof systems to ensure intended recipients get quality data. Issues such as proof of ownership, data integrity, authenticity, and data interception have made protection of sensitive information being transmitted a prime are of concern to parties involved. Furthermore, the user of interconnected computers and breakthrough is file and system sharing, make personal information and data even more vulnerable to these threats. At this point cryptology fits in perfectly to address the above issues accordingly. At the base of all internet communication and data security lays cryptology that serves as the foundation to security and data authenticity. Cryptology ensures data and information confidentiality by ensuring in the event that the data in intercepted, the eavesdropper will not understand the content. In addition, Data authenticity is ensured and the message recipient is assured the message is from the correct sender. Finally cryptology ascertains data integrity by providing specific proof that the data or information received is not subject to an alteration by third party. The figure below demonstrates a basic outline of cryptography process (Koblitz 2004). Background Cryptology can be defined as the study of cryptosystems, is simply put understanding how to uniquely hide a document or relevant information in plain sight. Normally this involves using a secret encoding that only the intended recipient understands. In a nut shell, cryptography is trying to understand how to pass private information in a public arena which in this case in the internet. This study is further subdivided into two distinct yet similar fields. Cryptography involves the design, creation and implementation of cryptosystems (Bauer 2006). These are the codes and complex formulas used to hide the information before or during data transfer. In addition, cryptosystems also includes measures and mechanisms of incorporating digital signatures in documents. Digital systems basically act as proof of ownership of digital content otherwise susceptible to alterations. On the other hand, cryptology also deals with cryptanalyses which studies the decoding of cryptosystems. Research data analysis and outline Two basic methods were considered for the purposes of this research. Quantitative research, where collected data is expressed in mathematical figures then evaluated for appropriate results, and qualitative which does not involve figures but rather experiences of participants and the actual data obtained from various sources. In this instance, qualitative analysis best suited thit type of research and was extensively applied. The primary data sources included case studies and direct observation of crypto systems at work. In addition, secondary sources such as books, library articles and the internet provided a reliable reference point. Literature review According to Bauer (2006) cryptography is a field of study where systems and data security meets the power of mathematical functions and equations. Based on his research, cryptology and by extension cryptography offers to the world of security engineering tools that underlie and form the basic and modern security protocols. Buchmann (2004) adds on this analogy through his research that offers an insight to cryptography and the techniques involved in cryptanalysis. According to him cryptography is a key to distributed systems security and modern day data integrity. Buchman argues that powerful as it may be, cryptology has often been misconstrued by experts because of the various malpractice associated with it. Cryptography has often been used in the wrong arena to protect the wrong information, and pass illegal messages throughout time. Another researcher, Goldreich (2009) identifies the fundamentals of cryptology and its basic application to modern data transfer as the foundation that supports the integrity of shared digital information. He defines the basic terminologies that comprise of this field of study as follows. Cryptography refers to the process of designing ciphers and algorithms used to encode and decode sensitive information; cryptanalysis is the science of understanding how to break the ciphers. This is mainly done through understanding their functioning and the process with which they secure the data; Cryptology is the study of both. History of cryptography Throughout the centuries since its inception cryptography has undergone several changes. In some way, cryptography is closely related to technology and as the world advances technologically so does the means if encoding and hiding messages improve. In the past messengers were used and acted as the first line of defence to protect the message in case they were captured. Today, binary encoding of packets carried over networks is used. Cryptography can be traced back to 200BC when tombs were decorated with hieroglyphics that told stories of the deceased (Goldreich 2008). More practical applications of message encryptions spiralled and evolved since then to more complex computations seen today. In ancient Hebrew cryptographers devised a clever way of flipping alphabetical characters in the original