Discussion and Replies
21
Chapter 3
Cryptology
Maria Dailey
Contents Introduction ........................................................................................................38 History ................................................................................................................39 Formatting ......................................................................................................... 40 Kerckhoff’s Six Principles .................................................................................... 40 Types of Ciphers .................................................................................................41
Substitution Ciphers .......................................................................................41 Monoalphabetic Substitution Ciphers ........................................................41 Polyalphabetic Substitution Ciphers ...........................................................43
Transposition Ciphers .....................................................................................45 Cryptographic Keys .............................................................................................48
Private Key .....................................................................................................48 DES Algorithm ...............................................................................................49 AES Algorithm ...............................................................................................49
Public Key Encryption ........................................................................................50 Modular Arithmetic ........................................................................................52 Diffie–Hellman System ...................................................................................53
Future of Cryptography: Quantum Cryptography ..............................................54 Cryptanalysis .......................................................................................................55
Brute Force .....................................................................................................55 Frequency Analysis .........................................................................................56 Man-in-the-Middle Attack .............................................................................56
Summary .............................................................................................................56 Terminology ........................................................................................................57 References ...........................................................................................................57
Peltier, Thomas R.. Information Security Fundamentals, Auerbach Publishers, Incorporated, 2013. ProQuest Ebook Central, http://ebookcentral.proquest.com/lib/apus/detail.action?docID=1375200. Created from apus on 2025-04-18 02:44:28.
C op
yr ig
ht ©
2 01
3. A
ue rb
ac h
P ub
lis he
rs , I
nc or
po ra
te d.
A ll
rig ht
s re
se rv
ed .
22 ◾ Information Security Fundamentals
There are two types of encryption: one that will prevent your sister from reading your diary and one that will prevent your government.
—Bruce Schneier
Introduction Through the centuries, the need for information protection persists. Humans are combative creatures—ritually engaging in warfare among one another. Combat has evolved from hand-to-hand to modern warfare, or cyber warfare. Combat is a combination of attack and defense, the latter of which has gained popularity with technological advances. Protecting sensitive data is critical to preserving trade secrets, government communications, or military strategies. Protection is achieved in part through the use of cryptology—more specifically, encryption. Cryptology is vital for everyday use in today’s cyber society; online shopping and banking, ATM usage, and digital media all require encryption protection to avoid abuse. Unfortunately, many of today’s systems lack appropriate protection—passwords and authentication requirements are not protected themselves, either through encryption or encrypted databases. This leaves sensitive information vulnerable to unauthorized, prying eyes. Cryptology is by no means a novel concept; it has existed since the beginning of sensitive communication.
Cryptology is “the science of keeping secrets secret” (Delfs and Knebl 2007). Cryptology is the study of encrypting algorithms and the art of creating and solv- ing such algorithms, and is composed of both cryptography and cryptanalysis. Cryptography is the art or science of cipher systems used for protection informa- tion. The term originates from the Greek kryptos meaning “hidden,” and graphia, meaning “writing.” Cryptography protects sensitive information, identifies corrup- tion or unauthorized access, and tries to compromise between expense and time consumption.
Cryptography has four basic purposes: (1) confidentiality, (2) authentication, (3) integrity, and (4) nonrepudiation. Confidentiality keeps information secret from unauthorized use. Authentication is the corroboration of an entity’s identity, achieved through initial identification between communicators. Integrity assures that the message was not illegitimately altered during transmission or during stor- age and retrieval. Nonrepudiation guarantees that the sender will not deny previous commitments or actions unless they admit the cryptographic signing key has been compromised. Cryptanalysis is the practice of breaking ciphers, or decrypting mes- sages without the key, to discover the original form of the message.
The most common use of cryptography is safe transfer of information across communication systems without compromising the integrity or authenticity of the message. Someone wishes to send a message, which begins as plaintext. Plaintext is the original, humanly readable form of a message, which is then encrypted. This
Peltier, Thomas R.. Information Security Fundamentals, Auerbach Publishers, Incorporated, 2013. ProQuest Ebook Central, http://ebookcentral.proquest.com/lib/apus/detail.action?docID=1375200. Created from apus on 2025-04-18 02:44:28.
C op
yr ig
ht ©
2 01
3. A
ue rb
ac h
P ub
lis he
rs , I
nc or
po ra
te d.
A ll
rig ht
s re
se rv
ed .
Cryptology ◾ 23
could be text, numerical data, a program, or any other message form (Delfs and Knebl 2007). When plaintext is encrypted, or enciphered, the original message is obscured using an algorithm or pattern only known to the sender and authorized recipient(s). Encryption must be reversible; if not, the masked message is rendered useless to anyone. The algorithm or pattern is known as the cipher. A cipher is used to disguise information, making it immediately unintelligible. Once encrypted, the message is referred to as ciphertext, and is only readable when the cipher key is used in conjunction with the decrypting algorithm. A key, which is a secret sequence used by authorized correspondents, does not give immediate access to the plain- text. The encryption key is not always the same as the decrypting key. Decrypting, or deciphering, requires that the cipher inverse be performed on the ciphertext to reveal the plaintext. Preferably, only authorized persons know the decrypting algorithm. This relies on the complexity of the applied cipher. If the key is discov- ered, either through poor management or faulty circle of trust, the cipher is com- promised. Protecting the key, and to whom it is known, is crucial to ensuring the authenticity, integrity, and confidentiality of the transmitted message. An element, known as the work factor, often forgotten, is not if the algorithm can be broken, but how long until it is broken. The most strategic mindset when encrypting is creating a cipher that would take an unreasonable amount of time to solve.
History Cryptography is an ancient art, going as far back as the Egyptians. Cryptography was originally used as a “tool to protect national secrets and strategies” (Menezes et al. 1997). Two additional ancient ciphers are the Spartan scytale and the Caesar cipher. In the Spartan scytale, a segment of parchment is wrapped around a cylin- der of certain radius and the message is written lengthwise. The recipient must have a cylinder of equal radius to decrypt. The Caesar cipher is a “classical” cipher, using a simple shift of the plaintext alphabet.
In the early twentieth century, cryptography broadened its horizons. No longer did it use arbitrary characters or scrambled letters, but it became more mathemati- cal. Cryptography is now considered more of a science than an art—“cryptographic protocols for securely proving… identity online… or signing binding digital con- tracts are now at least as important as ciphers” (Talbot and Welsh 2006). One of the first among the more complicated cryptosystems used an electronic machine known as the Enigma rotor machine. Enigma, used by the Germans in World War II, applied a substitution cipher multiple times per message.
In the mid-twentieth century, there was a demand from the private sector with the advent of the Internet. As more users access the Internet, the need for digital information security is greater. This massive increase in public use of cryptography has led to the “standardization” of cryptography in a scientific sense. Developers must take care that the mathematics used in newer cryptosystems remains unsolvable;
Peltier, Thomas R.. Information Security Fundamentals, Auerbach Publishers, Incorporated, 2013. ProQuest Ebook Central, http://ebookcentral.proquest.com/lib/apus/detail.action?docID=1375200. Created from apus on 2025-04-18 02:44:28.
