<<

. 2
( 5 .)



>>

Civ
Kahn p.415
Edward Hugh Hebern incorporated ``Hebern Electric Code'', a company making electro-mechanical cipher machines based on rotors which turn, odometer style, with each character enciphered.
1923
Civ
Kahn p.421
Arthur Scherbius incorporated ``Chiffriermaschinen Aktiengesellschaft'' to make and sell his Enigma machine.
1924
Civ
Deavours p.151
Alexander von Kryha produced his ``coding machine'' which was used, even by the German Diplomatic Corps, into the 1950s. However, it was cryptographically weak – having a small period. A test cryptogram of 1135 characters was solved by the US cryptanalysts Friedman, Kullback, Rowlett and Sinkov in 2 hours and 41 minutes. Nevertheless, the machine continued to be sold and used -- a triumph of salesmanship and a lesson to consumers of cryptographic devices.
1927-33
Civ
Kahn p.802ff
Users of cryptography weren't limited to legitimate bankers, lovers, experimenters, etc. There were also a handful of criminals. ``The greatest era of international smuggling -- Prohibition -- created the greatest era of criminal cryptology.'' [p.817] To this day, the FBI runs a cryptanalytic office to deal with criminal cryptography. [As of Kahn's writing in 1967, that office was located at 215 Pennsylvania Avenue SE, Washington DC.]
``A retired lieutenant commander of the Royal Navy devised the systems for Consolidated Exporters' Pacific operation, though its Gulf and Atlantic groups made up their own as needed.
``His name was unknown but his cryptologic expertise was apparent. The smugglers' systems grew increasingly more complicated. "Some of these are of a complexity never even attempted by any government for its most secret communications," wrote Mrs. [Elizebeth Smith] Friedman in a report in mid-1930. "At no time during the World War, when secret methods of communication reached their highest development, were there used such involved ramifications as are to be found in some of the correspondence of West Coast rum running vessels." '' [p.804]
1929
Civ
Kahn p.404
Lester S. Hill published ``Cryptography in an Algebraic Alphabet'' in which a block of plaintext is enciphered by a matrix operation.
1933-45
Govt
Kahn p.422 (and many others)
The Enigma machine was not a commercial success but it was taken over and improved upon to become the cryptographic workhorse of Nazi Germany. [It was broken by the Polish mathematician, Marian Rejewski, based only on captured ciphertext and one list of three months worth of daily keys obtained through a spy. Continued breaks were based on developments during the war by Alan Turing, Gordon Welchman and others at Bletchley Park in England.]
1937
Govt
Kahn p.18ff.
The Japanese Purple machine was invented in response to revelations by Herbert O. Yardley and broken by a team headed by William Frederick Friedman. The Purple machine used telephone stepping relays instead of rotors and thus had a totally different permutation at each step rather than the related permutations of one rotor in different positions.
1930's
Govt
Kahn p.510ff., Deavours p.10,89-91
Kahn attributes the American SIGABA (M-134-C) to William F. Friedman while Deavours attributes it to an idea of Frank Rowlett, one of Friedman's first hires. It improved on the rotor inventions of Hebern and Scherbius by using pseudo-random stepping of multiple rotors on each enciphering step rather than have uniform, odometer-like stepping of rotors as in Enigma. It also used 15 rotors (10 for character transformation, 5 probably for controlling stepping) rather than the Enigma's 3 or 4.
1930's
Govt
Deavours p.144
The British TYPEX machine was an offshoot of the commercial Enigma purchased by the British for study in the 1920's. It was a 5-rotor machine with the two initial rotors being stators, serving the purpose of the German Enigma's plugboard.
1970
Civ
Feistel
Dr. Horst Feistel led a research project at the IBM Watson Research Lab in the 1960's which developed the Lucifer cipher. This later inspired the US DES (below) and other product ciphers, creating a family labeled ``Feistel ciphers''.