context. This method was called atash. Later a substitution cipher was created where characters were replaced. This was referred to as a mono alphabetic substitution since only one alphabet was used. Around 400 BC yet another form of encryption arose. This was developed by Spartans who wrote messages on sheets of papyrus and wrapped them around rods. Messages were readable only when wrapped around the correct stick or road that allowed the letters to properly align them to meaningful message (Goldreich 2008). This steady evolution continued well into the middle ages that saw the introduction of technology to enhance the security level. By late 1800s, message encoding was mainly used in military as a tactic to gain an edge over the opponents. Simple encryption tools drastically improved with electronic technology during World War 2 that saw the rise of telegraphs and radio communication. During this time, the rotor cipher machine that substituted letters was invented and was a huge breakthrough due to the complexity of its messages. This led to the creation of the enigma, a more complex encryption tool, by the Germans. As computers came encryption advanced tremendously. IBM developed the most complex and famous technique that saw the introduction of complex mathematical equations (Katz 2008). Cryptosystems The strength of a cryptosystem and indeed an encryption relies on the algorithm used, the secrecy and length of key used, and indeed how the related components interact during the process of data transfer or communication. System strength correlates with the amount of time and resources that will be used in figuring out the message (Daemen 2002). Essentially all encryption can be and are meant to be broken, so the basic aim of encrypting a message is to make the process of decrypting either too expensive or time consuming which in effect renders it pointless. Ciphers In cryptography, a cipher is a designed complex algorithm that is used to perform the actual encryption or decryption of messages. Ciphers are different form code, and coding technology in the sense that codes are documentations used in substituting single letters based on a certain rule. This documentation otherwise known as a codebook is then used as a reference point, and the random characters therein can be linked to characters or given numbers to make up meaningful messages. Ciphers can be categorised in two broad ways. The substitution cipher replaces bits or blocks of characters with different instances usually of the same category. This usually employs a key that will act as a guide to the substitution and also the decryption of the message (Bauer 2006). A good example of this is the Caesars cipher that replaces each letter with the letter three places ahead of it in the alphabet order, a method known as shift alphabet (Garrett 2007). On the other hand, Transposition ciphers rearrange characters in a message. Letters are practically scrambled up in the message and a key is used to get the position and characters that have been moved. Encryption methods Encryption methods have several components that are involved in building a complete system, but the two main pieces are the algorithm itself and its related key. Algorithms are an array of complex mathematical computations that determine how the message will be coded. The key on the other hand, simply offers a solution to the mathematical computation. The key decrypts the algorithm and in the process reverts back the message to plain text understandable to the recipient. Algorithms either use symmetric or asymmetric keys in the process of coding ad decoding the message (Menezes 2001). Symmetric algorithms have both parties using the same key at the encryption and decryption stages. This is also referred to as secret key algorithm in that the strength of this algorithm relies on the ability of both parties to maintain the secrecy of the key (Koblitz 2001). Its simplicity means it is fast and depending on the length of the key can be very difficult to decipher. However, since the key is pre shared it requires a safe and secure sharing mechanism, and it also suffers from scalability issues. Scalability in this case refers to the complexity that comes with the pre shared key. Each recipient has a unique key that only decrypts their intended message (Buchmann 2004). On this note however, as the number of recipients increases so does the length of the key and it can very easily reach an unmanageable limit. Asymmetric or public key system on the other hand, utilises two keys one for codding the message and the other decodes. One key is made public and accessible by anyone and the other key is private available only to the intended parties (Salomaa 1998). Each key has the capacity to encrypt and decrypt a message however; the one that encrypts cannot decrypt the same message and therein lays the trick. Only the sender and recipient know which key was used to encrypt as a result have a ready solution to decrypting the message (Hoffstein 2008). This cryptosystem is much slower than its symmetric counterpart but, provides better authentication and