Chapter 12: Understanding Ciphers

Introduction

Ciphers have been used as far back as the Emperor Julius Caesar, who used a rudimentary cipher to send messages to his commanders. If a messenger was captured, the enemy couldn't read the message unless he was trained in the algorithm. A cipher is basically an algorithm that gives a selected group the ability to read a message. Wartime has always brought about the evolution of ciphers, such as the enigma machine used during War World II. The enigma machine, though primitive, brought about a new evolution. The enigma machine rotated the algorithm, unlike many ciphers that could be deciphered by anyone who knew the algorithm. The enigma machine did not execute the exact same cipher over and over again, but rather executed a set of ciphers and rotated them when needed. The allied forces were confused on many occasions simply because the algorithm was able to modify, or rotate, itself.

The enigma machine broke the pattern of using the same cipher algorithm constantly. Once it was taken, understood , and the finite set of rotations mapped, the enigma machine became useless. What was needed was a larger set of variables that could alter the cipher algorithm. Over time, and with the help of Diffie-Hellman and other algorithms, the key to lock and unlock a cipher algorithm evolved.

The evolution brought about the secret key that could be used for locking and unlocking the cipher. The secret key is used for symmetric ciphers , which use the same key for both encryption and decryption. The algorithm that evolved from the symmetric algorithm was the asymmetric cipher , which uses separate keys for encryption and decryption. The idea of having two keys is to allow only the decryption key to be made public to other users, and to keep the encryption key secure. If the enemy captures the decryption key, the messages can be read but not written, which prevents the enemy from writing new messages after the interception. If the enemy captures the secret key, he or she could read the message and also rewrite a different message to confuse the others that use the secret key.

The security of the cipher keys gives the ability to lock and unlock the messages by encrypting and decrypting them. Digital keys should be guarded to protect information, just as physical keys are guarded to protect physical property. The information transported in messages is informational property. Even though some information could be thought of as trivial, such as e-mails to various people in customer service, those e- mails could be monitored to get information about servers. That information could then be used to guess at passwords, for example.

Some break-ins to some of the most secure systems start out with the most trivial information. It is important to try to secure as much information as possible. The war that industry fights now is one against industrial espionage. Just as the enigma machine was broken during WWII, so are the coding algorithms of organizations broken today. Just as the plans of U-boat attacks were being read, so is the code of a new software release.

The best advice that can be offered to organizations is to have a security department for handling digital protection. The organization should staff the security department with trained professionals and establish protocols and requirements for handling multiple contingencies.

An example from past experience is what I call just blocking entry. One organization used badges and VPNs to block access into the organization, but once inside there were no cameras and very few monitoring tools. The organization had issues with people stealing things overnight, and the best advice that I could give was to have multiple levels of security inside as well as at the entry into the organization. The same advice applies to encryption. Not only should organizations have firewalls, but also their data and e-mails should be encrypted when possible.