1976
civ/govt
FIPS PUB-46
A design by IBM, based on the Lucifer cipher and with changes (including both S-box improvements and reduction of key size) by the US NSA, was chosen to be the U.S. Data Encryption Standard. It has since found worldwide acceptance, largely because it has shown itself strong against 20 years of attacks. Even some who believe it is past its useful life use it as a component -- e.g., of 3-key triple-DES.
1976
Civ
Diffie
Whitfield Diffie and Martin Hellman published ``New Directions in Cryptography'', introducing the idea of public key cryptography. They also put forth the idea of authentication by powers of a one way function, now used in the S/Key challenge/response utility. They closed their paper with an observation for which this timeline web page gives detailed evidence: ``Skill in production cryptanalysis has always been heavily on the side of the professionals, but innovation, particularly in the design of new types of cryptographic systems, has come primarily from amateurs.''
April 1977
Civ
Shamir
Inspired by the Diffie-Hellman paper and acting as complete novices in cryptography, Ronald L. Rivest, Adi Shamir and Leonard M. Adleman had been discussing how to make a practical public key system. One night in April, Ron Rivest was laid up with a massive headache and the RSA algorithm came to him. He wrote it up for Shamir and Adleman and sent it to them the next morning. It was a practical public-key cipher for both confidentiality and digital signatures, based on the difficulty of factoring large numbers. They submitted this to Martin Gardner on April 4 for publication in Scientific American. It appeared in the September, 1977 issue. The Scientific American article included an offer to send the full technical report to anyone submitting a self-addressed, stamped envelope. There were thousands of such requests, from all over the world.
Someone at NSA objected to the distribution of this report to foreign nationals and for a while, RS&A suspended mailings -- but when NSA failed to respond to inquiries asking for the legal basis of their request, RS&A resumed mailings. Adi Shamir believes this is the origin of the current policy [as of August 1995] that technical reports or papers can be freely distributed. [Note: two international journals, ``Cryptologia'' and ``The Journal of Cryptology'' were founded shortly after this attempt by NSA to restrain publication.]
Contrary to rumor, RS&A apparently had no knowledge of ITAR or patent secrecy orders. They did not publish before applying for international patents because they wanted to avoid such restraints on free expression but rather because they were not thinking about patents for the algorithm. They just wanted to get the idea out.
1978
Civ
RSA
The RSA algorithm was published in the Communications of the ACM.
1984-5?
Civ
ROT13
The rot13 cipher was introduced into USENET News software to permit the encryption of postings in order to prevent innocent eyes from being assaulted by objectionable text. This is the first example I know of in which a cipher with a key everyone knows actually was effective.
1990
Civ
IACR90
Xuejia Lai and James Massey in Switzerland published ``A Proposal for a New Block Encryption Standard'', a proposed International Data Encryption Algorithm (IDEA) -- to replace DES. IDEA uses a 128-bit key and employs operations which are convenient for general purpose computers, therefore making software implementations more efficient.
1990
Civ
IACR90
Charles H. Bennett, Gilles Brassard et al. published their experimental results on Quantum Cryptography, which uses single photons to communicate a stream of key bits for some later Vernam encipherment of a message (or other uses). Assuming the laws of quantum mechanics hold, Quantum Cryptography provides not only secrecy but a positive indication of eavesdropping and a measurement of the maximum number of bits an eavesdropper might have captured. On the downside, QC currently requires a fiber-optic cable between the two parties.
