- Email: [email protected]
Random bits & bytes
Computers
& Security, 13 (1994) 458-465
Random Bits & Bytes Harold Joseph Highland, FIGS Editor-in-Chief Emeritus
Data Encryption: A Non-Mathematical Approach - Part 1
do not realize is that many programs do not process data at the same speed. Also some do not offer the identical level of security.
Codes and ciphers have been used for over 4000 years. Only in the past two decades have so many businesses used a cipher scheme to protect valuable data stored in a computer or transmitted horn one site to another. Most businessmen, even some computer security directors, do not have a full understanding of data encryption. Of all the products a company purchases, an encryption program is generally bought blind. It is the one product that the buyer almost accepts on faith, for few have any concept of the evaluation and testing of an encryption package.
Several years ago I included a review of several DES programs available for microcomputers. The same size text took from 8 to 94 seconds to encrypt. The fastest one was a product of a very well-known software producer. When I explained my dilemma to the company’s president, he had the technical manager of that division investigate. I learned within a week that their DES program only went through three iterations instead of the nomal16.When I spoke with the president again, he explained that the DES software was only a convenient supplement to his software and that he did not believe anyone would use it for ‘real’ encryption.
This is the first part of a series explaining cryptography to those readers who always felt that they did not have the mathematical background to understand this mysticism and those who were ‘exposed’ to encryption as part of their security education. I attempted to do such a series a few years ago in response to numerous requests, mail and telephone calls, from readers of the Journal. If you have felt inadequate in understanding encryption, don’t despair - you are not alone! Not all encryption software packages or hardware devices are equal. There is of course a difference between DES [Data Encryption Standard] and PK [Public Key] programs. But not all DES software programs are equal; nor are all Public Key programs. Ignore the differences of the human element in using these various software programs and/or hardware devices. What most people
0 Compulit,
458
Inc. 1994. All rights reserved.
Business professionals are not to blame for their lack of understanding of encryption. The field has a mystique generated by spy stories and a belief that one must be a mathematician to understand encryption. This is not true.
Basic terminology Let’s start with a few basic terms. Data encryption is a part of the science of cryptology,the study of concealed and secret writing, a method of disguising messages. It is the study of both cryptography and cryptanalysis. Cryptography is the art of creating and using a cipher system that will disguise messages. The original message is called a plaintext. The disguised message, using a particular cipher system, is called a ciphertext. Plaintext is enciphered using a particular cipher algorithm along
0167-4048/94/$7.00
0 1994, Elsevier Science Ltd
Computers & Security, Vol. 13, No. 6
with a cryptographic key [keyword, keyphrase, keynumber] to obtain the ciphertext. The term cryptographic system includes not only the algorithm itself but all other features of the encryption and decryption process. These include physical security features, generation and distribution of cryptographic keys, the enforcement of approved encryption procedures, as well as monitoring and testing of the cryptographic system. Cryptanalysis, on the other hand, is the art ofbreaking cryptosystems, seeing through the disguise even wheln you’re not supposed to read someone else’s ciphertext . Classical cryptanalysis involves an interesting combination of patience, determination, analytical reasoning, use of simple mathematical tools, pattern finding, and sometimes luck. The best textbooks available on the subject are the military cryptanalytics series written by the2 world’s foremost cryptographer, William E Friedman , covering World War I. The best source of books in this area have been published by Aegean Park Press in California. Modern public-key cryptanalysis often consists of factoring large integers, dealing discrete logarithms and using modern mathematical techniques. These are not the traditional fare of the former cryptanalysts. Computational number theorists today are some of the most successful cryptanalysts against public key systems. Considerable material has been written about encryption ciphers but there is great secrecy in the area of cryptanalysis. There are some interesting manuals and books dating back to World War I but some volumes used during World War II are still classified. There is a dearth of good books and other written material about modern methods of cryptanalysis. Two areas of disguising messages will be included in a later part of this series. One is code. This method requires a codebook wherein single words, phrases, letters and syllables can be indicated by a series of numbers or symbols.
