20071216

Cryptographic Techniques

Today, I would like to discuss some technical terms which are related to cryptography. Cryptography is the art of achieving security by encoding messages to make them non-readable. In general, we say that a message need to be encode is called plain text, while the encoded message is called cipher text. There are two primary ways to encode a plain text message, Substitution and Transposition.

The earliest substitution scheme is called Caesar Cipher, proposed by Julius Caesar. This encryption algorithm is to replace each alphabet in the message with the alphabet three places down the line. (ie. A replaced by D, B replaced by E, ... Z replaced by C).
For further information about substitution techniques, please visit Substitution cipher.

Rail Fence Technique is an example of transposition. This algorithm first write down the plain text message as a sequence of diagonals, then read the plain text written as a sequence of rows. eg. Original plain text message: what the hell you are doing
W A T E E L O A E O N
 H T H H L Y U R D I G
and the result cipher text is "wateeloaeonhthhlyurdig". Other transposition technique is quite similar to Rail Fence Technique, here is more examples of Transposition cipher.

Every encryption and decryption process has two aspects, the algorithm and the key used for encryption and decryption. There are two cryptographic mechanisms, depending on what keys are used. Symmetric Key Cryptography, is the mechanisms that using the same key for both encryption and decryption. In opposite, the mechanisms use different keys for encryption and decryption is called Asymmetric Key Cryptography.

In symmetric key cryptography, the problem is key distribution. Since the key is to decrypt the message in the receiver side, how can the key distributed securely to receiver? Whitefield Diffie and Martin Hellman developed an amazing solution for key distribution problem in 1976. The solution is called Diffie-Hellman key exchange algorithm. The algorithm is very easy to understand, here is how it works. First, if A and B want to exchange message, they first come up with two large prime numbers, n and g. These two numbers need not be kept secret. Then A and B choose two large random number x and y respectively, then calculate two numbers vA = gx mod n, vB = gy mod n respectively. After that, A and B exchange vA and vB. At last, A will get the secret K1 = vBx mod n, B will get the secret K2 = vAy mod n. At last, K1 is equal to K2, and the key has been exchanged. However, this algorithm raises another problem, it is caused by the first step. If the third party, user C, intercept the message and get the value n and g. then C can continue the whole process to get further data exchange between A and B, because C holds the keys to communicate to A and B. However, A and B will never know that their data has been hijacked. This problem is called man-in-the-middle attack.

In asymmetric key cryptography, the problems mentioned above will not exist. When A try to communicate with others, it can ask the trusted third party T, to get a pair of key, one is called public key, which will be distributed to those who want to send data A. The other is called private key, which is held by A to decrypt the message. The other name of this cryptography mechanism is called Public-key cryptography.

Another message encoding technique is called steganography. This technique is to hide the message that is to be kept secret inside other messages.

ps. I will provide a fun game tomorrow.