1991
Civ
Garfinkel
Phil Zimmermann released his first version of PGP (Pretty Good Privacy) in response to the threat by the FBI to demand access to the cleartext of the communications of citizens. PGP offered high security to the general citizen and as such could have been seen as a competitor to commercial products like Mailsafe from RSADSI. However, PGP is especially notable because it was released as freeware and has become a worldwide standard as a result while its competitors of the time remain effectively unknown.
1994
Civ
Rivest
Professor Ron Rivest, author of the earlier RC2 and RC4 algorithms included in RSADSI's BSAFE cryptographic library, published a proposed algorithm, RC5, on the Internet. This algorithm uses data-dependent rotation as its non-linear operation and is parameterized so that the user can vary the block size, number of rounds and key length. It is still too new to have been analyzed enough to enable one to know what parameters to use for a desired strength -- although an analysis by RSA Labs, reported at CRYPTO'95, suggests that w=32, r=12 gives strength superior to DES. It should be remembered, however, that this is just a first analysis.
Sources used for above table:
Bacon: Sir Francis Bacon, ``De Augmentis Scientarum'', Book 6, Chapter i. [as quoted in C. Stopes, ``Bacon-Shakspere Question'', 1889]
Burton: Sir Richard F. Burton trans., ``The Kama Sutra of Vatsayana'', Arkana/Penguin, 1991.
Deavours: Cipher A. Deavours and Louis Kruh, ``Machine Cryptography and Modern Cryptanalysis'', Artech House, 1985.
Diffie: Whitfield Diffie and Martin Hellman, ``New Directions in Cryptography'', IEEE Transactions on Information Theory, Nov 1976.
Feistel: Horst Feistel, ``Cryptographic Coding for Data-Bank Privacy'', IBM Research Report RC2827.
Garfinkel: Simson Garfinkel, ``PGP: Pretty Good Privacy'', O'Reilly & Associates, Inc., 1995.
IACR90: Proceedings, EUROCRYPT '90; Springer Verlag.
Kahn: David Kahn, ``The Codebreakers'', Macmillan, 1967.
Price: Derek J. Price, ``The Equatorie of the Planetis'', edited from Peterhouse MS 75.I, Cambridge University Press, 1955.
Rivest: Ronald L. Rivest, ``The RC5 Encryption Algorithm'', document made available by FTP and World Wide Web, 1994.
ROT13: Steve Bellovin and Marcus Ranum, individual personal communications, July 1995.
RSA: Rivest, Shamir and Adleman, ``A method for obtaining digital signatures and public key cryptosystems'', Communications of the ACM, Feb. 1978, pp. 120-126.
Shamir: Adi Shamir, ``Myths and Realities'', invited talk at CRYPTO '95, Santa Barbara, CA; August 1995.
Describe the History of Cryptography in the United State
CISSP Seminar:
Herbert Yardley
Headed first crypto unit – 1917
Black chamber
Father of crypto in america
Established foreign crypto units
China – 1938
Canada – 1941
William Friedman
Dean of modern American Crypto
First Chief of Signal Intelligence Service – 1929
Replaced Yardley’s cipher bureau
Formed CBK
Applied mathematics and statistical analysis
Laurance Safford
Developed naval communications intelligence organization
Became Armed Forces Security Agency (AFSA – 1949)
NSA 1952
Developed Underwood Code machine
With Underwood typewriter company
46 Japanese-English keys
Copy traffic more efficiently
Joseph Wenger
Pioneered development of cryptanalysis machines
Deputy director AFSA – 1949
Vice director NSA – 1952
Frank Rowlett
Cryptanalysis work on machine systems
Wheatstone device
German Kryha machine
The Damm machine
Vernam’s AT&T machine
The Hebern machine
Sigaba
Most secure through WWII
Cracked Japanese Purple machine – 1940
Verona 1943
Project to analyze and translate encrypted Soviet message traffic (1850 translations)
Public releases (1955-96)
Soviet espionage against U.S. A-bomb research
KGB, NY and Wash DC: 1944-45 messages
KGB, San Francisco and Mexico city: 1942-46 messages
GRU, NY and Washington: 1946 messages
KGB and GRU, non U.S., non-mexico (e.g., Montevideo): 1940-46 messages