C op
yr ig
ht ©
2 01
3. A
ue rb
ac h
P ub
lis he
rs , I
nc or
po ra
te d.
A ll
rig ht
s re
se rv
ed .
24 ◾ Information Security Fundamentals
currently, many systems are secure, but rely on plausible assumptions that may one day be discovered. The standardization and mathematical focus of modern cryptosys- tems unfortunately shares the same issue suffered by earlier ciphers. One of the better- known modern encrypting systems is the Data Encryption Standard (DES), which was adopted in 1977 by the United States. This was shortly followed by public key encryption, which branched into the RSA scheme and digital signatures. The concept of public key encryption was unintentionally introduced in 1976. Two years later, a practical application was developed, known as the RSA algorithm (named after its creators, Rivest, Shamir, and Adleman). RSA is based on factoring large integers. The Enigma rotor machine, DES, and RSA schemes are examples of modern ciphers.
Formatting Universally, plaintext is written in lowercase when explaining applied cryptogra- phy. Ciphertext is written in all capitals. Keys or keywords are also always written in capitals.
When referring to those who use cryptosystems, certain names typically are used as the placeholders. Rather than referring to the sender as “Party A” and the recipient as “Party B,” Party A would be Alice and Party B would be Bob. Alice and Bob are always trying to communicate. Each associate communicating continues alphabetically, for example, Charlie and David want to speak with Alice and Bob. Eve is an eavesdropper, who does not have authorized access to the message. Eve is a passive listener; she does not modify the message. Mallory is a malicious attacker and modifies, sends her own, or repeats previous messages. Victor is a verifying agent who demonstrates that the intended transaction was successfully executed.
Kerckhoff’s Six Principles In 1883, Auguste Kerckhoff published journal articles titled “La Cryptographie Militaire” (Petitcolas 2011). These articles articulated the importance of the follow- ing principles, which provide the fundamentals necessary to develop a cryptosys- tem. There are six principles, as follows:
1. The system must be practically or mathematically undecipherable. 2. The system is not required to be secret and should be able to fall in enemy
hands. 3. The key must be communicable and retained without effort, and changeable
at the will of the correspondents. 4. The system must be compatible with the communication channel. 5. The system must be portable and not require functioning by multiple people. 6. The system must be easy, requiring minimal knowledge of the system rules.
Peltier, Thomas R.. Information Security Fundamentals, Auerbach Publishers, Incorporated, 2013. ProQuest Ebook Central, http://ebookcentral.proquest.com/lib/apus/detail.action?docID=1375200. Created from apus on 2025-04-18 02:44:28.
C op
yr ig
ht ©
2 01
3. A
ue rb
ac h
P ub
lis he
rs , I
nc or
po ra
te d.
A ll
rig ht
s re
se rv
ed .
Cryptology ◾ 25
Types of Ciphers There are two generations of encrypting methods; classical and modern. Classical ciphers are those that were historically used, like the scytale and Caesar’s, but became impractical either resulting from popular use or advances in technology. Modern ciphers consist of substitution or transposition ciphers. The time it would now take to decrypt classical ciphers is miniscule compared with more complex, modern ciphers. Classical ciphers use an alphabet of letters, implemented using simple math. The math, being simple, proved to be a key weakness. Classical ciphers can be broken using brute force attacks or frequency analysis. Brute force is a standard attack, running possible keys with a decrypting algorithm until the plaintext is exposed. Frequency analysis studies how often certain letters or letter groups appear in ciphertext. This method relies on the varying frequencies to uncover certain letters, and eventually break the entire cipher.
Modern cryptography became more of a science in concurrence with techno- logical advances. It grew to envelop more than just encryption, but emphasized the importance of “digital signatures, protocols for exchanging secret keys, authentica- tion protocols, electronic auctions and elections, digital cash, and more,” address- ing issues arising externally or internally (Vacca 2010).
Another difference between modern and classical cryptography is the user pro- file. Previously, cryptography was officially used by military or government figures. Today, cryptography is used by everyone aware and desiring.
Modern ciphers are typically divided into two criteria: the key type used and the data input type. When referring to key types, modern ciphers branch into symmet- ric (private key cryptography) or asymmetric (public key cryptography). Symmetric key algorithms use the same key for encryption and decryption. Asymmetric key algorithms use two different keys; one for encrypting and another for decrypt- ing. Asymmetric ciphers, introduced in the 1970s, nearly solved the dilemma of ensuring authenticity and nonrepudiation. An example of an asymmetric cipher is the RSA scheme. Data input ciphers branch into block and stream ciphers. Blocks ciphers encrypt blocks of data of fixed size. Stream ciphers encrypt continuous strands of data using pseudorandom numeric or alphabetic keystreams.
Substitution Ciphers When one thinks of encrypting, the first technique to come to mind is scrambling the message. Substitution ciphers are the most basic type of encryption. There are two types of substitution ciphers, which replace characters with other characters using a single rule (monoalphabetic) or groups of rules (polyalphabetic).
Monoalphabetic Substitution Ciphers
Monoalphabetic substitutions include the Caesar, Atbash, and Keyword ciphers. A prime example of a substitution cipher is the Caesar shift cipher, which is typically
Peltier, Thomas R.. Information Security Fundamentals, Auerbach Publishers, Incorporated, 2013. ProQuest Ebook Central, http://ebookcentral.proquest.com/lib/apus/detail.action?docID=1375200. Created from apus on 2025-04-18 02:44:28.
C op
yr ig
ht ©
2 01
3. A
ue rb
ac h
P ub
lis he
rs , I
nc or
po ra
te d.
A ll
rig ht
s re
se rv
ed .
26 ◾ Information Security Fundamentals
a three-character shift. Depending on how large the shift, either by subtraction or addition, the alphabet will be offset by that much. For instance, a three-character addition shift would look like Figure 3.1. This shift would change the plaintext “purple” into the ciphertext “MROMIB.”
If the shift was a three-character subtraction, it would look like Figure 3.2. The plaintext message “purple” would then become ciphertext “SXUSOH.”
The Atbash cipher flips the entire alphabet back on itself; the plaintext alphabet is “A–Z” and the ciphertext alphabet is “Z–A,” shown below in Figure 3.3. The Atbash cipher would obscure the plaintext “purple” as “KFIKOV.”
Plaintext a b c d e f g h i j k l m
Ciphertext X Y Z A B C D E F G H I J
Plaintext n o p q r s t u v w x y z
Ciphertext K L M N O P Q R S T U V W
Figure 3.1 Example of the Caesar cipher, three-character addition shift.
