Six Myths about Ontologies: The Basics of Formal Ontology
Cryptography Basics Pki
1. Unit 1 : Cryptography Basics Introduction and Key Terms
LEARN CRYPO & PKI
« La Citadelle électronique »
Cryptography
A technology for protecting you digital asset
And then design Security Solution
2. Introduction and Key Terms Unit 1 : Cryptography Basics
TRAINING CRYPTOGRAPHY & PKI
Author: Sylvain Maret
Security architect, PKI instructor & Checkpoint instructor
(Checkpoint CCSE)
Dimension Data (Swiss) formerly Datelec
Cédric Enzler
IPSEC & cryptographic engineer, PKI instructor
Dimension Data (Swiss) formerly Datelec
Revision: Version 1.5, October 1999, rev. August 2000
3. Unit 1 : Cryptography Basics Introduction and Key Terms
TABLE OF CONTENTS
Learn Crypo & PKI _______________________________________________1
Training Cryptography & PKI ______________________________________2
Table of contents _________________________________________________3
1. Cryptography Basics ___________________________________________5
1.1. Introduction _______________________________________________________5
1.2. Key terms _________________________________________________________5
1.3. Miscellaneous Cryptosystems _________________________________________7
1.3.1. Secret Key __________________________________________________________ 7
1.3.2. Public Key __________________________________________________________ 7
1.3.3. Message Digest ______________________________________________________ 7
1.4. Cryptography in history _____________________________________________8
1.5. Cryptoanalysis ____________________________________________________20
1.6. AES (Advanced Encryption Standard) ________________________________22
1.6.1. Overview of the AES Development Effort ________________________________ 22
1.6.2. Minimum Acceptability Requirements ___________________________________ 23
1.6.3. AES Round 2 Finalists ________________________________________________ 23
1.7. Smart Cards ______________________________________________________25
1.7.1. Introduction ________________________________________________________ 25
1.7.2. What kinds of Smart Cards are available? _________________________________ 25
1.7.3. Symmetric / Asymmetric Cryptoprocessing _______________________________ 26
1.7.4. Smart Cards with different “flavor” ______________________________________ 26
1.7.5. Memory Cards ______________________________________________________ 26
1.7.6. Symmetric Cryptoprocessor Cards ______________________________________ 27
1.7.7. PKI Smart Cards ____________________________________________________ 27
2. PKI Applications (lab exercises)_________________________________29
2.1. Symmetric file encryption ___________________________________________29
2.1.1. Lab Exercise 1 ______________________________________________________ 29
2.2. Message-Digest Algorithms __________________________________________33
2.2.1. Lab Exercise 2 ______________________________________________________ 33
2.3. Securing the desktop _______________________________________________37
2.3.1. Introduction ________________________________________________________ 37
2.3.2. Blowfish Advanced CS _______________________________________________ 37
2.3.3. Lab Exercise 3 ______________________________________________________ 40
2.4. PGP (Pretty Good Privacy) __________________________________________46
2.4.1. The PGP Symmetric Algorithms ________________________________________ 46
2.4.2. About PGP Data Compression Routines __________________________________ 47
2.4.3. About the Random Numbers used as Session Keys__________________________ 48
2.4.4. About the Message Digest _____________________________________________ 48
2.4.5. Encryption and Decryption ____________________________________________ 49
2.4.6. Digital Signature for PGP _____________________________________________ 50
5. Unit 1 : Cryptography Basics Introduction and Key Terms
1. CRYPTOGRAPHY BASICS
1.1. INTRODUCTION
It is likely that almost all students attending our “introduction to PKI” already have at least a
basic knowledge of encryption and related subjects. Consequently, some of you might wish to
skip this chapter: defining a terminology or a set of cryptography key terms is austere. However,
we decided to begin with this less exciting section because we noticed, in many discussions with
people familiar to the field, that terms definitions are often mixed up. As a result, we decided to
start with simple definitions of key terms, which will be used constantly in the course, in order to
provide the basis needed to understand the subject.
1.2. KEY TERMS
A message will be defined as plaintext or cleartext.
The process of disguising a message to hide its substance is encryption.
The encrypted message is refered to as ciphertext.
Decryption is the process turning cyphertext back into plaintext.
You can see hereafter a schematic view of these definitions:
Cryptography Key Terms Figure 1
Cryptography is the science allowing messages to be kept secure.
Cryptanalysis is the art and science of breaking ciphertext (seeing through the above disguise).
Cryptology is the mathematics branch encompassing both cryptography and cryptanalysis.
Today, as cryptology is based on mathematical properties of numbers both in modern algebra and
number theory, cryptologists are theoretical mathematicians.
6. Introduction and Key Terms Unit 1 : Cryptography Basics
Encryption and decryption are conducted by way of a set of mathematical functions, referred to
as cryptographic algorithm or cipher. Besides providing confidentiality, cryptography is
required to provide other security feature, as:
- Authentication: It should be possible for the receiver of an encrypted message to be certain
of the sender’s identity. Authentication is the process that guarantees the respect of this rule.
- Non repudiation: Inability of a sender to certify he was not the sender of the ciphertext.
- Integrity: Provides a guarantee that the message was not modified between the sender and
the receiver.
First ciphers or cryptographic algorithms suffered a major drawback : their security was based on
the secrecy of the algorithm itself. As a result, every time a user was leaving the group of people
knowing the algorithm, all other users had to switch to a different one! We understand today that
this is not acceptable, therefore these ciphers, called restricted algorithms, are not used anymore.
Modern cryptography worked around this drawback by introducing the concept of key. In these
algorithms, security is based on key(s), meaning that the algorithm can be published at no risk. In
most cases, the key used for encryption is not the same as the one used for decryption. As a
result, the above diagram is modified as follows:
Cryptography Key Terms Figure 2
A cryptosystem consists of a cipher, keys and all possible plaintexts and ciphertexts.
In some algorithms, the decryption key can be calculated from the encryption key. Both keys can
be similar or different. In this case, we talk about symmetric encryption (see further in the
course). In some other algorithms, both keys cannot be calculated from each other: this is called
asymmetric encryption or Public-Key encryption.