We’ve talked about the theory of cryptography before; now I will describe some of the main uses of cryptography.

Secure communications

The most obvious use of cryptography, and the one that all of us use frequently, is encrypting communications between us and another system. This is most commonly used for communicating between a client program and a server. Examples are a web browser and web server, or email client and email server. When the internet was developed it was a small academic and government community, and misuse was rare. Most systems communicated in the clear (without encryption), so anyone who intercepted network traffic could capture communications and passwords. Modern switched networks make interception harder, but some cases – for example, public wifi – still allow it. To make the internet more secure, most communication protocols have adopted encryption. Many older protocols have been dropped in favour of newer, encrypted replacements.

The best example is web encryption, since here you can choose between a clear or encrypted version of a website by switching between HTTP and HTTPS in the URL. Most large companies now use the encrypted form by default, and you’ll see that any visit to Google, Facebook, Microsoft Office 365 or other sites will be to the HTTPS version of the site. This is accompanied in recent browsers by extra information, including a padlock to show that it is HTTPS. Something you can try is to click the padlock on an encrypted page, and your browser will tell you more about the page security. It will also tell you the especially relevant fact of the actual site name you’re visiting. Therefore, if you’re entering a password in a page, please do check that it is HTTPS.

End-to-end Encryption

Email is one area where encryption is not widely in use. When email moves from server to server, and from server to you, it is encrypted. On the mail server and on your system, however, an administrator can read it. There are options to implement “end-to-end” encryption for email (I use PGP) but email systems are complex and these options are complex. Truly secure messaging systems – where only the sender and receiver can read the message – are those where encryption has been built in from the start. Whatsapp is good; Signal is better.

Storing Data

We all store a large amount of data, and any data is valuable to at least the person who generated it. Every operating system uses encryption in some of the core components to keep passwords secret, conceal some parts of the system, and make sure that updates and patches are really from the maker of the system.

A more notable use of encryption is to encrypt the entire drive, and require correct credentials to access it. UCL has recently implemented Microsoft’s Bitlocker on Desktop@UCL machines, and this means that without the user logging in the data on the drive is completely opaque. If someone took the drive and tried to read it, they would not be able to access any data. This has the occasional side effect of locking the system, so some UCL readers may have had to request the recovery key.

One notable point is that many encrypted systems nonetheless allow administrators of the system access. Office 365, for example, uses encrypted communications, but many senior Microsoft staff, and a few UCL administrators, can access the data. A relatively recent development is software to create encrypted containers on a drive. I have recommended Veracrypt to some users who need to create an encrypted volume which is completely under their control.

Storing Passwords

A cryptographically hashed password

In the last blog post I briefly introduced cryptographic hashing, a one-way mapping of a string to a fixed-length value. One of the main uses of this is to store passwords. It is very risky to store passwords in an accessible way. If stored in plaintext on a system, anyone who has access to the system – legitimate or malicious – can read the password. Encryption is only a partial answer to storing passwords. If someone has access to the system storing the encrypted passwords, they will probably have access to the encryption key to decrypt the password. Hashing, on the other hand, produces a relatively useless value for the attacker. A system will take the password on login, hash it, and compare to the hashed value. At no point will the system – or an attacker – have access to the plaintext password.

Cryptography is hard

The impression you might get from this is that encryption is difficult to implement properly. This is correct, unfortunately! I encourage everyone to use encryption more, and I’m always happy to give advice. If you have any questions, please contact the team.

My colleague Gen gave a very good primer on the basics of cryptography last week. In this post I’ll expand some more on the theory of cryptography, and in my next post I’ll talk about some of the main applications.

It is only in the last forty or so years that cryptography has been a formal science with mathematical backing. Prior to the 1970s, cryptosystems were usually designed in isolation and had little in the way of mathematical proof for their strength. It is the development of cheap, fast computing that has allowed cryptography to become a routine activity, and large amounts of theoretical work by government and academia in the 1970s on has created a systematic way of developing cryptosystems and proving their strength (or lack thereof!).

Terminology

Symmetric encryption, or “secret key encryption”

Cryptography means literally “secret writing”. The parties communicating in cryptography are usually called Alice, “A” and Bob, “B”. A third party trying to eavesdrop on their communications is usually called Eve, “E”. We talk about ciphers, rather than codes – codes and encoding are a means of representing some message in another format, and in do not specifically imply secrecy.

Gen mentioned asymmetric cryptography, with a public and a private key. This is often referred to as “public-key cryptography”, because of the fact that one of the keys is public. Other encryption is called symmetric, because the same key is used for both encryption and decryption. This key has to be kept secret, thus symmetric cryptography is also called “secret-key cryptography”. A key feature of asymmetric encryption is that it is possible to establish a new, secret channel over a monitored communication channel – in other words, you can set up a secret session even if someone is watching every bit of traffic on your network connection. This is what you are doing every time you visit a secure website, or your Outlook mail client talks to the mail server.