Plaintext a b c d e f g h i j k l m
Ciphertext D E F G H I J K L M N O P
Plaintext n o p q r s t u v w x y z
Ciphertext Q R S T U V W X Y Z A B C
Figure 3.2 Example of the Caesar cipher, three-character subtraction shift.
Plaintext a b c d e f g h i j k l m
Ciphertext Z Y X W V U T S R Q P O N
Plaintext n o p q r s t u v w x y z
Ciphertext M L K J I H G F E D C B A
Figure 3.3 Example of the Atbash cipher.
Peltier, Thomas R.. Information Security Fundamentals, Auerbach Publishers, Incorporated, 2013. ProQuest Ebook Central, http://ebookcentral.proquest.com/lib/apus/detail.action?docID=1375200. Created from apus on 2025-04-18 02:44:28.
C op
yr ig
ht ©
2 01
3. A
ue rb
ac h
P ub
lis he
rs , I
nc or
po ra
te d.
A ll
rig ht
s re
se rv
ed .
Cryptology ◾ 27
Another cipher, the Keyword cipher establishes a keyword such as “HEADY.” This begins the ciphertext alphabet, and the rest is completed using the remaining letters in alphabetic order. This can be seen in Figure 3.4, using “HEADY” as the keyword. The Keyword cipher changes the plaintext “purple” to “OTQOKY.”
Polyalphabetic Substitution Ciphers
Polyalphabetic substitutions are ciphers using multiple substitution alphabets. The Vigenère cipher is the most famous of this genre, introduced in the sixteenth cen- tury by Blaise de Vigenère. The Vigenère cipher uses the keyword to encrypt a message using relations. A barebones explanation of a Vigenère cipher is that it encrypts plaintext by using a series of Caesar ciphers, based on the keyword. It is easy to apply, and has the deceitful appearance of incredible complexity. The key- word is written as many times as necessary above the plaintext message, as depicted in Figure 3.5.
Using the Vigenère square, depicted in Figure 3.6, one will use a letter from the plaintext and its associated keyword letter. Plaintext letters are listed on the top, creating columns, which intersect with the keyword alphabet along the left side of the square, creating rows. The letter found at the intersection of these two letters is the cipher letter used to encrypt the message. The beginning of the plaintext “O” and keyword letter “K” intersect at ciphertext letter “Y.” Therefore, “once upon a time” would become “YVPKM ZWAGL SUR.”
The 25 variations of the Caesar cipher (shifts 0–25) are contained in the square. Each row is a single shift to the right from the row or letter preceding. Therefore, the
Plaintext a b c d e f g h i j k l m
Ciphertext H E A D Y B C F G I J K L
Plaintext n o p q r s t u v w x y z
Ciphertext M N O P Q R S T U V W X Z
Figure 3.4 Example of the Keyword cipher.
Keyword K I N G S K I N G S K I N
Plaintext o n c e u p o n a t i m e
Figure 3.5 Example of the first step in Vigenère encryption.
Peltier, Thomas R.. Information Security Fundamentals, Auerbach Publishers, Incorporated, 2013. ProQuest Ebook Central, http://ebookcentral.proquest.com/lib/apus/detail.action?docID=1375200. Created from apus on 2025-04-18 02:44:28.
C op
yr ig
ht ©
2 01
3. A
ue rb
ac h
P ub
lis he
rs , I
nc or
po ra
te d.
A ll
rig ht
s re
se rv
ed .
28 ◾ Information Security Fundamentals
first row, labeled “A,” is a shift of one. Row “X” is a shift of 23. It is important that the intended receiver knows the keyword used to encrypt the message to reverse the ciphertext. To decrypt the ciphertext using the known keyword, do the reverse of the above steps. First, write the keyword above the ciphertext, demonstrated in Figure 3.7. Then, find the first letter of the keyword, in this instance “K,” and fol- low the column down until the associated ciphertext letter is encountered, which is “Y.” Follow the row to the left and the letter found on the outmost column is the plaintext letter, being “O.” Continue this process until the message is decrypted.
The cipher was broken by Prussian Major Kasiski in 1863 by finding the key- word length and dividing the message into that number of blocks, or cryptograms, based on repeated letter sequences. The distance between these common patterns
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A A B C D E F G H I J K L M N O P Q R S T U V W X Y Z B B C D E F G H I J K L M N O P Q R S T U V W X Y Z A C C D E F G H I J K L M N O P Q R S T U V W X Y Z A B D D E F G H I J K L M N O P Q R S T U V W X Y Z A B C E E F G H I J K L M N O P Q R S T U V W X Y Z A B C D F F G H I J K L M N O P Q R S T U V W X Y Z A B C D E G G H I J K L M N O P Q R S T U V W X Y Z A B C D E F H H I J K L M N O P Q R S T U V W X Y Z A B C D E F G I I J K L M N O P Q R S T U V W X Y Z A B C D E F G H J J K L M N O P Q R S T U V W X Y Z A B C D E F G H I K K L M N O P Q R S T U V W X Y Z A B C D E F G H I J L L M N O P Q R S T U V W X Y Z A B C D E F G H I J K M M N O P Q R S T U V W X Y Z A B C D E F G H I J K L N N O P Q R S T U V W X Y Z A B C D E F G H I J K L M O O P Q R S T U V W X Y Z A B C D E F G H I J K L M N P P Q R S T U V W X Y Z A B C D E F G H I J K L M N O Q Q R S T U V W X Y Z A B C D E F G H I J K L M N O P R R S T U V W X Y Z A B C D E F G H I J K L M N O P Q S S T U V W X Y Z A B C D E F G H I J K L M N O P Q R T T U V W X Y Z A B C D E F G H I J K L M N O P Q R S U U V W X Y Z A B C D E F G H I J K L M N O P Q R S T V V W X Y Z A B C D E F G H I J K L M N O P Q R S T U W W X Y Z A B C D E F G H I J K L M N O P Q R S T U V X X Y Z A B C D E F G H I J K L M N O P Q R S T U V W Y Y Z A B C D E F G H I J K L M N O P Q R S T U V W X Z Z A B C D E F G H I J K L M N O P Q R S T U V W X Y
Figure 3.6 The Vigenère square. Each row corresponds to a Caesar cipher. The first row shift is zero, the second is a shift of 1, and the last shift is 25.
Peltier, Thomas R.. Information Security Fundamentals, Auerbach Publishers, Incorporated, 2013. ProQuest Ebook Central, http://ebookcentral.proquest.com/lib/apus/detail.action?docID=1375200. Created from apus on 2025-04-18 02:44:28.
C op
yr ig
ht ©
2 01
3. A
ue rb
ac h
P ub
lis he
rs , I
nc or
po ra
te d.
A ll
rig ht
s re
se rv
ed .