Define Plaintext and Ciphertext
CISSP Seminar:
Plaintext: Data in unscrambled form
Ciphertext: Scramble data
Cryptography FAQ:
The original message is called a plaintext.
The disguised message is called a ciphertext.


Compare and contrast the terms Encipher and Decipher
CISSP Seminar:
Encipher: act of scrambling the data
Decipher: act of descrambling data with secret key
RSA Crypto FAQ:
Encryption (Encipher) is the transformation of data into a form that is as close to impossible as possible to read with out the appropriate knowledge (a key). Its purpose is to ensure privacy by keeping information hidden from anyone for whom it is not intended, even those who have access to the encrypted data.
Decryption (Decipher) is the reverse of encryption; it is the transformation of encrypted data back into an intelligible form.
Encryption and decryption generally require the use of some secret information, referred to as a key. For some encryption mechanisms, the same key is used for both encryption and decryption; for other mechanisms, the keys used for encryption and decryption are different

Define Cryptanalysis
CISSP Seminar:
Cryptanalysis: Descrambling without secret key
RSA Crypto FAQ:
Cryptanalysis is the flip-side of cryptography: it is the science of cracking codes, decoding secrets, violating authentication schemes, and in general, breaking cryptographic protocols.
In order to design a robust encryption algorithm or cryptographic protocol, one should use cryptanalysis to find and correct any weaknesses. This is precisely the reason why the best (most trusted) encryption algorithms are ones that have been made available to public scrutiny. For example, DES has been exposed to public scrutiny for years, and is therefore well-trusted, while Skipjack is secret and less well-trusted. It is a basic tenet of cryptology that the security of an algorithm should not rely on its secrecy. Inevitably, the algorithm will be discovered and its weaknesses (if any) will be exploited.
The various techniques in cryptanalysis attempting to compromise cryptosystems are referred to as attacks. Some attacks are general, whereas others apply only to certain types of cryptosystems.
Define "Key" as it refer to Cryptography
CISSP Seminar:
Key: Secret sequence governing en/deciphering
RSA Crypto FAQ:
A cryptosystem is usually a whole collection of algorithms. The algorithms are labelled; the labels are called keys. For instance, Caesar probably used ``shift by n'' encryption for several different values of n. It's natural to say that n is the key here.

Define the Strength of key as it pertains to key length
CISSP Seminar:
Considering that encryption is based on factoring factor, a longer key will provide better protection than a shorter key. However one must ensure that the algorithm being used is a strong cryptosystem.
Consider the following from the Cryptography FAQ:
Every well-designed cryptosystem has such a large key space that this brute-force search is impractical.
Advances in technology sometimes change what is considered practical. For example, DES, which has been in use for over 10 years now, has 2^56, or about 10^17, possible keys. A computation with this many operations was certainly unlikely for most users in the mid-70's. The situation is very different today given the dramatic decrease in cost per processor operation. Massively parallel machines threaten the security of DES against brute force search.
RSA Crypto FAQ:
The security of a strong system resides with the secrecy of the key rather than with the supposed secrecy of the algorithm.
A strong cryptosystem has a large keyspace. It has a reasonably large unicity distance.
The unicity distance is an approximation to that amount of ciphertext such that the sum of the real information (entropy) in the corresponding source text and encryption key equals the number of ciphertext bits used. Ciphertexts significantly longer than this can be shown probably to have a unique decipherment. This is used to back up a claim of the validity of a ciphertext-only cryptanalysis. Ciphertexts significantly shorter than this are likely to have multiple, equally valid decryptions and therefore to gain security from the opponent's difficulty choosing the correct one.

Define Ciphertext Only Attack (COA)
CISSP Seminar:
Only statistical knowledge of plaintext available.
RSA Crypto FAQ:
A ciphertext-only attack is one in which the cryptanalyst obtains a sample of ciphertext, without the plaintext associated with it. This data is relatively easy to obtain in many scenarios, but a successful ciphertext-only attack is generally difficult, and requires a very large ciphertext sample.

Define known Plaintext Attact (KPA)
CISSP Seminar:
Some past plain text and matching ciphertext known
RSA Crypto FAQ:
A known-plaintext attack is one in which the cryptanalyst obtains a sample of ciphertext and the corresponding plaintext as well.

Define Chosen Text Attack (CTA)
CISSP Seminar:
Crypto device loaded with hidden key provided and input of plaintext or ciphertext allowed to see the other.
RSA Crypto FAQ:
A chosen-plaintext attack is one in which the cryptanalyst is able to choose a quantity of plaintext and then obtain the corresponding encrypted ciphertext.