The other is steganography where the very existence of the message is concealed. This is a form ofsecret writing using invisible ink, microdots or even plaintext hidden within other copy. l
Basic concepts The algorithm performing encryption and decryption is known as a cipher system that can be composed of one or more of the following methods: 1. Substitution methods 2. Transposition methods 3. Algebraic methods A substitution cipher is one in which the characters of the plaintext message are replaced by characters of another alphabet or by numeric values. The original characters in the ciphertext lose their identity but retain their position. In a transposition cipher the characters of the plaintext are rearranged in their sequence. Although the original characters lose their position, they retain their identity. Algebraic ciphers may be based on highly complex transposition methods or involved substitution methods, or even the use of both methods along with mathematical transformations which are performed by a computer. Both substitution and transposition ciphers have been used since the ancient Greeks and Romans, even the ancient Egyptians. Simple combinations of both methods have been used for several centuries. Historically substitution ciphers have been used more frequently than transposition. However with the advent of the computer complex algebraic ciphers were rapidly developed.
l
[b] decrypt meant changing unauthorized or illegal user. ’ The author ran into difficulties in France several years ago when lecturing about cryptology He used the term, decrypt, to explain converting ciphertext into readable form used by our organization. The deputy chief of the French equivalent of the National Security Administration [NSA], informed the author that correct usage was: [a] deripher meant changing ciphertext authorized receiver of the message but
into
plaintext
by an
ciphertext
into
plaintext
by an
In the United States we use decipher and decrypt interchangeably as we do encipher and encrypt. The French are more specific emphasizing the shade of difference between the pairs of words. 2The author had the legendary Col. Friedman as his instructor when he had his cryptanalysis training shortly after he was commissioned prior to World War II.
459
H. J. High/and/Random
Plaintext
Bits & Bytes
alphabet:
Ciphertext
alphabet
ABCDEFGBIJKLMNOPQRSTUVWXYZ :
DEFGHIJXLMNOPQR8TUPWXYZABC Fig 1.
Substitution
ciphers
There have been many substitution ciphers used over the centuries. At its simplest level, the letters ofa message are replaced with letters of an another alphabeg. The sequence of the letters in the plaintext do not change when they appear in the ciphertext. Caesar Cipher: in Figure 1 we have a simple example of a substitution cipher, one named after Julius Caesar. In it we systematically substitute one letter for another using what is known as an offset transform. There are two character sets or alphabets, the plaintext and ciphertext. The initial letter to start off the ciphertext alphabet is user selected. Here the initial ciphertext letter is D, that is, the plaintext letter A is replaced by the ciphertext letter D, B replaced by E, C replaced by F, etc. This is an example of an ‘offset 3’ Caesar cipher. In an ‘offset 7’ cipher we would find plaintext A replaced by H, plaintext B replaced by I, etc.
This cipher and column matrix. The 1, just as the
replaces each letter by two digits, the row in which the plaintext letter appears in the letter A is indicated by 11, row 1, column letter N is 34.
Again we shall encipher the message send contract at once. The cipher text would appear as in Figure 3.
Transposition
ciphers
Unlike the substitution cipher where the original plaintext letters are replaced during the encryption process, the letters remain unchanged in a transposition cipher. There are various ways in which individual or sets of letters can be rearranged. In pre-computer days this transposing of letters often was minimal. Picket Fence Cipher: Possibly the fastest and simplest of the transposition ciphers is one in which the odd letters of the message are separated from the even ones, resulting in two strings or character streams.
If we wanted to encipher the message: send contract at once, we would replace the plaintext S with V, replace e with H, replace n with Q, etc. so that we would have: plaintext: SEND
CONTRACT
AT
ONCE
ciphertext:
VHQG
FRQWUDFW
DW RQFH
Polybius Cipher: Another substitution cipher was developed by a Greek, Polybius. The alphabet is displayed as a 5-by-5 square. Since we must fit 26 letters into 25 spaces, one letter is omitted or two combined. Frequently the letter U is left out and replaced by I/ or the letters I and / occupy one box; see Figure 2.
3fn some substitution ciphers numbers or symbols are used in place of the letters of the conventional alphabet.
460
1
2
3
4
5
1
A
B
C
D
E
2
F
G
H
I
J
3
K
L
M
N
0
4
P
Q
R
8
T
5
V
W
X
Y
2
Fig. 2
Computers & Security, Vol. 13, No. 6
plaintext:
8
ciphertext:
35 11 12 33
END
CONTRACT
AT
13 24 12 22 14 31 13 22
31 22
ONCE 24 12 13 11
Fig. 3. To illustrate this technique encrypt communications.
we use the message: always
Message: ALWAYS Odd-Letter
ENCRYPT
COMMUNICATIONS
and column down. In one methods the plaintext is written row after row whereas the ciphertext is obtained by writing column after column. Our message, send contract at once, is written across each row without any space between words. See Fig 4.