Cryptology ◾ 29
is counted, which clues the attacker into the possible keyword length. Sometimes, the keyword length is actually a factor of the distance counted. The ciphertext is then split into the deduced keyword length, called cryptograms. A frequency analysis is then applied to each cryptogram to determine the specific keyword let- ter used. This method is commonly referred to as the Kasiski/Kerckhoff method. If the frequency analysis was applied before creating cryptograms, the bar graph would appear flattened in comparison to a monoalphabetic cipher. This is because each letter is encrypted with a different shift. The flatter a frequency analysis graph, the stronger the cipher. One way to apply a Vigenère square’s fullest potential is to choose a keyword equal to the message length. Although one of the strengths relies on the square’s ability to encrypt the same letter or series of letters in various ways throughout the same message, it is inevitable that of those variations, they will repeat later in the message.
Transposition Ciphers The second major family of substitution is transposition ciphers. Rather simple and easy to crack, these ciphers use the same letters as the plaintext but reorganize them until the message is scrambled. This is achieved by applying a permutation to single characters or character blocks. Permutation determines the specific order for a finite group of characters. A sender cannot scramble the message without knowing the reverse; hence, the need for order-specific reorganization. The Spartan scytale is an example of a simple form of transposition. Using a cylinder, a piece of parch- ment was wrapped around it and the message written lengthwise. When unwound, the message was scrambled. The intended recipient would have a cylinder of exact diameter and wrap it with the parchment to decrypt the message. The permutation in this case would be related to the diameter of the cylinder.
The most basic transposition cipher is the rail fence cipher. The plaintext is split onto several “rails” or rows, each letter alternating from topmost row and down. The ciphertext is recorded by writing the letters through one row, then moving to the next and repeating. An example would be the plaintext “walking through the park one time.” Figure 3.8 demonstrates the rail fence cipher using this plaintext.
The ciphertext would be written as “WLIGHOGTEAKNTMAKNTRUHH- PROEIE.” Rail fence does not always require the topmost rail be furthest left. If
Keyword K I N G S K I N G S K I N
Ciphertext Y V P K M Z W A G L S U R
Plaintext O N C E U P O N A T I M E
Figure 3.7 Example of the initial step, followed by the result, of decrypting using a Vigenère square.
Peltier, Thomas R.. Information Security Fundamentals, Auerbach Publishers, Incorporated, 2013. ProQuest Ebook Central, http://ebookcentral.proquest.com/lib/apus/detail.action?docID=1375200. Created from apus on 2025-04-18 02:44:28.
C op
yr ig
ht ©
2 01
3. A
ue rb
ac h
P ub
lis he
rs , I
nc or
po ra
te d.
A ll
rig ht
s re
se rv
ed .
30 ◾ Information Security Fundamentals
each rail is slightly offset from the other, where the left-most character is on the bottom rail, as seen in Figure 3.9, the ciphertext is still recorded the same (begin- ning on the top row).
Another type of transposition cipher is the columnar transposition cipher. The number of columns is equal to the key or keyword length. The plaintext is writ- ten lengthwise across the columns, creating a new row when each columnar slot is filled. Each column is then rearranged according to the chosen cipher pattern. If a numerical key is used, the numbers are out of order for plaintext, then rearranged to create the ciphertext (Figure 3.10). If a word or phrase is used as the keyword, then the associated number placement of the letter determines the order of the columns for encrypting (Figure 3.11). When a key or keyword is applied once, this is known as a single columnar transposition. If applied twice, it is known as a double columnar transposition, and so on. Sometimes, if a message falls short, as the example text provided does, filler text is added such as “XX” or other characters. However, filler text is a security risk. Incomplete rows make it more difficult to decrypt the message without the key.
W L I G H O G T E A K N T M
A K N T R U H H P R O E I E
Figure 3.8 Example of the rail fence cipher with two “rails.”
W L I G H O G T E A K N T M
A K N T R U H H P R O E I E
Figure 3.9 Example of the rail fence cipher with two “rails,” offset so the bottom rail begins the ciphertext.
1 2 3 4 5 4 2 5 3 1
t r y r e R R E Y T
a d i n g N D G I A
t h i s n S H N I T
o w W O
Figure 3.10 Example of the columnar transposition cipher using a numerical key.
Peltier, Thomas R.. Information Security Fundamentals, Auerbach Publishers, Incorporated, 2013. ProQuest Ebook Central, http://ebookcentral.proquest.com/lib/apus/detail.action?docID=1375200. Created from apus on 2025-04-18 02:44:28.
C op
yr ig
ht ©
2 01
3. A
ue rb
ac h
P ub
lis he
rs , I
nc or
po ra
te d.
A ll
rig ht
s re
se rv
ed .
Cryptology ◾ 31
In this example, the plaintext “try reading this now” is written lengthwise across five columns. Above each column is a number, the left being the lowest and the right being the highest. The selected key is 42531. When encrypting, the col- umns are labeled as such and the associated letters found in each column organized accordingly. To write the ciphertext, copy each column, moving left to right. The encrypted message is broken into groups of five cryptograms consisting of five char- acters. The ciphertext in this example would become “RNSRD HWEGN YIITA TO.” Now, the keyword “KINGLY” will be used in place of numbers. Remember, when encrypting with a keyword in columnar transposition, the letter’s placement in the alphabet must be written down. Figure 3.12 lists the alphabet with its associ- ated numbers. Using keyword “KINGLY,” the message “try reading this now” will be encrypted.
The alphabetic numbering lets the sender organize the columns for encrypting by the earliest letter to the latest. The columns are now reorganized into “GIKLNY.” This encrypts “try reading this now” into “RGORI STDIE TWYNN AH.”
Decrypting this ciphertext requires finding the sum of characters in the mes- sage to determine the number of characters found in the last row, before encryp- tion. The message is 17 characters long. Authorized recipients know the keyword length, which is six characters, and would be able to determine the last column only had two characters. This is an irregular columnar transposition, whereas even distribution of the rows would be regular. Decryption without knowledge of the
K I N G L Y G I K L N Y
10 8 13 6 11 24 6 8 10 11 13 24
t r y r e a r r t e y a
d i n g t h g i d t n h
i s n o w o s i w n
Figure 3.11 Example of the columnar transposition cipher using a keyword.
A B C D E F G H I J K L M
0 1 2 3 4 5 6 7 8 9 10 11 12
N O P Q R S T U V W X Y Z
13 14 15 16 17 18 19 20 21 22 23 24 25
Figure 3.12 The alphabet, numbered 0 to 25.
Peltier, Thomas R.. Information Security Fundamentals, Auerbach Publishers, Incorporated, 2013. ProQuest Ebook Central, http://ebookcentral.proquest.com/lib/apus/detail.action?docID=1375200. Created from apus on 2025-04-18 02:44:28.
C op
yr ig
ht ©
2 01
3. A
ue rb
ac h
P ub
lis he
rs , I
nc or
po ra
te d.
A ll
rig ht
s re
se rv
ed .
32 ◾ Information Security Fundamentals
key is rather simple with columnar transpositions. Trying different permutations through brute force will eventually yield plaintext.