confidentiality Cryptanalyses Cryptanalysis is the study of understanding and breaking the secret behind encryption algorithms and codes. Often, certain properties in plaintext messages are used to aid in the process of cryptanalyses. Entropy or the underlying information in a message is one of these properties. The other, which is rate-of-language accounts for the amount of information added by each consecutive letter in a message. Finally, unicity distance is the required length of cipher text for an attacker to successfully determine whether a decryption key functions on a given message (Mao 2004). There are several ways in which a protocol or algorithm can be broken. The following paragraphs will attempt to highlight some of these angles, in a general way that attackers use to gain access to even the most complex algorithms. Schematic of basic attacks Cipher text attack is the most common approach to decoding an encryption. This concept focuses mainly on encrypted messages as the attacker works round the encryption. An example of cipher text attack is brute force attack (Paar et al 2009). Similarly, known plaintext approach is based on the encrypted message. Usually the attacker has an idea of the message and through this gains insight to the flow of the algorithm. A typical case may consist of the attackers’ knowledge of the file type which has been encrypted or they have a leaked copy of the entire message (Trappe et al 2006). This in turn will enable them retrieve or create a key which can be used to decrypt messages from similar sources. Finally, on basic attack concepts an attacker may cunningly insert a selected special text into the message prior to encryption. The special text will then be used to recreate the original encryption key for the purposes of decrypting the entire message. This is known as chosen-plain text and is very effective in acquiring encryption key (Salomaa 1998). Schematic of exotic attack An adaptive chosen plaintext attack is a specialised form of chosen plain text attack. The intercepted and encrypted special plain text offers specific properties of the message, encryption tool, and the encryption tool. This way the attacker knows the exact weakness and therefore takes shorter time decrypting future intercepted messages. In chosen key attack, relevant properties of an encryption key are determined which they are used to reconstruct the message. Yet another schematic in this category is the chosen cipher text. In this case an attacker deliberately decrypts a message wrongly and resends it to the original sender. On receiving, the sender decrypts it as a reply to the message thereby giving away the encryption code (Schneier 1996). Conclusion It is important to understand the basic functioning of ciphers because mostly ciphers fail because of improper and rushed use. In this regard, it is important to note that for a cipher to work properly it is important to invest in resources. The basic concepts that are involved in cryptology encompass robust components that integrate mathematics and computer technology to create algorithms. Project timetable Tasks Start End Week 1 Week 2 Week 3 Week 4 Completion 1/4/15 28/4/13                                                         Research 1/4/13 5/4/13                                                         Data analysis 6/4/13 10/4/13                                                         Initial Proposal 11/4/13 15/4/13                                                         Project evaluation 16/4/14 20/4/13                                                         Final documentation 21/4/13 25/4/13                                                         Research Project presentation 26/4/13 28/4/13                                                         References Bauer, F.L 2006,Decrypted Secrets. Methods and Maxims of Cryptography.Springer-Verlag, Berlin. Buchmann, J 2004,Introduction to Cryptography.Springer–Verlag, Berlin. Daemen, J. & RIJMEN, V 2002,Design of Rijndael. AES—The Advanced Encryption Standard.Springer–Verlag, Berlin. Garrett, P 2007Making, Breaking Codes. An Introduction to Cryptology.Prentice–Hall Goldreich, O 2009,Foundations of Cryptography.Basic Applications.Cambridge University Press. Cambridge Hoffstein, J. &Pipher, J. &Silverman, J.H 2008,An Introduction to Mathematical Cryptography.Springer–Verlag, Berlin. Katz, J. &Lindell, Y 2008,Introduction to Modern Cryptography.Chapman & Hall / CRC Press, Indiana. Koblitz, N 2001, A Course in Number Theory and Cryptography. Springer–Verlag, Berlin. Mao, W 2004,Modern Cryptography.Theory and Practice.Pearson Education, Indiana. Menezes, A. &Van Oorschot, P. &Vanstone, S 2001Handbook of Applied Cryptography.CRC Press, Florida. Paar, C. &Pelzl J 2009,Understanding Cryptography.A Textbook for Students and Practitioners.Springer–Verlag, Berlin. Salomaa, A 1998, Public-Key Cryptography. Springer–Verlag, Berlin. Schneier, B 1996, Applied Cryptography. Protocols, Algorithms, and Source Code in C. Wiley, CRC Press, Florida. Trappe, W. &Washington, L.C 2006, Introduction to Cryptography with Coding Theory.Pearson Education, Indiana. Read More