I’ll explain one more cryptographic concept – the cryptographic hash. This is not a cipher as such. Instead, it’s a one-way, unique transformation of data of any length to a data string of a specific length, called the hash. One-way means you cannot find the original data from the hash, and unique means that different input data always produces a different hash.This might sound rather arbitrary and useless, but it is vital to the functioning of encryption systems.

Strength and Speed

Asymmetric encryption sounds like a better deal – you can set up a secure connection over a clear channel. Symmetric encryption is used far more often, however, because it is much faster and more space-efficient than asymmetric. The mathematical operations to perform asymmetric encryption (exponentiation or elliptic-curve calculations on big numbers) are much more demanding on a computer CPU than those for symmetric encryption. The usual process for a secure connection is for the client and server (browser and web server, Outlook and mail server) to perform a handshake with asymmetric encryption, use this secure channel to exchange a symmetric secret key, and then use symmetric encryption for the rest of the conversation.

Cryptosystems Become Obsolete

Computers are getting more powerful over time, and this has a specific meaning for cryptography. Systems that are strong when designed will usually be increasingly vulnerable to simple brute force attacks (trying every possible key against the encrypted message). Researchers will also work on the theory behind given cryptosystems, often finding weaknesses in the design or implementation, and leading to more efficient attacks.

A good example of this is the Digital Encryption Standard (DES), which is a US government standard first developed in the 1970s. This is a symmetric cipher with a 56-bit key size, and it has some very interesting features for the 1970s. IBM designed DES originally, and submitted it to the US government for approval. The National Security Agency (NSA) recommended some changes, and DES was accepted as a US government standard. Years later it was discovered that unclear changes recommended by the NSA at the time made DES more resistant to differential cryptanalysis (which was unknown at the time), and IBM admitted that this attack was known to IBM and the NSA at the time. Research has discovered other weaknesses in DES, however, and the short key length and cryptographic weaknesses means DES is no longer regarded as secure. It was first broken in 1997, and was replaced by AES (Advanced Encryption Standard) in 2002.

Some cryptosystems are designed with a variable key length, so keys can be made longer (and systems stronger) as required. Managing cryptosystems against performance and attacks is an ongoing process.

Next up – applications of cryptography!

Cryptography is a highly important concept within Information Security. You may not be aware of it, but we depend on cryptography on a daily basis to secure our data. Whenever you do online shopping, log in to Facebook or check your bank account balance, your information is automatically encrypted. We use encryption to ensure that if someone is able to obtain our data, they aren’t able to read it.

How does it work?

Encryption is the act of transforming information from a readable form (plaintext) into an encrypted form (ciphertext). For example, the text you are currently reading is in plaintext and is therefore unencrypted. To encrypt the text, we need to apply an algorithm or a mathematical formula that will change its content. The most well-known and simplest form of encryption is called the ‘Caesar cipher’. It is said to have been used by Julius Caesar to send secret military orders to his generals. The Caesar cipher works by shifting each letter of the plaintext by a certain number of letters. The number of letters we shift by acts as a key.

For example, if we shift each letter of the word “secret” by 3 we get a ciphertext output of “vhfuhw”. In order for the recipient to then transform the ciphertext back into plaintext, they simply apply the reverse action (shift 3 to the left). Check out this online tool that demonstrates the Caesar cipher in action: http://www.xarg.org/tools/caesar-cipher/. The Caesar cipher was sufficient to encrypt messages 20 centuries ago but it is no longer considered to be secure. Modern day encryption algorithms employ a highly complex formula to ensure that even the most powerful computer systems aren’t able to decrypt the data without the correct key.

The Caesar cipher falls under the category of symmetric cryptography. This means that the same key is used to decrypt the data as the one used to encrypt it. This poses the problem of key exchange. How do we ensure that only our intended recipient has the correct key? If we do not take sufficient precautions when providing our key to the recipient, it can easily be apprehended by a malicious third party rendering the whole process useless.

Asymmetric cryptography

Asymmetric cryptography solves the problem of key exchange by employing two mathematically related keys – a public key and a private key. The public key is shared with everyone and is used to encrypt the data we are sending. The private key, on the other hand, is used to decrypt the data and is only known to its owner. If I want to send an encrypted email to you, I would use your public key to encrypt the message. This ensures that only you are able to decrypt the message as your private key should only be known to you.

Asymmetric cryptography also allows us to sign messages in order to prove that we are the ones that sent them and they haven’t been altered in transit. This is done by encrypting the message using our private key. If others then use our public key to decrypt the message, this proves that the message came from us and is legitimate.

These are just some of the basic concepts within cryptography but they provide all sorts of possibilities to improve security in the digital world.