Picket: NRP
AWY Even-Letter
1234 --1; SENDC 21 ONTRA 31 CTATO 4;NCEZ 51 ETAON
OMNCTOS
Picket:
LASECYTCMUIAIN In this illustration we have preserved the spaces between words in creating the odd and even pickets. The ciphertext would consist of the odd-letter picket followed by the even-letter picket or visa versa, depending upon the wishes of the individuals using the crypt0 system.
5
Z
Fig. 4.
Plaintext: ALWAYS
ENCRYPT
COMMUNICATIONS
Ciphertext: AWY
NRP
The plaintext message was written horizontally; the ciphertext message is written vertically, column after column. We fill missing spaces with any letters we wish.
OMNCTOSLASECYTCMUIAIN SOCNE
To decipher the message the receiver would count the total number of letters and spaces and divide the ciphertext into two parts. If the total number is uneven, the larger of the two is the upper sets of characters. The two streams would be set up and the message read as one would view a picket fence about a house. Top-Letter
Columnar
NTAER
DRTZO
CAOZN
Note: In the next segment there will be an introduction to algebraic ciphers and the techniques of adding complexity to simple ciphers.
Canadian Evaluation Criteria
Picket:
NRP AWY \/\/\/\/\/\/\/\/\/\/\/\/\/\/ LASECYTCMUIAIN Bottom-Letter
ENTCT
OMNCTOS
Picket:
Cipher: Another transposition cipher is somewhat similar to the Polybius substitution cipher. It is possible to transpose the plaintext by using rows across
The latest version of the “Canadian Trusted Computer Product Evaluation Criteria [CTCPEC],Version 3.0e”, is available free of charge to readers of Computers G Security. The volume presents a set of technical hardware/firmware/software criteria for trusted products which is consistent with the Information Technology Security Standards of the Canadian Government.
461
H. J. Highland/Random Bits & Bytes
Title: Author: Publisher:
A companion document, Cryptographic Modules, contains data exchange criteria for networks and criteria to evaluate trusted products incorporating cryptographic modules. The CTCPEC and its companion document are available from:
Canadian Trusted Computer Product Evaluation Criteria, Version 3.0e Eugen Mate Bacic [Project Leader], Aaron Cohen, Paul Cromier, et al. CSSCYCommunications Security Establishment; The Government of Canada; 1993.
Manager CSE INFOSEC PO. Box 9703, Terminal Ottawa, Ontario, Canada Kl G 324
The Computer Security Criteria are metrics used to evaluate the effectiveness of the security services provided by a product. Even if one does not operate in a trusted system environment, this volume covers many of the criteria that should be used in evaluating the security of the components of any system. This is a 208 page 8.5 by 11 inch volume.
Services
The Communication Security Establishment of the Department of National Defense of the Canadian Government has a mail server for this on the Internet. It accepts anonymous login under fip. For those hesitant or still new in using the Internet, see Fig. 5 for a sample dialog [note that bold face copy is user entered; computer generated data is in italics.
Internet FTP Dialogue We have reproduced llnfamiliar
an FlT
session
with the procedure,
downloaded
files under
bold; computer
IJser responses
FI‘P.
response
[Signing on to Canadian
in normal type”
Department
Ready: ftp ftp.cse.dnd.ca 220 moowis FTP server (Version
[If you are unfamiliar
6.10
with commands
mark (?) after the computer
user-f tp: Available
? user_ftp
change_wdir. cud delete, dl get host list,
Is,
Type
“1 ist
dir requests”
and entered
Our comments
of National
Thu
Login anonymous send e-mail address login ok, highlandgdockmaster.ncsc.mil access restrictions login ok,
user-f tp: 331 Guest Password: 230 Guest
question
to assist some of our readers.
Feb
commands
11
are shown in
are noted within [brackets].
Defence
bulletin
11:03:52
as password. - use your apply.
EST
own
board]
1993)
e-mail
ready.
address!
on the system you have reached,
type a
response.]
requests: Login, noop print. quit, quote rename, send, for
1,
user
pr, p q, logout rn put a short
status, st trace help list-help, list-requests, lr
description
Fig. 5.
462
A few may be
and for others it might be a long time since they
of
lh
the
abbrev, exec_corn, do if answer execute,
requests.
ab ec
e
Computers & Security, Vol. 13, No. 6
[Change
from the root directory
the simpler
command,
to publications
pub successful.
