Encryption is the process of transforming data into unreadable code and then restoring it to its original readable form when it reaches its destination. Encryption is used to protect data from prying eyes, to authenticate users on a network, and as a form of access control to block unauthorized persons from accessing data. You can also use encryption to verify the integrity of data and ensure that it hasn’t been tampered with or damaged in transit.
Before getting started, it’s important that I define a few of the terms that are used in this chapter and that you’re likely to encounter whenever you read about encryption. Understanding these terms is useful, because an increasing number of computing products include some sort of encryption, and you’re likely to encounter these terms in product reviews, articles, and user guides.
Many of the terms share the same root, crypt, which comes from the Greek word Kryptos meaning obscure, hidden, secret, and mysterious — a perfect fit for the science of obscuring and hiding messages.
Cryptography is the science of converting data into secret code. Cryptographers are the scientists and professionals that study cryptography and develop encryption systems, also called cryptosystems. Cryptanalysis is the science, or craft, of deciphering secret code and defeating encryption systems. Cryptanalysts are persons practicing cryptanalysis.
Are you still with me? Good, let’s continue. A scientist usually engages in both disciplines (cryptology and cryptanalysis) while studying encryption. Part of developing a secure cryptosystem is the ability to apply cryptanalysis to discover and correct its weaknesses. Therefore, a cryptographer is usually also a cryptanalyst, and vice versa, although individuals may specialize in one discipline over the other.
Cryptology is a related science that deals with the mathematics underpinning cryptography and cryptanalysis. A cryptologist is a mathematician whose primary area of study is cryptology. Cryptologists are interested in all fields of mathematics, as advances in any area can enhance or defeat cryptosystems.
When you use an encryption system to encode data, you are encrypting the original data. When you decode, or return the data to its original, unscrambled form, you’re decrypting it. Encryption describes the process of encrypting and decrypting data.
The word cipher comes from the Hebrew word saphar, meaning to count or number. For our purposes, the definition of a cipher (also cypher) is the mathematical algorithm applied to data to encipher or encrypt it, creating secret code. Another related term, decipher, refers to decoding or decrypting encrypted data to return it to its original state. Encipher, encrypt, decipher, and decrypt are all used interchangeably.
Plaintext is the original data prior to encryption. Anyone with the appropriate application can read plaintext data. For example, anyone with Microsoft Word can open and read a plaintext MS Word document, because it is not protected by encryption.
Note | A password is not encryption and does not encrypt a document. Assigning a password to a Word document is just a form of access control, and a weak one at that. The document remains plaintext, and anyone who guesses or bypasses the password can read it. Recovering the password on a Word file is trivial, and there are many programs available on the Internet that facilitate doing so. |
Occasionally you will read about flaws in systems that allow passwords and other sensitive data to be sent as plaintext or in the clear. This means that data traveling over a network connection is readable by anyone with the appropriate software. Needless to say, this is a bad thing, and any time you conduct business over a network connection or shop online, the connection should be secure and protected by encryption. Usually, your Web browser will provide some sort of indication that a connection is secure, either by notifying you or by indicating a secure connection with a padlock icon (see Figure 10-1).
Figure 10-1: Internet Explorer displays a padlock icon in the lower menu bar to indicate a secure connection.
Ciphertext (also cyphertext) is encrypted plaintext. Using a cipher or cryptosystem, the original data is converted into unreadable code. Before it can be read again, ciphertext must be deciphered, or decrypted back into plaintext, and that requires the use of an encryption key.
An encryption key is an alphanumeric sequence that, as part of a cryptosystem, is used to encrypt or decrypt data (see Figure 10-2). In early cryptosystems, a key could have been something as simple as a substitution table (see Figure 10-3). In modern cryptosystems, the key is part of the mathematical equation that initiates the encryption or decryption process.
Figure 10-2: Encrypting and decrypting data with an encryption key
Figure 10-3: A simple substitution table
The history of encryption and its related sciences, cryptography and cryptology, is fascinating. Governments and individuals have been using encryption to protect sensitive information for thousands of years. Many of the first encryption methods were developed by military forces to protect plans and messages. During this time, encryption has evolved from simple forms of letter substitution and transposition to mathematical encryption algorithms.
In ancient Greece, the Spartans developed a type of encryption that utilized a stick and belt. They called their method a scytale (pronounced skee-ta-lee). The sender of the message would wrap the belt around the stick and write the message on the belt. The messenger would then wear or conceal the belt while en route to the recipient. The recipient of the message would then wrap the belt around a similar stick to decipher the message, as shown in Figure 10-4.
Figure 10-4: The Spartan scytale
The scytale was a form of transposition cipher and effectively transposed each letter a number of spaces, depending on the diameter of the stick. The stick acted as the encryption key. If an enemy intercepted the belt but used the wrong-sized stick, the message would be gibberish. The scytale was also a type of steganography, or hidden writing. It served to hide the message as well as encode it. Unfortunately, the stick was not an effective encryption key as anyone could try stick after stick until discovering the correct size.
The Romans used encryption extensively to protect military dispatches from the prying eyes of their enemies. Julius Caesar developed his own encryption method based on a letter transposition cipher. In a transposition cipher, every letter is transposed or rotated a certain number of letters. Caesar transposed letters in his cipher by three letters. In English, this would mean that the letter D would replace the letter A, and so on.
Note | People still use transposition ciphers. ROT13 encryption is a simple transposition cipher used to obscure Usenet news postings. ROT13 transposes every letter alphabetically by 13 spaces. ROT13 provides no real security as anyone can sit down and figure out the message by rotating the letter by 13 spaces again, returning them to the original text. However, it does confuse search engines and prevents indexing of messages. |
For a long time, this was an effective means of encoding a message until people discovered a method of cracking this type of cipher called frequency analysis. In any written language, certain letters or sounds appear more often than others do. For example, vowels usually appear more often than consonants. In English, the most frequently appearing letter is E.
Ciphers that transpose or substitute letters may change the text of a message, but they don’t alter the frequency of the letters or underlying patterns. If you substitute K for E, K will appear at the frequency normally attributed to E, and any frequency analyses will identify the letter K as the likely substitution for E.
The effectiveness of frequency analyses illustrates one avenue of attack against any encryption system: the identification of patterns. Whether the cryptosystem utilizes transposition, substitution, or modern mathematical techniques, cryptanalysts seek to identify patterns in ciphertext that they can use to infer or discover an encryption key.
In World War II, the German military developed a machine it called enigma. Enigma was a mechanical cipher that used rotating gears to substitute letters in plaintext to create ciphertext. Enigma’s mechanism created sufficient entropy to thwart allied attempts at cryptanalysis. In fact, until the allies recovered an enigma machine from a captured German U-boat, the German’s military communications were indecipherable.
A common problem shared by all early encryption systems (and some modern ones) is the distribution of the encryption key. All parties had to have a copy of the same key in order to communicate securely. Early cryptosystems and some modern ones as well relied heavily on secret keys (also called symmetric keys). If the keys were to fall into the hands of an enemy or foreign agent, all further communications would be compromised. Modern encryption techniques, utilizing computers and advanced mathematics, have solved some of the problems related to key distribution.