More on crypto...
The algorithm used to encrypt with a Ceasar cipher took place
in the guys'
little pointed heads instead of in a computer and went like this:
1. Look at the plaintext letter
2. Count four letters down the alphabet
3. The letter you end up with is the ciphertext
4. Write that letter down.
5. Move to the next plaintext letter
You just read an algorithm!
The guys would start at the top of the message and do this
over and over
until the enciphering was done. The decryption steps were
the same as above
but done backwards, counting four letter UP the alphabet.
That's an
algorithm.
Algorithms used in ciphers today are seriously complicated,
but are based
around the same idea of taking a math action and turning it into
an
automatic process that goes until it solves a problem, in this
case the
problem of encrypting and decrypting stuff. Have you heard
names like
"RSA," "IDEA," "DES," "Blowfish,"
"CAST," and "El Gamal?" Those are the
really popular algorithms (Except for DES. DES is the old unpopular
one
that's getting a little weary and tired).
To make things more confusing, sometimes the algorithms that
encrypt and
decrypt are different. We'll go into why later, but just
remember, the
"encryption algorithm" turns plaintext into ciphertext,
and the "decryption
algorithm" turns ciphertext back into plaintext.
Now what
C. The key to it all
Awright, chitlins, this is the funnest part. The
key to the cryptosystem!
Keys are super-important. A key is the special information
that the
algorithm uses in its job of encrypting and then later decrypting
messages.
If you're thinking about a key as in how you lock your
house, you is right
on de' money. Your key to your house has to fit your lock
perfectly. It
has to be able to lock AND unlock your house. Most importantly,
it has to
be different from most other keys, so your neighbor can't just
wander into
your locked house with HER key and dig into your chips and guacamole.
Like
she lives there or something, sheesh! I get really bitter
when that
happens. Keys are important.
The cryptosystem key is what makes the encryption different
for everybody
that uses it. People have to use the same algorithm to
encrypt and decrypt
stuff, so there has to be something in the whole chain that is
used to make
your encryption special. The algorithm HAS to have a special
key, not like
anyone else's.
Back in the old days people would use passphrases like
Bible quotes and
sayings as keys. Then they would use numbers. The
smart ones would use
both. What they could use as a key depended a lot on what
kind of a system
they used.
Now when we actually look at today's keys, they look like
big blobs of
numbers and characters and who knows what else. This is
the first few lines
of one of my public keys, check it out:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP for Personal Privacy 5.0
mQGiBDU3uhARBAD6JcwWAU68HZUtONoew0sB24wr5v9YCDEPHy4rb/141+l4pOOh
qgvogHAaulE6qmy8fePWuPtJKGOJXoVKlalZIs1ibi+aiOwqwFDHTEp8dQBlHXDB
edc+USPh7WBms08RmEHotZwrJJfBdKWLjldzoe5oBLSb+LKs5Q+SB8GjMwCg/3C2
Nuts, huh? Important thing: that is just the "text"
way of showing
something that the computer really sees as 100% digital.
If you looked at a
digital "binary" (that means ones and zeroes) version
of that same key the
way the algorithm has to work with it, it'd be way bigger and
would look like:
110101 110011 10001110010011 111110100101010101011010 110011
1111101001 10101010110 0011111010010101 1010110100 100101011
110101 110011 00101010101011010 110011 10001110010011 111110
... and on and on and on.
~~~~~~~~~~~~~~~~~~~~~~~~ Head Exercise ~~~~~~~~~~~~~~~~~~~~~~~~
Pretend for a second that you're the algorithm. You're
the process that
the program repeats over and over to encrypt the data.
This is what you
would do:
First off, you would be waiting inside the PC wishing the
air conditioning
worked. Then the user would type a letter that they wanted
encrypted. As
soon as they clicked on the program to encrypt the message, the
program
would kick you in the behind and swing you into action.
You would take the person's key in one hand, and only take
a little piece
of the message in the other, and start adding them to each other
and mashing
them around together till you were finished with that piece of
message.
Then you would grab the next piece of the message, the same key,
and do it
over again. You would repeat this until all of the text
looked like it was
put through a meat grinder.
The way you would know your job was done with each piece
of text (called
"blocks" by cryptopeople) was when you had done however
many steps (called
"iterations" by cryptopeople) you were supposed to
on that block. That
would be your signal to move on to the next block. The
way you would know
you were done with the whole shebang was when you ran out of
pieces of text
to encrypt, or should I say - when you ran out of "blocks"
of "plaintext" to
perform "iterations" on.
Do me a favor, think about whether or not you would have
understood that
last sentence before you started reading this ... it sounded
cool anyway -
Heh heh heh.
So to sum up: the algorithm does all the freaky mish-mashing
on your
message using the unique key as the tool. That is what
makes the encryption
of a message different for each person, because each person has
a different key.
So that's the part of the algorithm where the key "fits
in."
Get it? "Fits in?" Nevermind.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
D. How do you make a key?
The way the key is generated is really super important.
It's also the
easiest part for you because the software you're using will do
all that for
you. Each crypto program will have different crazy ways
of making its keys.
Some of them tell you to swirl your mouse around and pound on
your keyboard
for a while. Why do you do this? The answer is simple:
random data.
You have to use as much random and unpredictable stuff
as you possibly can.
The reason for this is that if you use really predictable and
non-random
information like the date and your name to make a key, some attacker
who
wanted to read your encrypted email could guess what your key
is really
easily by playing with that kind of info until he had it right.
If people
can guess your stuff THAT easy, sheesh what's the point?
That ain't real
cryptography, it's kindergarten cryptography. You HAVE
to have random
numbers in a cryptosystem.
~~~~~~~~~~~~~~~~~~~ Head Exercise ~~~~~~~~~~~~~~~
Random numbers are tougher to come up with than you might
think. Here's an
example of what I'm talking about:
Pretend for a second that your crypto program comes up
with keys by taking
the date, say 1-15-98, and multiplies it by 50 (011598 x 50 =
579900) and
then randomly comes up with another number by multiplying two
double digit
numbers (like 36 x 73 = 2628 and then multiplies them all: 1523977200
is the
result.
That's 1011010110101100000101111110000 in binary form.
Looks pretty
random, huh? But it's not at ALL.
A cryptanalyst can come along and take the output of all
possible dates
multiplied by 50 (there's only 365 numbers it could be), and
then go through
all those and multiply them by non-prime integers between 1000
and 9801
(there are only so many products of double digit numbers) and
he will have
your key before you can blink.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This is where we have more help from programmers.
They write programs
called "Random Number Generators." They're super
high-tech programs way
deep inside the key-making programs that use really strange stuff
(like
static) and weird things (like how you type) to come up with
freaked-out
numbers that NOBODY would have predicted. These Random
Number Generators
are often just called RNGs and are a real vital part of making
a key.
Always remember that the program for generating a key is one
of the most
intense and crucial parts of any cryptosystem.
More crypto--->>
