Cryptography
Cryptography or cryptography ( altgr. κρυπτός kryptós hidden ',' secret ' and γράφειν gráphein, write ') was originally the science of encrypting information. Today it deals generally with the topic of information security, ie the design, definition and design of information systems that are resistant to unauthorized reading and modification. The cryptography together with the cryptanalysis (also: cryptanalysis ) cryptology.
- 6.1 factorization
- 6.2 Further applications of number theory
Terminology
Length of the term was synonymous with cryptography encryption, the conversion of information from a readable state ( plaintext ) into apparent nonsense ( ciphertext ). Decryption means the opposite, ie converting a ciphertext into a comprehensible plain text. A cipher this is a way to encrypt or decrypt. The detailed procedure of a cipher is controlled in each step of both the algorithm and the key. The latter is a secret parameter, which is only the communicating parties are ideally he is chosen specifically for encryption and decryption process. As a cryptosystem the totality of all possible elements, such as plain text, cipher text, keys and encryption algorithms is called, which together make up the system. Keys are important, as ciphers without variable keys can be easily broken, even if only the ciphertext is known. Such encryption methods are therefore useless for most purposes. In the story, ciphers were often used directly for encryption, without additional procedures such as authentication or integrity check.
In colloquial usage, the term code can refer to both an encryption method and the secrecy of a meaning. However, he is specifically defined in cryptography and here means that a part of the plaintext is replaced by a particular code word (example: Hedgehog replaces attack at dawn ). Codes are largely no longer used in modern cryptography, except for individual indicators (eg Operation Overlord ), since well-chosen ciphers are both practical and safer than the best codes and beyond even better adapted to computers.
Cryptanalysis, however designated, research at methods by which the importance of encrypted information without the knowledge of the key to be found. This means that examines how encryption algorithms or their implementations can be "cracked".
Often the terms cryptography and cryptology are equally used, while the U.S. military cryptography usually refers to cryptographic techniques and cryptology for example on the integrated research of cryptography and cryptanalysis. Cryptography is thus part of cryptology.
Investigating features of a language, the application in cryptography, see (for example, letter combinations ), crypto is called linguistics.
Delineation for steganographic
Both cryptography and steganography have to protect the confidentiality of a message to the destination. However, they differ in the starting point of the process:
- Cryptography to encrypt the message. Thus, it ensures that an uninvolved third person who gets the ( encrypted ) data to the face, the importance can not detect.
- Steganographic methods hide the channel used for communication. An uninvolved third person thus remains ignorant of the communication.
Cryptographic and steganographic techniques can be combined. For example, an encryption ( cryptography ) of a message that is communicated over a buried channel ( steganography ), means that even after the discovery and successful reading of the channel, the content of the message remains secret.
Objectives of Cryptography
Modern cryptography has four main objectives for the protection of information:
Cryptographic methods and systems are not necessarily all of these goals.
Methods of Cryptography
Cryptographic methods can be divided into classical and modern methods. This classification corresponds essentially with the division into symmetric and asymmetric algorithms.
- Methods of classical cryptography, as long as the encryption is no electronic computers were used, it was replaced in the encryption (at this time the only application of cryptography ) always complete letters or groups of letters. Such methods are now outdated and unsafe. Transposition: The letters of the message are simply arranged differently. Example: garden fence method or Skytale.
- Substitution: The letters of the message are replaced by some other letter or symbol; see Monoalphabetic substitution and Polyalphabetic substitution. Examples include the Caesar cipher and the Vigenere encryption.
History of cryptography
Classical cryptography
The earliest use of cryptography can be found in the third millennium BC in the ancient Egyptian cryptography of the Old Kingdom. Hebrew scholars used in the Middle Ages simple character replacement algorithms ( such as the Atbasch encryption). In the Middle Ages throughout Europe a variety of ciphers for the protection of the diplomatic correspondence in use, such as the Alphabetum Kaldeorum.
End of the 19th century there was due to the widespread use of the telegraph ( which you could easily tap into and listen ) to new considerations in cryptography. So formulated Auguste Kerckhoffs of Nieuwenhof with Kerckhoffs ' principle a principle of cryptography, after the security of a cryptographic method is to be based solely on the secrecy of the key - the procedure itself does not have to be kept secret; On the contrary, it can be published and studied by many experts.
Cryptography in World War II
During World War II mechanical and electromechanical ( T52, SZ42 ) cryptography systems have been used numerous, although in areas where this was not possible, continue to manual systems were used. During this time significant progress has been made in the mathematical cryptography. Necessarily, this happened only in secret. The German military made extensive use of a known as ENIGMA machine was broken by British code breakers in the framework of the project " Ultra".
Modern cryptography
Beginning of modern cryptography
The era of modern cryptography began with Claude Shannon, possibly the father of mathematical cryptography. In 1949 he published the article Communication Theory of Secrecy Systems. This article, along with his other works on information and communication theory, established a strong mathematical basis of cryptography. Thus ended a phase of cryptography, which was based on the secrecy of the proceedings, to prevent decryption by third parties or deter. Instead of this - with a wink and Security by obscurity - called tactics to use cryptographic techniques must now face the open scientific discourse.
Data Encryption Standard ( DES)
1976, there were two major advances. First, this was the DES (Data Encryption Standard ) algorithm, developed by IBM and the National Security Agency (NSA ) to create a secure unified standard for the inter-agency encryption (DES 1977 under the name of FIPS 46-2 ( Federal Information Processing Standard ) published). DES and more secure variants thereof ( 3DES) are still used today, for example, for banking services. DES was replaced in 2001 by the new FIPS -197 standard AES.