Cryptographic Keys More complex ciphers use secret keys that control long sequences of intricate sub- stitutions and transpositions. This partnership between simple ciphers creates a powerful and modern form of communication security. In one form of encryption, the key is secretly exchanged between correspondents before message transaction proceeds; in another, some keys are made public and others are kept private.
Private Key Private, or secret key encryption, often referred to as a symmetric key, is a class of algorithm that uses a single key to encrypt or decrypt messages. The key is confi- dential information used when the involved parties wish to communicate with one another. For maximum security, each pair of correspondents has a separate key; it is vital that both parties keep the key secret. The sender encrypts the message using the key before transmitting it to the recipient. The recipient uses the same key as the sender to decrypt the message. The key acts as the authentication service, dis- tinguishing correspondents from other parties, malicious or otherwise. Messages are typically sent over a public channel, and eavesdropping is a realistic threat. If the key is known, the messages’ integrity is compromised. Correspondents must establish a secure manner of sharing the key; private key encryption relies solely on the protection of the key for success (Figure 3.13).
Private key encryption is commonly used for session keys in security protocols. A session key is randomly generated for communication between a computer and its user, or between two computers. Every session of communication generates a
�e quick brown fox jumps over the lazy dog.
�e quick brown fox jumps over the lazy dog.
Plaintext Plaintext
ZxCv;5bMEseTfi D)3fGsmWe##4^ $sdfgmwlR2:dkJE tsy8R\S@!q3%
Same key
Encrypt Decrypt Ciphertext
Figure 3.13 Example of a private key.
Peltier, Thomas R.. Information Security Fundamentals, Auerbach Publishers, Incorporated, 2013. ProQuest Ebook Central, http://ebookcentral.proquest.com/lib/apus/detail.action?docID=1375200. Created from apus on 2025-04-18 02:44:28.
C op
yr ig
ht ©
2 01
3. A
ue rb
ac h
P ub
lis he
rs , I
nc or
po ra
te d.
A ll
rig ht
s re
se rv
ed .
Cryptology ◾ 33
new session key. Sometimes, each message may use a new session key. Private key encryption is also used for bulk encryption for continuous data, such as e-mail.
Private key encryption is divided into stream ciphers and block ciphers. Stream ciphers operate on continuous data that arrives in “real time;” information is encrypted a bit at a time, as opposed to block ciphers. Block ciphers break plaintext into blocks. These fixed-length blocks are then encrypted a block at a time. A key of fixed length is applied multiple times to the series of blocks. Block ciphers are typi- cally used when securing computers. A well-known type of block cipher is the DES algorithm, which is a type of private key encryption. An updated and more reliable block cipher used today is the Advanced Encryption Standard (AES).
DES Algorithm DES is a nonlinear block cipher. The plaintext is broken into 64-bit blocks and encrypted using 56-bit key and 8 parity bits, totaling 64 bits. The 8 parity bits act as verification that the key was not modified without authorization. Generating the key requires breaking the 56 bits into 7-bit segments, which are moved into 8-bit- long slots. Parity bits are set to either 0 or 1. Each parity bit is assigned so that each octet has an odd total number of 1’s. Encryption is achieved through dividing the blocks in a left (L) and right (R) parts and applying a series of permutations and substitutions 16 times.
DES originally was IBM’s Lucifer in 1973, an answer to the National Bureau of Standards’ (NBS) request for an encryption algorithm that meets several criteria: high security level, small key for encryption and decryption, easily understood, independent of algorithm confidentiality, adaptable, and efficient and exportable. Lucifer was modified in 1976 and became DES, which was adopted in 1977 and standardized by the American National Standards Institute (ANSI). In 1987, the National Security Agency (NSA) threatened to decertify DES, but DES reapplied in 1999 as 3DES/TDEA. 3DES, or Triple DES, is a partial successor to DES, using three different keys totaling as a 168-bit key. DES became insecure in the industry whereas 3DES is too slow. DES is insecure because its key length is relatively short, and 3DES is insecure because of a vulnerability enabling malicious users to modify the key length. This inherently reduces the time necessary for cryptanalysis.
AES Algorithm AES resulted from a worldwide competition that started in 1997 under the spon- sorship of the National Institute of Standards and Technology (NIST). The victor was determined after 3 years of analysis of the submitted algorithms. An important attribute that the NIST outlined was that the new encryption algorithm would have a public key strong enough to protect government information into the fol- lowing century. Two Belgian cryptologists, Vincent Rijmen and Joan Daemen, cre- ated an algorithm and submitted it under the name Rijndael (a combination of its
Peltier, Thomas R.. Information Security Fundamentals, Auerbach Publishers, Incorporated, 2013. ProQuest Ebook Central, http://ebookcentral.proquest.com/lib/apus/detail.action?docID=1375200. Created from apus on 2025-04-18 02:44:28.
C op
yr ig
ht ©
2 01
3. A
ue rb
ac h
P ub
lis he
rs , I
nc or
po ra
te d.
A ll
rig ht
s re
se rv
ed .
34 ◾ Information Security Fundamentals
creators’ surnames). In 2000, the algorithm, which would later be known as AES, was announced as the winner. In 2003, the NSA determined that AES was secure enough to protect sensitive information.
AES is an iterative block cipher based on substitutions and permutations. The fixed blocks are each 128 bits long, or 16 bytes. This is double the length used by DES, increasing the number of possible blocks by 264. This algorithm uses key lengths of 128, 192, or 256 bits. The increasing length of each key offers a greater plethora of potential combinations, increasing the complexity of the cipher. Before implement- ing encryption, each block is divided into a four-by-four array, each 8 bits long. Each time an array is processed, it is treated in substitution or permutation boxes, known as S-boxes or P-boxes, respectively. The S-box substitutes the arrays for one another. A single bit change in the input causes multiple bit changes in the output. The P-box shuffles the input to create an output. These are performed in rounds, consisting of four transformations. There are two inputs per round: the array and a round key. The round key is generated using the cipher key and key expansion routine. This process creates the ciphertext. The inverse of the applied algorithm unveils the plaintext.
A weakness of DES is that its security was designed for hardware-based protec- tion. AES is more versatile, effectively operating on software and hardware. The broad application of AES is not the only benefit of the updated encryption algorithm; AES is faster and more secure than DES or DES’ derivatives such as Triple DES. Despite these benefits, AES remains unused by certain organizations or companies using legacy software and equipment like DES. As technology advances and older systems become incompatible with newer software and equipment, DES will become obso- lete. Without AES, different encryption algorithms are necessary to protect specific programs. AES’ increased compatibility and economic benefits simplify the encryp- tion of organization equipment and software through standardization.