[You can obtain
a list within that directory
to appropriate
user_ftp: total 5 -r--r--r__ drwxr-sr-x drwxr-sr-x drwxr-sr-x drwxr-sr-x
, 2 2 2 2
user ftp: totaT 6344 _r__r__r__ _r__r__r__ -r--r--r__ -r--r--r__ -r--r--r__ _r__r__r__ _r__r__r__ -r--r--r__ -r--r--r__ _r__r__r__ _r__r__r__ _r__r__r__ -r--r--r__ _r__r__r__ _r__r__r__ _r__r__r__ _r__r__r__
0 0 0 0 0
dir , , 1 1 , 1 1 1 1 1 1 1 1 1 1 1 1
0 0 0 0 0
535 512 1024 512 512
either
1s or dir and then
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
you browse
17:22 17:30 19:36 16:56 19:Ol
README criteria papers reviews symposium
714851 172626 798673 240171 872246 308847 960370 288615 1166479 394313 362429 12612
Jun Jun May May May May Jun Jun Jun Jun Aug Aug
2 2 12 12 12 12 27 27 27 27 31 25
993 993 993 993 993 1993 17:29 17:29 17:29 17:29 1993 1993
CTCPEC.ascii CTCPEC.ascii.2 CTCPEC.v3.0e.ptl.ps CTCPEC.v3.0e.ptl.ps.Z CTCPEC.v3.0e.pt2.ps CTCPEC.v3.0e.ptZ.ps.Z CTCPEC.v3.0f.ptl.ps CTCPEC.v3.0f.ptl.ps.Z CTCPEC.v3.0f.ptZ.ps CTCPEC.v3.0f.pt2.ps.2 Crypto.vl.O.ps NITSM.8.93e.asci
: 0 0 0
13747 15540 16082 1948 2248
Aug Aug Jun Apr
25 25 27 26
1993 1993 17:32 20:08
NITSM.8.93f.asci NITSM.8.93e.wSl NITSM.8.93f.wSl README ccrevfor.txt
the README
others
file on screen
files,
in postscript
print README ASCII mode
[To transfer
a file from the Canadian
data
it is necessary
for details
about the texts
format and some in WordPerfect.
user_ftp: 150 Opening
some systems
27 27 IO 27 20
0 0 0 0 0 0 0 0 0 0 0 0
to view copy on the screen.]
the filename
Jun Jun Jun Jun Jul
criteria successful.
command
connection
for
README
(1948
host to your machine,
not only to include
Some
Use the print
bytes).
use the get command.
the host’s original
filcnamc
On
but also
that you wish to use on your system.]
user_ftp: get CTCPEC.ascii CTCPEC 226 Transfer complete. Total elapsed time: 92.8 seconds. 1948 bytes transferred in 89.9 seconds
[Once
by entering
directory.]
are ASCII
letter
change - wdir or
1s
user_ftp: cwd 250 CUD command
[Suggest
using either
cwd.]
user_ftp: cwd 250 CUD command
change
directory
you have finished g will permit
browsing
(170
bits/set).
and downloading,
entering
logout, quit or even the
you to exit the host system and return to you own.]
463
H. J. Highland/Random Bits & Bytes
NTIS Volumes Of Interest
NERAC Inc, Tolland CT, October 1993,250 updated with each order, PB94-850104/WCC.
The National Technical Information Service (NTIS) is a self-supporting agency of the US Department of Commerce. It provides access to the results of both US and foreign government-sponsored research and development and engineering activities. For copies of any of the publications we consider of interest to computer security directors and personnel, you can communicate with: US Deoartment of Commerce Nation2 Technical Information 5285 Port Royal Road
Service
Orders: + 1 703 487-4650 Telex: 89-9405 or 64617 FAX: +l 703 321-8547
Research Directions in Database Security IV R.K.Burns,Mitre Corp,BedfordMA,July 1993,21Opp, AD-A268 885/i/WCC. This report contains the papers written for the Fourth RADC Database Security Workshop, held in Little Compton, Rhode Island, 22-25 April 1991. The papers reflect a range of research topics from the semantics of polyinstantiation to the problems of actually building trusted database management systems. The goal of this workshop was to provide a forum for the discussion of the work in progress, to clarify and amplify ideas, and to advance the multilevel database security research agenda. Cryptography and Cryptosystems (Latest citations from INSPEC - The Database for Physics,Electronics, and Computing) NERAC Inc, Tolland CT, October 1993,250 updated with each order, PB94-8518211WCC.
