As we have seen in the previous article on Cryptography, this is a very important branch today for tasks to be carried out safely. In this second part we are going to delve a little deeper into finding out how the two most used algorithms work. In addition, we will discuss some common attack types in this area.
As we discussed in the previous article, Cryptography uses two encryption methods in its procedures, which differ mainly in the type of key used in each of them. On the one hand, we have the symmetric encryption method, which uses the same key to carry out the encryption and decryption process. As we have seen, this method is divided into block ciphers and stream ciphers, of which we are going to focus on the block cipher.
Block cipher, as its name suggests, encrypts the original message by separating it into blocks of a certain size. This method has several encryption algorithms:
- DES (Data Encryption Standard): This is a block encryption algorithm, created by IBM and accepted by the NIST (National Institute of Standards and Technology) in 1976. This algorithm has a 64-bit key, 56 are bits used by the algorithm itself for the key and the rest can be used to check parity and correct possible errors or be discarded, so the effective length of the key is 56 bits. Today it is no longer a cryptographic standard since it was broken in 1999.
- 3DES (Triple – Data Encryption Standard): Since it is currently relatively easy to break the DES algorithm, in 1998, IBM developed what would be its successor. This algorithm is simply based on employing the DES algorithm 3 times in an orderly manner. First, we encrypt the plaintext with a key, the result obtained is encrypted again, but with a new key, and the result of this is encrypted again with a different key, thus resulting in a 192-bit key, although only 168 would be effective. Even so, it is an algorithm that is slowly disappearing and being replaced in more and more places by AES, although it is still used to make some online payments.
- AES (Advanced Encryption Algorithm): This is actually a “contest” launched by NIST to select the successor to the DES and 3DES algorithms. The algorithm that forms that won the AES is Rijndael, an algorithm created by two Belgian cryptographers, Daemen and RijmenDaemen and Rijmen. The characteristics that the algorithm used by the US government to encrypt sensitive information, by the US private sector and, therefore, in the rest of the world, should have were the following:
▪ That it be in the public domain
▪ That it be symmetrical and support a minimum of 128-bit blocks
▪ That the keys could be 128, 192 and 256 bits
▪ That it could be implemented in hardware and software
This algorithm is based on the combination of several substitutions, variations and transformations, which are repeated several times, each one of them called “round”. In each round, a key is calculated from the encryption key, which is incorporated into the calculations. It is an algorithm in which the change of a single bit, either in the key or in the plaintext block, gives another completely different ciphertext block, so that not even the most powerful supercomputer today could break a AES key.
On the opposite side we have the asymmetric encryption method, in which it uses a public key and a private key for the encryption and decryption processes, which are complementary. This method employs different encryption algorithms:
❖ RSA (Rivest, Shamir and Adleman): is a cryptographic algorithm that was developed in 1977 by 3 cryptographers, whose surnames give the algorithm its name. This algorithm is currently considered one of the safest, since it consists of displaying the messages by means of numbers, which is the result of the multiplication of two great primes that have previously been chosen randomly and that are kept secret. By working with two different keys, and these are complementary, the message that is encrypted with the recipient’s public key can only be decrypted with the recipient’s private key.
One strength of this algorithm is that you have to deal with factoring large numbers. To minimize the chances that they could break the algorithm, we try to keep the number of paired private keys as low as possible.
❖ Diffie-Hellman: this is the beginning of public key systems, and consists of being able to share secret information through insecure channels, without it being computationally impossible for someone to intercept it to find out the private key. In the following illustration we can see the procedure followed to obtain the secret key, which will usually be used for future encryption.
As we have seen, there are algorithms to keep information confidential and secure, but there are also some techniques or methods that try to break the security of these algorithms to access information.
We can call this action cryptanalysis, which is the set of techniques that is responsible for trying to decrypt encrypted messages without knowing the necessary keys. Some objectives would be to discover the original message, alter the original message and have the receiver accept it believing that it is the authentic one or start a communication with the victim and have the victim classify the attacker as an authorized sender.
We are going to comment below on some of the most common attacks that are carried out.
- Brute force attacks: it consists of trying all the possible keys one by one until the correct one is found. Usually these attacks are not effective and sometimes not even workable when there are too many keys to try.
- Attacks on encrypted text: the person trying to decrypt the message knows nothing of its original content, and will work on the cryptogram, trying to find out something that is commonly repeated when encrypting certain types of documents or information.
- Man-in-the-middle attack: consists of placing oneself between the sender and receiver of the information and intercepting it. It occurs in communications that use, for example, Diffie-Helman, in which the adversary encrypts each of the parts of the communication with a different key.
- Dictionary attack: With this attack, the aim is to obtain the plaintext from the beginning. According to the CCN-CERT, it consists of “breaking the security of password-based systems (password) in which the attacker tries to find the right key by trying all (or almost all) the possible words or words listed in an idiomatic dictionary. Generally, special programs are used to take care of it.”
