Intro to Encryption 244
An anonymous reader submitted a Techworld story which is a sort of encryption primer. The difference between codes & cyphers, and what all those acronyms like RSA and DES actually mean. This is good primer material for newbs, and a good refresher for fogeys.
Garbage (Score:1, Insightful)
640 bits should be enough for anybody (Score:3, Insightful)
Usually, the weakest link will be the user using short keys or the user using the same password on a weaker system.
This is good primer material for newbs (Score:5, Insightful)
Here's part of what the article says about RSA:
"Unfortunately, nothing in life is free, and so it is with asymmetric cryptosystems. Since d can be computed from e given p and q, and p and q are the factors of N, they must be chosen so large that N cannot be factorised in any reasonable time"
THE ARTICLE NEVER STATES WHAT d, p, q, e OR N ARE. Sorry for the shouting but this piece o'crap is worthy of a
John.
Re:I realized something while reading the article. (Score:5, Insightful)
Unless we have other asymetric ciphers to fall back on, then e-commerce would be wiped out.
Additionally algorithms with very low computational requirements are of particular importance since we need encryption that can run on smart cards, but cant be broken by super computers.
Comment removed (Score:3, Insightful)
Best class in college (Score:2, Insightful)
Re:I realized something while reading the article. (Score:4, Insightful)
This may not be too big of a problem if we just have two people who need to send a few messages to each other as long as both can keep the pad safe, but it fails horribly in other situations. For instance lets say I want to send my credit card number to some online store, but I want to make sure it is encrypted first. Lets say the store writes a random pad for us to use. How do we share it? Somehow they have to get it to me without anyone else seeing it. But if we had a known secure method of communication, we wouldn't need the pad in the first place, now would we?
Public Key encryption solves this problem by allowing the store to develop the code and send me a key that only allows me to encrypt it (it can't decrypt anything). Thus it doesn't matter if the whole world intercepts the key, all that would allow them to do is encrypt more messages. It doesn't help them decrypt anything. Of course all these codes are usually based on problems that are mathematically hard to solve. If an easy solution is found (as with knapsack cryptosystems like Merkle-Hellman [wikipedia.org]), then it becomes easy to crack the codes, and thus we need to have other codes available. In addition, many decryption algorithms are very slow and thus work is done on more efficient algorithms (though slow ones like RSA actually can be sped up by only encrypting a private key with the public key scheme and using the private key to encrypt the actual message).
Hope that helps.
Re:SETI noise (Score:5, Insightful)
Often these systems were broken because the pads were misused: the same pad used multiple times, or the same pad used with some variation.
IIRC, the scheme you are purposing is similar to the way that the red telephone communication between the Soviet Union and the US, as well as embassy communications, was secured. In that case, special vinyl records were distributed that had to be started at the same point. The length of the record determined how long you can talk.
This essay on Bruce Schneier's site [schneier.com] highlights one of the chief weaknesses of the one-time pad: the key distribution problem. You have to figure out how to get your friend's CD to him without being intercepted. You also have to be sure that the computer that generated the CD's wasn't compromised; someone spying on your machine could just log what audio file you used, copy it, and generate their own key CD.
Considering that a CD can only hold around 700MB (for a standard audio CD), I would say the key space is small enough that even if an attacker doesn't know your position choosing scheme (your description of the system states that the position is part of the message, so I'm being generous here), it should be possible to brute force the message if he somehow gets access to the key.
Another problem is: you may suspect that you are being watched or the system is compromised, but your buddy may not. How do you communicate that information to your friend, especially if you aren't supposed to be in contact with them in the first place?
If the attacker has your key CD, he could send an encrypted message stating that you (the legitimate user) are the attacker? Then who would your buddy believe?
The benefit of public-key cryptography is that it limits the amount of data that needs to be shared in order to communicate. The keys used for encryption never leave the possession of the person doing the encryption. It is also relatively simple to generate new keys.
Of course, man-in-the-middle attacks can still happen. But if you can establish the first public keys that you and your friend will use in a secure manner (e.g. face-to-face meeting), subsequent public keys can be encrypted using the last trusted key, or by using other key sharing schemes.
Good For Newbs! (Score:3, Insightful)
- dshaw
Re:Handbook (Score:3, Insightful)
I'd recommend applied crptography by Bruce Schneier instead.
Seconded.
But keep in mind Schneier's opening statement in his next book, "Secrets and Lies", which says that "Applied Cryptography" has probably led to the creation of more bad security than any other single text. Not because the book is bad (it contains errors, but they're fairly minor) but because the book makes you think you're an expert. After plowing through some 600 pages of dense material, you *have* to be an expert, right? Unfortunately, no, after 600 pages you're a layman with a solid overview of the topic.
Re:intro to encryption (Score:4, Insightful)
Thanks. Actually it's been good for my karma. Some moderators dutifully comply--even on non-insightful humor bits. That's pretty funny.
Re:Inaccuracy in article? (Score:1, Insightful)
See http://www.interesting-people.org/archives/intere
(Also from this link)
NIST says: "For data that needs to be protected longer [than 2015], the key size should be at least 2048 bits." (Otherwise they recommend that the RSA keysize be at least 1024 bits)
RSA also says: "..high-value organization [RSA] keys should be at least 2048 bits"
So you would think anyone who knows about security would want to know the asymmetric key size as well as the symmetric key size of the secure web site they're visiting.
Not so. In Mozilla/Firefox you can see at a glance the symmetric key size sure, but to find out the asymmetric key size you have to find the actual key and calculate it yourself. In Mozilla you can reject ciphers based on symmetric encryption method and hash method but not whether they have low asymmetric (RSA) keys. It is theoretically possible for a "secure" website to use an obscenely low RSA key, let's say 72 bits but use a 256 bit AES symmetric cipher. Mozilla/Firefox will most likely proudly say that the site uses "high grade" security anyway!
You would think this would be a priority for Mozilla developers, right? Wrong.
This has been in Bugzilla for years, with numerous duplicates yet no-one is working on it.
See: http://bugzilla.mozilla.org/show_bug.cgi?id=78837 [mozilla.org]
Also see: http://www.dslreports.com/forum/remark,11293626~m