Public Key Encryption The first public key encryption cryptosystem was proposed by Ralph Merkle in 1974, and introduced two years later, in 1976, by Professor Martin Hellman from Stanford University and Whitfield Diffie, then at Northern Telecom (Bosworth et al. 2009). Public key encryption uses two separate keys to encrypt and decrypt. Another name for public key encryption is asymmetric encryption. Unlike pri- vate key encryption, public key encryption uses one key to encrypt and another to decrypt. One key is public and the other, the private key, is known only to the originator of the ciphertext. Each correspondent has a public key and a private key; what is encrypted using one key is decrypted using the other key. The public key of either correspondent is widely available whereas the private key is available only to the owner of the public/private key pair. When encrypting a message so that only the intended recipient can decrypt it, the sender uses the recipient’s public key and the recipient decrypts it using the corresponding private key. When encrypting
Peltier, Thomas R.. Information Security Fundamentals, Auerbach Publishers, Incorporated, 2013. ProQuest Ebook Central, http://ebookcentral.proquest.com/lib/apus/detail.action?docID=1375200. Created from apus on 2025-04-18 02:44:28.
C op
yr ig
ht ©
2 01
3. A
ue rb
ac h
P ub
lis he
rs , I
nc or
po ra
te d.
A ll
rig ht
s re
se rv
ed .
Cryptology ◾ 35
a message so that anyone can authenticate its origin, the sender uses his or her own private key and recipients use the corresponding public key to decrypt the ciphertext.
Public key encryption enables secure electronic business transactions, applied through keys and certificates. This cryptosystem supports confidentiality, access control, integrity, authentication, and nonrepudiation services. Both keys are gen- erated simultaneously as large prime numbers. A prime number is an integer which has no integral factors apart from the numeral one and itself. In this instance, the longer the key, the more secure the correspondence will be.
For example, to authenticate a message to Bob, Alice encrypts the message using her own private key before sending to Bob. Bob then decrypts the ciphertext using Alice’s public key. Figure 3.14 demonstrates the process when a message from Alice is received by Bob. This process also verifies the integrity of the transmitted message because any change in the ciphertext during transmission makes it impos- sible to decrypt the message using public key encryption.
Figure 3.15 shows how to encrypt a message so that only the intended recipient can decrypt it. Thus, Alice encrypts a message for Bob to receive by encrypting it using Bob’s public key. Bob decrypts the ciphertext using his private key.
Public key encryption provides a solution for the private key weakness. This algorithm is more secure than private key encryption, eliminating the key exchange problem. Private key encryption requires a separate, secure channel to exchange the encrypting and decrypting key. Public key encryption does not require this separate channel. In addition, the private key system suffers from the combinatorial explosion, which increases the number of key pairs required for n correspondents as a function of n(n − 1)/2 or as approximately n2 for large numbers of correspondents. A group of 10 correspondents needs 45 key pairs for security, but a group of 100
�e quick brown fox jumps over the lazy dog.
�e quick brown fox jumps over the lazy dog.
Plaintext Plaintext
Bob receives message said to be from Alice
Alice’s private key
Alice’s public key
Encrypt Decrypt Ciphertext
ZxCv;5bMEseTfi D)3fGsmWe##4^ $sdfgmwlR2:dkJE tsy8R\S@!q3%
Figure 3.14 Public key encryption: Bob receives Alice’s encrypted message and uses her public key for decryption.
Peltier, Thomas R.. Information Security Fundamentals, Auerbach Publishers, Incorporated, 2013. ProQuest Ebook Central, http://ebookcentral.proquest.com/lib/apus/detail.action?docID=1375200. Created from apus on 2025-04-18 02:44:28.
C op
yr ig
ht ©
2 01
3. A
ue rb
ac h
P ub
lis he
rs , I
nc or
po ra
te d.
A ll
rig ht
s re
se rv
ed .
36 ◾ Information Security Fundamentals
needs 4950 key pairs and a group of 1000 needs 499,500 pairs. In contrast, PKC users need n key pairs, so 1000 users need 1000 key pairs.
Modular Arithmetic Public key encryption was made possible by the Diffie–Hellman system, which uses modular arithmetic. Modular arithmetic differs from typical arithmetic by execut- ing operations in a circle rather than in a line. This is also known as congruence arithmetic. There is a fixed amount of numbers, which is less than the fixed maxi- mum number, known as the modulus. These integers are cycled through. Every time the largest number is passed, one starts again with the first value. Oftentimes, modular arithmetic is compared with a clock. There are 24 hours in the day, but only 12 hours are shown on a clock. The first rotation is daytime and the second is the evening. A clock is mod-12 arithmetic, meaning the available integers are 0 to 11, zero being the first integer, standing in the place of 12. Figure 3.16 depicts a mod-12 clock, where zero stands in for 12.
If an e-mail said there was a meeting at 1100, that would mean that it was at eleven o’clock, presented in the 24-hour format. Similarly, if someone had a meeting at 1400 but was unfamiliar with the 24-hour format, they would simply “wrap” around the 12-hour clock and find the remainder, which would present the time in another form. Written out in modular arithmetic, this problem would look like: 14 (mod 12).
1. Meeting at 1400 2. 1400 – 1200 = 200 3. Rotate forward on the 12-hour clock two spots 4. The meeting is at 2:00 pm
�e quick brown fox jumps over the lazy dog.
�e quick brown fox jumps over the lazy dog.
PlaintextPlaintext
ZxCv;5bMEseTfi D)3fGsmWe##4^ $sdfgmwlR2:dkJE tsy8R\S@!q3%
Ciphertext Encrypt Decrypt
Bob’s public key
Bob’s private key
Alice sends messsage to Bob
Figure 3.15 Public key: Alice encrypts a message for Bob using his public key. He decrypts using his private key.
Peltier, Thomas R.. Information Security Fundamentals, Auerbach Publishers, Incorporated, 2013. ProQuest Ebook Central, http://ebookcentral.proquest.com/lib/apus/detail.action?docID=1375200. Created from apus on 2025-04-18 02:44:28.
C op
yr ig
ht ©
2 01
3. A
ue rb
ac h
P ub
lis he
rs , I
nc or
po ra
te d.
A ll
rig ht
s re
se rv
ed .
Cryptology ◾ 37
The steps above simplify the process. Step 2 would actually be written as 14 (mod 12). Using a calculator, this function would be done by dividing 14 by 12, which equals 1.167. Subtract 1 from 1.167 to get 0.167, which is then multiplied by the modulus, 12. This provides the remainder, which is 2. Therefore, 14 (mod 12) equals, or is congruent to, 2. Smaller values are easier to analyze, but when presented with a larger value such as 107 (mod 12), Step 2’s method becomes impractical. Using the method aforementioned, one will find that 107 (mod 12) is congruent to 11.
1. 107 (mod 12) 2. 107/12 = 8.9167 3. 8.9167 – 8 = 0.9167 4. 0.9167 * 12 = 11 5. 107 (mod 12) = 11
The modulus equals the total integers; there are 12 hours on a clock; therefore, it is modulus 12, or mod 12. The array of integers derived from the modulus starts with zero and ends one integer less than the modulus. A 12-hour clock would have an array from 0 to 11, which looks like this: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11.
