Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Technology:
Cryptography
Michael Yamamoto
CPSP 227 T
J. Rosser Matthews
2
Abstract
secure communication and has been used in military, political, and economic sectors. As
internet commerce would collapse and it would be impossible to conduct any kind of
Background
Definitions1:
Cryptography - the science or study of the techniques of secret writing, esp. code
Monoalphabetic Substitution
Cryptography has been used by cultures as ancient as the Romans. Julius Caesar
was known to encipher messages to his generals by shifting each letter four positions,
making 'A' become 'D'; 'X' become 'B' and so on2. While very simple, this was an
effective and easily used method of writing secure messages without risking enemy
3
message (ciphertext). This is obviously rather weak as certain letters appear more
frequently than others and it is possible to determine, by trial and error which letters are
Mary Queen of Scots, in the 16th century, used a similar cipher that used a
specific, sometimes bizarre, character for each English letter. The decryption of this led
almost directly to her subsequent execution as it implicated her in her plot to overthrow
then queen, Elizabeth I. more than 16 centuries after Caesar, ciphers of similar
complexity were still seriously used. The level of cryptographic strength led to intense
social ramifications; if the cipher had been stronger, history as we know it might be
radically different.
Polyalphabetic Substitution
using different monoalphabetic ciphers depending on some formula. The Vigenère cipher
is the most well known of these, conceived in the mid-16th century and using a repeating
key with the Caesar Shift cipher to determine the multiple alphabets used. The nature of
the polyalphabetic cipher is that it is much more difficult to decrypt without more intense
mathematical analysis and a longer ciphertext. Fundamentally, a ciphertext for which the
key is of equal length as the plaintext would be wholly unbreakable, but unfortunately the
message if sent along the same channel. This problem of key distribution would not be
4
adequately addressed until the conception of public-key encryption algorithms in the late
19th century1.
polyalphabetic. In the WWI several schemes including the Playfair and ADFGVX cipher
came into use. Both fundamentally used a table of letters, though in drastically different
ways. Because they were novel they proved difficult to decipher but did not provide
incredibly leaps in cryptographic strength. Before long the algorithms were discovered
and defeated. The first major leap forward in cryptography occurred in World War II, in
which machines were used to add a level of complexity beyond simple human
processing.
Machine Cryptography
WWII saw the advent of machinated cryptography. Both Germany and Japan used
substitution ciphers in a complex manner. Without acquiring one of these machines it was
incredibly difficult to break these ciphers. However, at the same time as encryption began
to utilize improved technology, code breaking took advantage of the incredibly new
breakers to take advantage of processing power capable of performing basic tasks far
more quickly, easily, and accurately than by hand. Even with these early computers it
1
See Public-Key Cryptography page 6
5
Dawn of the Digital Age
cryptography took a new turn. With the increasing availability of computers it became
not only practical but necessary to use algorithms of increasing mathematical complexity.
These systems were divided into two distinct fields: private and public key cryptography.
Private-Key Cryptography
All early cryptography was done with a private key: that is to say, both the
sending and receiving parties had to know the key before hand and any outside party
could defeat the encryption by obtaining the key. Despite the obvious weakness of having
a key at all, private key algorithms are both strong when the key can't be and generally
easier to compute. Even the Vigenère cipher is completely unbreakable if the key length
equals the message length. The difficulty, as always, lies in key distribution.
In 1975 The United States set the Data Encryption Standard (DES), a Feistel
system which used the earlier parts of a message to encrypt the whole message in
addition to a key. The exact standard changed slightly, progressing gradually to triple
DES which gained increased cryptographic strength by executing the algorithm multiple
was developed in 1998 and approved in 2002 due to the increasing weaknesses in DES.
By 1999 it was possible to break DES in less than half an hour with dedicated hardware.
The use of these private key algorithms was made practical by public key
6
Public-Key Cryptography
In the late 19th century the concept of one way functions for cryptographic
purposes had been posited. In the 1970s several algorithms were created that are still in
use today. These dealt with two problems which are fundamentally NP-complete2: the
discrete log problem, and the prime factorization problem. While possible for small
numbers, these problems rapidly become infeasible to solve in real time with even
The concept of public key cryptography is that the receiver of messages chooses
certain secret numbers and using them calculates certain numbers which he distributes.
The distributed numbers are the public key and can be used to send messages to him. To
decrypt the message he must use his private numbers. The nature of the process used to
create the public key is such that it is not feasible to find the private key due to the
mathematical complexity. For instance, in RSA the public key is a composite number
which is the product of two primes and an only marginally related other number. The
private key is essentially the two primes which form the composite number. Since
factoring is an NP-complete problem, this cannot be easily done. This is readily seen as
even very small two prime products such as 391 and 667 do not have obvious factors.
2
See NP-Complete page 12
7
The primes used in RSA are on the order of hundreds of decimal digits in length 3 and so
The primary purpose of public key cryptography is in key exchange. The ability
to receive messages from anyone without their prior knowledge of a private key is crucial
to online commerce as well as most other secure communication. The problem with most
private key algorithms. This is why the two are often used in conjunction, allowing for
the benefits of both to play off one another: A relatively easily computed and strong
private key encryption is used with the private key communicated by means of the more
Political Communication
The political uses of technology are less pronounced than other uses but no less
national nature.