Describe Stream Ciphers
CISSP Seminar:
Operate on continuous streams of plain text (as 1’s and 0’s)
Usually implemented in hardware
RSA Crypto FAQ:
A stream cipher is a type of symmetric encryption algorithm. Stream ciphers can be designed to be exceptionally fast, much faster than any block cipher. While block ciphers operate on large blocks of data, stream ciphers typically operate on smaller units of plaintext, usually bits. The encryption of any particular plaintext with a block cipher will result in the same ciphertext when the same key is used. With a stream cipher, the transformation of these smaller plaintext units will vary, depending on when they are encountered during the encryption process.
A stream cipher generates what is called a keystream (a sequence of bits used as a key). Encryption is accomplished by combining the keystream with the plaintext, usually with the bitwise exclusive-OR operation. The generation of the keystream can be independent of the plaintext and ciphertext (yielding what is termed a synchronous stream cipher) or it can depend on the data and its encryption (in which case the stream cipher is said to be self-synchronizing). Most stream cipher designs are for synchronous stream ciphers.

Define Block Ciphers
CISSP Seminar:
Operate on fixed size blocks of plain text
More suitable implemented in software to execute on general-purpose computer
There is some overlap when block operated as stream.
RSA Crypto FAQ:
A block cipher is a type of symmetric-key encryption algorithm that transforms a fixed-length block of plaintext (unencrypted text) data into a block of ciphertext (encrypted text) data of the same length. This transformation takes place under the action of a user-provided secret key. Decryption is performed by applying the reverse transformation to the ciphertext block using the same secret key. The fixed length is called the block size, and for many block ciphers, the block size is 64 bits. In the coming years the block size will increase to 128 bits as processors become more sophisticated.

Describe Features of Stream Cipher Algorithm
CISSP Seminar:
Long periods of time with no repeating
Functionally complex
Statistically unpredictable
Statistically unbiased keystream
As many 0’s and 1’s
Keystream not linearly related to key