Diffie–Hellman System The Diffie–Hellman key exchange is based on the premise that two correspon- dents, Alice and Bob, wish to communicate a secret number, but must do so on an insecure channel. An unauthorized user, Eve, is trying to intercept the message over the unsafe channel. If Eve obtains the message containing the key, all integrity and confidentiality is lost. This issue is resolved by masking the key using modular arithmetic. Alice and Bob achieve secrecy by agreeing on a large prime number, p, and a base number, n. Alice will choose a personal, private value, a, which remains unknown to Bob. Bob will generate a secret value only known to himself, b. It is important that a and b are less than p. Alice and Bob’s respective secret keys
0 1
2
3
4
5 6
7
8
9
10
11
Figure 3.16 A clock demonstrates modular arithmetic.
Peltier, Thomas R.. Information Security Fundamentals, Auerbach Publishers, Incorporated, 2013. ProQuest Ebook Central, http://ebookcentral.proquest.com/lib/apus/detail.action?docID=1375200. Created from apus on 2025-04-18 02:44:28.
C op
yr ig
ht ©
2 01
3. A
ue rb
ac h
P ub
lis he
rs , I
nc or
po ra
te d.
A ll
rig ht
s re
se rv
ed .
38 ◾ Information Security Fundamentals
should be relatively prime to n, meaning that neither shares common factors with n. Alice’s public value is na mod p and Bob’s is nb mod p. The two correspondents exchange their public values, so that both parties now know both. Alice will com- pute nab = (nb)a mod p. Bob will compute nba = (na)b mod p. Once both algorithms are computed, each party will have the same number. Alice and Bob are now able to privately communicate on the insecure network.
Future of Cryptography: Quantum Cryptography The further cryptology advances, evolving and becoming more secure each decade, the greater advantage cryptographers have over cryptanalysts. A technique cur- rently in development is quantum cryptography. Depending on the chosen polar- ization, Alice can send a unique public key to Bob, which can change per message. Currently, quantum cryptography is theoretically unbreakable. Although modern computers gain speed with emerging technologies, the fundamental functions do not change. Computer computation is currently based on bits, which are repre- sented by “0” or “1,” never both states at once. Data is stored in bytes, which is equivalent to eight bits. This two-state system is known as binary. Binary systems are base 2 rather than base 10 used in the decimal system.
Quantum refers to the “smallest amount of a physical radiation” capable of angu- lar momentum, such as particles, atoms, and energy (American Heritage Science Dictionary 2013, “Quantum”). Richard Feynman, an American physicist, intro- duced a computer capable of effectively combining quantum mechanics (Bone and Castro 1997). Quantum computers use quantum bits, or qubits, rather than standard bits. Qubits represent the atoms and their included components: ions, photons, and electrons. Photons begin the process of generating a key for secure transmission, and are translated into binary code. Each rotation of the photon represents either a one or zero, which are the only components of a binary system. Quantum cryptography is based on photon physics, which focuses on the polarization of the photon, based on the theory that this angular momentum can occur on atomic and subatomic levels, defying all modern definitions of the law of physics (Jenkins 1996). This defines the main difference between quantum and modern computers; a qubit can assume either a “0,” “1” or both states simultaneously. For example, photons with a vertical spin can be assigned “0” and horizontally spinning photons are assigned “1.” When a qubit is both “0” and “1,” it exists in its coherent state, achieving quantum paral- lelism. This is the attribute which makes quantum computers exponentially more powerful than modern computers. Any operation applied to a coherent state qubit would affect both properties at once, producing two separate outputs.
The same aspect setting quantum beyond and apart from modern computer is very hard to control. Decoherence requires measuring qubit outputs once an operation is executed. When one tries to discover if the qubit outputs are either “0” or “1,” simply interacting with the output can impede on accurately reading its value. An indirect
Peltier, Thomas R.. Information Security Fundamentals, Auerbach Publishers, Incorporated, 2013. ProQuest Ebook Central, http://ebookcentral.proquest.com/lib/apus/detail.action?docID=1375200. Created from apus on 2025-04-18 02:44:28.
C op
yr ig
ht ©
2 01
3. A
ue rb
ac h
P ub
lis he
rs , I
nc or
po ra
te d.
A ll
rig ht
s re
se rv
ed .
Cryptology ◾ 39
manner of measuring must be implemented and is yet to be discovered. Quantum computing and cryptography has not yet taken because algorithms necessary to har- ness quantum parallelism do not exist today. Peter Shor and Lov Grover, both of Bell Laboratories, have made advances with their respective algorithms (Bosworth et al. 2009, p. 7.40). Other advancements have come in the form of entanglement, a possible solution for measuring qubit outputs. Entanglement states that when certain requirements are met involving more than two particles, they entangle. One particle is able to communicate with its partner, revealing the opposite of its value. This con- cept is still in development, with most success found when applied by the Los Alamos National Laboratory and the Massachusetts Institute of Technology. Using nuclear magnetic resonance (NMR), scientists at these facilities discovered that spreading out the qubit increases the difficulty of identifying outputs (Bosworth et al. 2009, p. 7.41). This technology enables scientists to manipulate the spinning of a nucleus.
Despite scientists’ best efforts and commitment toward making quantum com- puting and cryptography possible, the practical application of this method is pos- sibly decades away. There are still many obstacles to overcome, especially the matter of measuring coherent state qubit outputs. Once this is discovered, the issue of a computer powerful enough to efficiently handle large-scale computations still blocks the finished product. The question is not if quantum cryptography is pos- sible, but when it will be accurate and reliable enough for application.
Cryptanalysis There are many means by which to break a code. Some are orthodox whereas oth- ers are obvious but overlooked. These strategies range from “guess and check,” to educated computations, and even personal interactions. Guess and check, or brute force attack, is used most often, especially with simpler cryptosystems like Caesar. Educated computations envelope frequency analysis, or the relation of characters used in ciphertext with the frequency of the implemented alphabets’ individual characters in a section of text. Personal interactions include social engineering and man-in-the-middle attacks. Social engineering exploits human vulnerabilities—it is human nature to want to help others and be trusting. Attackers of this nature manipulate critical personnel to obtain sensitive information. Man-in-the-middle attacks are committed over communication channels between Alice and Bob to eavesdrop on keys exchanged for private and public cryptosystems. All of these methods are used in an attempt to break ciphers to reveal, alter, or intercept the hidden message.
Brute Force Brute force decryption is a method of repetitious trial-and-error. This method is implemented until the key is revealed, or all possible options are exhausted. Brute
Peltier, Thomas R.. Information Security Fundamentals, Auerbach Publishers, Incorporated, 2013. ProQuest Ebook Central, http://ebookcentral.proquest.com/lib/apus/detail.action?docID=1375200. Created from apus on 2025-04-18 02:44:28.
