We talked about some of the development of cryptology and how simple things like substitution ciphers are ineffective. These notes summarize key points about the cryptologic concepts which are widely used in today's networks.

AES

• A symmetric key method.
• Both parties must have the same key so exchanging keys securely is important.
• Uses block chaining so that repeated strings in the plain text do not result in repeated strings in the cipher text.
• Computationally fast - no multiplies or divides.
• Cannot be attacked with even a chosen plain text attack.
• Can only be attacked by exhaustive trying of every possible key.
• Generally used with 256 bit keys.
• AES is implemented in hardware in many computers.

RSA Public Key Cryptography

• There are two keys called the public key and the private key.
• These are long. Lengths in use are 1024 bits, 2048 bits, and 4096 bits.
• Data encrypted under the public key can be decrypted using the private key.
• Data encrypted under the private key can be decrypted using the public key.
• One party keeps the private key secret and publishes the public key. Thus if if a user receives data encrypted under the private key, when they can decrypt using the public key, they know the holder of the private key sent the message. Likewise, when a user encrypts a message with the public key, only the holder of the private key can decrypt the message.
• The only known way to attack is factoring a large number (the size of the keys) which is computationally impractical.
• RSA encryption/decryption is computationally intensive because of the need to exponentiate. Thus it is often used to encrypt hashes or to encrypt the exchange of AES symmetric keys.

Hash

• A one way mathematical function changing a string of bits to a fixed length (and much shorter usually) string of bits.(*1)
• Most common algorithms are SHA-1 and SHA-256.
• Computationally impractical to find any other string of bits that hash to a particular value. Thus an attacker cannot change data in a message that has the same hash as the original message.
• The hash, being shorter, cannot be used to reproduce the message.

Notes:

1. Sometimes the hash is longer than the message. The most common instance is passwords. To be safe, quality web sites do not store user passwords in databases. They store a hash (e.g. SHA-256 which produces a 256 bit hash) in the database. When the user types in the password, it is also hashed. The site compares the hashes. Thus if an attacker gains access to the password database, all they can do is try passwords to find one that produces the same hash. This is why using trivial/common passwords is such a bad idea.