Identify the Applications of Cryptography
CISSP Seminar:
Data Storage
Prevent disclosure
Password files
Backup tapes
Bulk
Telecommunications
Prevent disclosure
Data transmission
STU
Message authentication
Detect fraudulent insertion
Detect fraudulent deletion
Detect fraudulent modification
Detect replay
Digital Signature
Source Verification
Non-Repudiation
RSA Crypto FAQ:
A typical application of cryptography is a system built out of the basic techniques. Such systems can be of various levels of complexity. Some of the more simple applications are secure communication, identification, authentication, and secret sharing. More complicated applications include systems for electronic commerce, certification, secure electronic mail, key recovery, and secure computer access. In general, the less complex the application, the more quickly it becomes a reality. Identification and authentication schemes exist widely, while electronic commerce systems are just beginning to be established.
Secure Communication
Secure communication is the most straightforward use of cryptography. Two people may communicate securely by encrypting the messages sent between them. This can be done in such a way that a third party eavesdropping may never be able to decipher the messages. While secure communication has existed for centuries, the key management problem has prevented it from becoming commonplace. Thanks to the development of public-key cryptography, the tools exist to create a large-scale network of people who can communicate securely with one another even if they had never communicated before.
Identification and Authentication
Identification and authentication are two widely used applications of cryptography. Identification is the process of verifying someone's or something's identity. For example, when withdrawing money from a bank, a teller asks to see identification (e.g. a driver's license) to verify the identity of the owner of the account. This same process can be done electronically using cryptography. Every automatic teller machine (ATM) card is associated with a "secret" personal identification number (PIN), which binds the owner to the card and thus to the account. When the card is inserted into the ATM, the machine prompts the cardholder for the PIN. If the correct PIN is entered, the machine identifies that person as the rightful owner and grants access. Another important application of cryptography is authentication. Authentication is similar to identification, in that both allow an entity access to resources (such as an Internet account), but authentication is broader because it does not necessarily involve identifying a person or entity. Authentication merely determines whether that person or entity is authorized for whatever is in question. For more information on authentication and identification.
Secret Sharing
Another application of cryptography, called secret sharing, allows the trust of a secret to be distributed among a group of people. For example, in a (K, N)-threshold scheme, information about a secret is distributed in such a way that any K out of the N people (K<N) have enough information to determine the secret, but any set of K-1 people do not. In any secret sharing scheme, there are designated sets of people whose cumulative information suffices to determine the secret. In some implementations of secret sharing schemes, each participant receives the secret after it has been generated. In other implementations, the actual secret is never made visible to the participants, although the purpose for which they sought the secret (e.g. access to a building or permission to execute a process) is allowed.
Electronic Commerce
Over the past few years there has been a growing amount of business conducted over the Internet - this form of business is called electronic commerce or e-commerce. E-commerce is comprised of online banking, online brokerage accounts, and Internet shopping, to name a few of the many applications. One can book plane tickets, make hotel reservations, rent a car, transfer money from one account to another, buy compact disks (CDs), clothes, books and so on all while sitting in front of a computer. However, simply entering a credit card number on the Internet leaves one open to fraud. One cryptographic solution to this problem is to encrypt the credit card number (or other private information) when it is entered on-line, another is to secure the entire session. When a computer encrypts this information and sends it out on the Internet, it is incomprehensible to a third party viewer. The web-server ("Internet shopping center") receives the encrypted information, decrypts it, and proceeds with the sale without fear that the credit card number (or other personal information) slipped into the wrong hands. As more and more business is conducted over the Internet, the need for protection against fraud, theft and corruption of vital information increases.
Certification
Another application of cryptography is certification; certification is a scheme by which trusted agents such as certifying authorities vouch for unknown agents, such as users. The trusted agents issue vouchers called certificates which each have some inherent meaning. Certification technology was developed to make identification and authentication possible on a large scale.
Key Recovery
Key recovery is a technology that allows a key to be revealed under certain circumstances without the owner of the key revealing it. This is useful for two main reasons: first of all, if a user loses or accidentally deletes their key, key recovery could prevent a disaster. Secondly, if a law enforcement agency wishes to eavesdrop on a suspected criminal without their knowledge (akin to a wiretap), they must be able to recover the key. Key recovery techniques are in use in some instances; however, the use of key recovery as a law enforcement technique is somewhat controversial.
Remote Access
Secure remote access is another important application of cryptography. The basic system of passwords certainly gives a level of security for secure access, but it may not be enough in some cases. For instance, passwords can be eavesdropped, forgotten, stolen, or guessed. Many products supply cryptographic methods for remote access with a higher degree of security.
Other Applications
Cryptography is not confined to the world of computers. Cryptography is also used in cellular phones as a means of authentication; that is, it can be used to verify that a particular phone has the right to bill to a particular phone number. This prevents people from stealing ("cloning") cellular phone numbers and access codes.
Identify the Uses of Cryptography
CISSP Seminar:
EFT systems
E-Mail
Communication links
RSA Crypto FAQ:
Today's cryptography is more than encryption and decryption. Authentication is as fundamentally a part of our lives as privacy. We use authentication throughout our everyday lives -when we sign our name to some document for instance and, as we move to a world where our decisions and agreements are communicated electronically, we need to have electronic techniques for providing authentication.
Cryptography provides mechanisms for such procedures. A digital signature binds a document to the possessor of a particular key, while a digital timestamp binds a document to its creation at a particular time. These cryptographic mechanisms can be used to control access to a shared disk drive, a high security installation, or a pay-per-view TV channel.
The field of cryptography encompasses other uses as well. With just a few basic cryptographic tools, it is possible to build elaborate schemes and protocols that allow us to pay using electronic money, to prove we know certain information without revealing the information itself, and to share a secret quantity in such a way that a subset of the shares can reconstruct the secret.

<<

. 2
( 5 .)



>>