C op
yr ig
ht ©
2 01
3. A
ue rb
ac h
P ub
lis he
rs , I
nc or
po ra
te d.
A ll
rig ht
s re
se rv
ed .
40 ◾ Information Security Fundamentals
force can be incredibly time-consuming, but is unfailing. In theory, this method can be applied to any cryptosystem. Whether or not this is practical depends on how long it will take to test every possible key. Key length determines the feasibility of this method. In a given amount of time, the key will be discovered. However, if the key is not found in this lifetime, or any lifetime soon to follow, it remains secure for the time being. As technology advances, computers will be able to process more information in less time, and keys that were secure in the twentieth century may not remain so by the twenty-third century. Time is a critical factor in assessing a cryptosystem’s strength.
Frequency Analysis Attackers are able to use ciphertext-only methods and letter frequency analysis on the encrypted messages. Ciphertext-only attacks are where the attacker only has access to the ciphertext. If any information is gathered about the plaintext, breaking the cipher becomes much easier. Frequency analysis is the study of letter or letter group frequencies in ciphertext. This analysis is based on the fact that in an alpha- bet, certain letters are used more frequently than others. In a section of English (e.g., a complete sentence), the most common letters to appear are in the following order: “ETAOIN.” Following this sequence with the next highest frequency are “SHRDLU.” The most common letter pairs of the English language are “TH,” “ER,” “ON,” and “AN.” Repeats of high frequency are “SS,” “EE,” “TT,” and “FF.”
Man-in-the-Middle Attack Man-in-the-middle attacks are somewhat similar to social engineering attacks; the unauthorized user deceives the authorized parties into providing their respective keys. The attacker listens to the communication channel between Alice and Bob, who are about to exchange their keys for secure encryption. This is most com- monly seen in private and public key cryptosystems. The attacker exchanges keys with each party, who are none the wiser. The authorized parties believe they have securely exchanged keys. When the key, which is known only to the attacker, is applied to the messages, the attacker can decrypt it and obtain sensitive informa- tion. To avoid this attack, a hash function is applied, which transforms longer character strands into short, fixed-length keys, therein masking the original key.
Summary An ever-increasing necessity in today’s world stems from the expanding use of e-commerce and other sensitive activities. The importance of securing general information or e-trade, as well as addresses and records, is critical for both business and personal interactions. This chapter covers many different methods, classified
Peltier, Thomas R.. Information Security Fundamentals, Auerbach Publishers, Incorporated, 2013. ProQuest Ebook Central, http://ebookcentral.proquest.com/lib/apus/detail.action?docID=1375200. Created from apus on 2025-04-18 02:44:28.
C op
yr ig
ht ©
2 01
3. A
ue rb
ac h
P ub
lis he
rs , I
nc or
po ra
te d.
A ll
rig ht
s re
se rv
ed .
Cryptology ◾ 41
by the era in which they were most effective. As time went on, and cryptologists developed more complex cryptosystems, it became difficult to judge which was superior to another. The advances in technology in modern security have made this question easily measurable; the greatest advantages are had by cryptosystems with longer, obfuscated keys, and caretakers of the keys who are wary and cautious when exchanging sensitive information.
Cryptology will continue to be an essential practice in societies around the world. More activities are becoming digitized, such as banking, shopping, com- munication, and networking. Everyday life and organizations determining how nations are run all depend on secure communication and transaction channels. Cryptology is universally applied and will continue to develop and evolve to adapt to technological advances. No longer is cryptology restricted to the military, the economy, and the government; it is practical for everyone.
Terminology Algorithm: a well-defined set of instructions for manipulating given variables Cipher: a type of algorithm used to encrypt data, changing plaintext into cipher-
text and irreversible without a key Ciphertext: legible text in encrypted form, written in uppercase Cryptanalysis: the art and science of breaking ciphers, decryption, through
“un authorized” means (unknown key) Cryptography: the science of encrypting and decrypting messages, originating
from the Greek terms kryptos (“hidden”) and graphia (“writing”) Cryptology: the study of secure communications, formed from the Greek terms
kryptos (“hidden”) and logos (“word”) Cryptosystem: system for encrypting information Decrypt: the process of unmasking the plaintext from the ciphertext (also decipher) Encrypt: altering the plaintext using a keyword and specific algorithm so it
becomes unintelligible to unauthorized parties, referred to as ciphertext (also encipher)
Key/keyword: a word or system for encrypting or decrypting a cipher Plaintext: the original, readable message, which is encrypted
References American Heritage Science Dictionary. (2013). Quantum. Retrieved November 14, 2011,
from Dictionary.com: http://dictionary.reference.com/browse/quantum. Bone, S., and Castro, M. (1997). Introduction. Retrieved November 20, 2011, from A Brief
History of Quantum Computing: http://www.doc.ic.ac.uk/~nd/surprise_97/journal/vol4/ spb3/.
Peltier, Thomas R.. Information Security Fundamentals, Auerbach Publishers, Incorporated, 2013. ProQuest Ebook Central, http://ebookcentral.proquest.com/lib/apus/detail.action?docID=1375200. Created from apus on 2025-04-18 02:44:28.
C op
yr ig
ht ©
2 01
3. A
ue rb
ac h
P ub
lis he
rs , I
nc or
po ra
te d.
A ll
rig ht
s re
se rv
ed .
42 ◾ Information Security Fundamentals
Bosworth, S., Kabay, M. E., and Whyne, E. (2009). Computer Security Handbook (5th ed., vol. 1). Hoboken: John Wiley & Sons, Inc.
Delfs, H., and Knebl, H. (2007). Introduction to Cryptography: Principles and Applications (2nd ed.). New York: Springer.
Jenkins, S. (1996). Some Basic Ideas About Quantum Mechanics. Retrieved November 14, 2011, from University of Exeter: http://newton.ex.ac.uk/research/qsystems/people/ jenkins/mbody/mbody2.html.
Menezes, A. J., van Oorschot, P. C., and Vanstone, S. A. (1997). Handbook of Applied Cryptography. Boca Raton: CRC Press LLC.
Petitcolas, F. (2011). La Cryptographie Militaire. Retrieved December 19, 2011, from Fabien Petitcolas: http://petitcolas.net/fabien/kerckhoffs/.
Talbot, J., and Welsh, D. (2006). Complexity and Cryptography: An Introduction. Cambridge: Cambridge University Press.
Vacca, J. R. (2010). Network and System Security. Oxford: Elsevier Inc.
Peltier, Thomas R.. Information Security Fundamentals, Auerbach Publishers, Incorporated, 2013. ProQuest Ebook Central, http://ebookcentral.proquest.com/lib/apus/detail.action?docID=1375200. Created from apus on 2025-04-18 02:44:28.
C op
yr ig
ht ©
2 01
3. A
ue rb
ac h
P ub
lis he
rs , I
nc or
po ra
te d.
A ll
rig ht
s re
se rv
ed .