3
For example:
35324619344027701212726049781984643686711974001976250236493034687761212536794232000585
47956528088349
×
79258699544783330333470858414800596877379758573642199607343303414557678728181521353814
09304740185467
=
27997833911221327870829467638722601621070446786955428537560009929326128400107609345671
05295536085606182235191095136578863710595448200657677509858055761357909873495014417886
3178946295187237869221823983
Where this third number is the public composite number and the first two are the prime factors.
8
Secure international communication is of obvious importance. There is immense
value in being able to communicate with one or more parties without other parties being
able to interpret these communications. While of more serious nature during wartime,
these communications are just as vital in peacetime be they of economic or other nature.
distances, the ability to secure these long distance communications lines can prove less
than trivial. In any given crypto-system it is assumed that third parties can observe any
protect the communication. For this reason it continues to be quite common for
communication and has many of the same weaknesses. In more important cases the
communication may be conducted with security levels more consistent with international
policy.
Military Communication
a delicate and vital task. Many companies exist to facilitate and manage battlefield
communication but chiefly they must all balance out several important aspects.
9
First of all, battlefield communication must happen in real time. Whatever crypto-
message that the enemy will never be able to decrypt but will require half an hour before
your men are able to understand is often completely worthless. This timeframe
algorithms, or both. The balance in this case is of course one of cost vs. safety.
Safety is the second and also crucial element. While it is vital that the message be
communicable in real time it is also vital that the message be wholly safe from enemy
interception within the relevant timeframe. It is difficult to have both safety and ease of
of monetary cost, ease of operation, and hardware vulnerability. That is to say, the
given the military's budget, great though it may be. At the same time, the system can't
require soldiers to carry heavy electronic equipment, in most cases this means that the
possible. This means the crypto system needs to keep track not only of great amounts of
information including who to send what messages to and be able to cope with missing or
The requirements upon secure military communication are all incredibly intense
and the corresponding cost of failure is also high. Almost by definition the strength of the
crypto-system defines the safety of the lives of the soldiers relying on it.
10
The Internet
Agency Network) gradually split into a secure military network and the more public,
university-based internet. The internet continued to expand, especially with the invention
of the personal computer and by the turn of the 21st century it has become a multi-billion
page construct growing in response to social stimuli. As it has continued to evolve and
grow the internet has become one of the most powerful social tools in existence. It allows
global communication and dissemination of ideas while also providing a global platform
for businesses.
Personal Communication
While the postal service is still used for some official communications, more and
more written communication is occurring through the medium of the internet. E-mail is
used by almost all internet users at rates far in excess of communication in any former
age. This communication is secured, though in most cases only very modestly so.
Interception of e-mail occurs startlingly often and the hacking of e-mail accounts, a far
protect the user's account allowing only the password-holder to access the information
stored for him/her. The key difficulty here is in digital authentication of identity.
Authentication
11
While there are several fundamental methods of secure authentication all of then
essentially rely on the intended user having some secret piece of information which must
be transmitted and verified. Aside from the user's own ability to keep this information
secret, it is once again possible to intercept his communication with the verifier. Even for
unique items like fingerprints which can't practically be stolen, their digital representation
can be. The safety therefore lies wholly with the crypto-system transmitting the secret
data from the user to the verifying agency. Once again, the value and social construction
cryptographic algorithms. Rather, the social desire to communicate casually led to the
internet economy. Seeing the opportunity presented by the internet, businesses and banks
also utilize cryptographic algorithms to allow for money to change hands through the
internet.
an individual wishes to purchase something from an online store or check his bank
balance through the internet he must transmit private information allowing this
transaction to occur. Without adequate cryptographic protection this process would be the
12
Code Breaking - Past and Present
Dedicated Hardware
being dedicated to a single task such as factoring, but in their task they can out perform
personal computer by as much as 1000 times. Such hardware is relatively easy to build
but runs into the problem that most crypto-systems are still impractical to break even in
Computer Processing
Over the last several decades computer processing has rather startlingly obeyed an
exponential level of growth. While it may be slowing down as we reach certain atomic
limits, research both into nanotechnology and multiprocessing fuels the continued push
for faster and faster computers. As the capabilities of computers increases, the danger to
cryptosystems increases. AES will likely go the way of DES before it as computers grow
NP-Complete
What this means, essentially, is that the complexity required to solve them is very high to
13
the point where with sufficiently large values they are essentially unsolvable. This
systems in general. However, public-key systems are not without their drawbacks and
Political
private key algorithms. Unlike in commercial applications, nations can set a key long in
Military
aspects must be taken into account and balanced. The continued interplay between
computational power and military demand will determine the future of cryptography in
this field. So long as there is conflict, however, there will be the need for secure military
communication.
Economic
14
Every year the amount of commerce being conducted on the internet increases.
Banking, too, is moving almost entirely away from paper to online services. As more
Cryptographic strength will necessarily have to keep up with computational power or else
the entire system of online commerce, and the economy at large, will be at risk of
collapse.
15
Bibliography
• Singh, Simon. The Code Book. New York: Anchor Books, 1999
Works Cited:
16
1
Random House Dictionary
2
Suetonius - Life of Julius Caesar