Asymmetric cryptosystems ( public-key cryptography)
The second and more important step was the publication of the article New Directions in Cryptography by Whitfield Diffie and Martin Hellman in 1976. This paper presented a radically new method of key distribution and gave impetus to the development of asymmetric cryptosystems ( public key method ). The key exchange was to date one of the fundamental problems of cryptography.
Before this discovery, the keys were symmetrical, and the possession of a key allowed both to encrypt and decrypt a message. Therefore, the key between the communication partners had to be exchanged over a secure way, such as by a trusted courier or in the direct meeting of the communication partner. This situation quickly became unmanageable when the number of people involved increased. A respective new key for each communication partner is needed when the other party should not be able to decrypt the messages. Such a method is referred to as symmetrical or as a secret key method ( secret key ), or Shared key process ( shared secret ).
In an asymmetric cryptosystem is used a pair of matching keys. One is a public key that - is used to encrypt messages for the key holder - in the case of an encryption method. The other is a private key, which must be kept secret by the key owner and is used for decryption. Such a system is referred to as being asymmetrical, as for encryption and decryption using a different key. With this method, only a single key pair for each participant will be required because of the possession of the public key does not set the security of the private key on the line. Such a system can also be used to create a digital signature. The digital signature is calculated from the data to be signed or its hash value and the private key. The correctness of the signature - and thus the integrity and authenticity of data - can be checked by appropriate operations with the public key. Public Key methods can also be used for authentication in an interactive communication.
On 17 December 1997, the British GCHQ ( Government Communications Headquarters in Cheltenham ) published a document in which they stated that they had found a public-key method even before the publication of the paper by Diffie and Hellman. Various classified as secret documents were written in the 1960s and 1970s, inter alia, by James H. Ellis, Clifford Cocks and Malcolm Williamson, similar to those conducted on draft RSA and Diffie -Hellman.
Homomorphic encryption:
A homomorphic encryption scheme allows to perform calculations on encrypted data. The cryptographer Craig Gentry was able to prove in 2009 that an encryption method exists that allows for arbitrary computations on encrypted data. A homomorphic encryption plays an important role in cloud computing. To avoid misuse of data in the processing of sensitive data, it is desirable that the service expects only the encrypted data and the plaintexts never gets to see.
Cryptography and mathematics
The security of most asymmetric cryptosystems based on the difficulty of problems that are studied in computational number theory. The best known of these problems are the prime factorization and finding discrete logarithms.
Factorization
The security of public-key cryptography faktorisierungsbasierten is the use of a product of large prime numbers, which serves as the public key. The private key consists of the associated prime factors or values derived therefrom. The decomposition of a sufficiently large number is considered to be impractical due to the very complex factorization.
Figuratively speaking, it is difficult despite sophisticated factorization to find the divisors of a number, such as the number 805 963. The difficulty is relative to the length of the number, which leads in sufficiently large numbers that the factorization would take on a supercomputer thousands of years. In practice, therefore numbers with several hundred decimal places are used. For the multiplication of large numbers, however, there are efficient algorithms; so it is easy to calculate to two factors ( 919 and 877), the product ( 805 963 ). This asymmetry in the cost of multiplication and factorization makes you look in at faktorisierungsbasierten public-key method to advantage. Cryptographically secure method are then those for which there is no better way to break the security as factoring a large number, in particular, the private not be calculated from the public key.
Other applications of number theory
Besides the factorisation find both the discrete logarithm problem ( ElGamal cryptosystem ) as well as advanced methods of algebraic number theory, such as the encryption on elliptic curves ( ECC) wide application.
Another field of application is the coding theory, which is based in its modern form on the theory of algebraic function fields.
Future developments
The most important current public-key methods (RSA, methods based on the discrete logarithm in finite fields (eg, DSA or Diffie -Hellman )) are theoretically broken by so-called quantum computers in polynomial time, and Elliptic Curve Cryptography and could thus lose their security.
Another theoretical method for attacks on cryptographic methods would be the use of DNA -based computers. These could be more effective than traditional computer break down certain symmetric methods because of the extremely large number of it working in parallel " processing units " (DNA fragments).
Cryptography and society
In the Internet there have been calls even after private-key encryption. So far, there were governments and major global companies that could use RSA encryption due to necessary, high-performance computer. The American physicist Phil Zimmermann then developed an RSA encryption for the general public, he Pretty Good Privacy ( PGP) named and released in June 1991 on Usenet. New to this method was the ability to send an e- mail to sign a digital signature that identifies the originator of the message clearly.
Cryptography and right
Because it make advanced, computerized every possible to encrypt information securely, there is a need on the part of governments to be able to decrypt this information. The creator of PGP, Phil Zimmermann, the U.S. government even wanted to sue (in the U.S. falls cryptography under the Arms Act ). She put the process, however, a result of public protests.
Basically, the decryption is possible only with the possession of the private key. In France, from 1990 to 1996 a law obliging for depositing this key with a " trusted authority ". This was associated with a ban on other methods and key. A journalist who wanted to practice this, however, it is not able to find a competent authority.
In Germany and in the EU there are many years debates about regulatory control of cryptography. A ban on cryptography is not practical because the algorithms are known and everyone could write with the necessary programming skills a program itself. Web applications such as electronic banking or shopping are not conceivable without cryptography.
In most countries, products that implement a secure encryption, which are subject to export restrictions.