citations,
The bibliography contains citations concerning the theory, design, standards, protocols, and applications of cryptography and cryptosystems. Citations examine cryptographic algorithms, techniques, cipher systems, schemes, knapsacks and keys of various types. Applications to the security or privacy of communications, computer information and data processing are discussed. Data Compression: Techniques and Applications (Latest citations from the INSPEC - The Database for Physics, Electronics and Computing)
464
citations,
The bibliography contains citations concerning techniques, studies and applications of data compression. Topics include data compression techniques involving algorithms and transforms, and analyses of data enhancement or degradation using the various techniques. Applications include data storage for computer memories, and compression of digital, video, and hybrid digital/video data for video processing, communications and teleconferencing, television and biomedical statistics. New Class of Cryptosystems Based on Interconnection Networks M. Portz, Technische Hochschule Aachen (Germany, F.R.), Fachgruppe Informatik, 1991, 21pp, TIB/A9302177/WCC. The notion of interconnection networks has been viewed from the crypographic point of view. It has been shown how to construct a set of permutations out of a set of Boolean functions. The appropriateness of two classes of Boolean functions as control-setting functions has been investigated. Pseudo-random Boolean functions as control-setting functions result in pseudo-random permutations and Boolean functions fulfilling the strict avalanche criterion of higher order result in fast computable permutation generators, which possibly turns out to be a good cryptosystem. Finally, it has been proposed to use different network topologies and different Boolean functions to define cryptosysterns. Workshop on Security Procedures for the Interchange of Electronic Documents: Selected Papers and Results R.G. Saltman, National Inst. of Standards and Technology, Gaitherburg MD, August 1993, 128pp, PB94-101854/WCC. Contents: @Linking Security Commerce; l
Balanced
Electronic
and the Law of Computer-Based
Data Interchange
Security;
Computers & Security, Vol. 13, No. 6
l
@Health Care Perspective EDI;
Issues in the
Professor Harold Joseph Highland, FICS is a dinosaur.He was graduated from the university and commissioned as a Second Lieutenant in 1938. He is managing Director of Compulit, Inc. [Elmont, NY, USA] and heads its Microcomputer Security Laboratory He retired more than a decade ago with the academic rank of Distringuished Professor from the Technical College of the Start University ofNew York.
of Computer
The Legal Viability of Electronically Environmental Compliance Reports;
l
Authenticity
l
What Price Data Security;
Security
and Assurance;
*Security Requirement and Evidentiary Interchange of Electronic Documents; l
Submitted
on Security Procedures for
*On the Optimal Expenditure costs; l
character to spread the word about computer security. Make use of Closed Circuit Television (CCTV) and VCR technology to liven up an education and awareness programme. Computer security videos can be shown on CCTV giving many people the opportunity to view them simultaneously. Humor can be used in presentations in a variety of publications. Develop an outreach programme that can provide computer security professionals with a positive voice in the community. Invest in the future by providing computer security awareness to children and adults today.
The Need for Risk Analysis;
Steps Toward Developing
a Security Policy
Security Issues in the Database Language SQL W.T.Polk and L.E. Bassham, National Inst. of Standards and Technology, Gaithersburg MD, August 1993,49pp, PB94-104585/WCC. The document examines the specific functionality that might be required of relational database management systems (RDBMSs) and compares them with the requirements and options of the SQL specifications. The comparison shows that the security functionality of an SQL-compliant RDBMS may vary greatly. A variety of security policies is considered which can be supported by SQL. The document ends by showing which types of functions are required by the examined security policies. How Do You Get People to Pay Attention to Computer Security? G.S. Warshawsky, Lawrence Livermore National Lab. CA, March 1993,22pp, DE930171781WCC. A computer security education and awareness programme can reach many people in a variety ofways.The use of attention grabbers can add excitement and interest to your awareness programme. Create a recognizable
He is the founding editor of Computers & Security and now servesas Editor-in-Chief Emeritus. Furthermore he serves on the editorial board of six professional magazines in the United States and overseas,and writes special features periodically. Over the yean he write for nte New York Tims and other newspapers, and has worked as a research statistician, tv producer, economist,consumermagazine editorandpublisher,bookeditorandinterior designer. He turned to acedemia in 1957 and became a Dean of a university graduate school. Dr. Highland was the first recipient of the IFIPKristian Beckman Au& made in public recognition of an individual, who has significantly contributed to the development of international information security. He also received the IFIP Oursrandblg Service Awardfor a decade of service in information security education and publishing. He also received the Thomas Fitgemld Award in recognition of his contribution to infosec from the ISSA. For his work in modeling and simulation as well as for random number generator research he received 7heDishguished SewiceAuurd from The Institute ofManagement Sciences College of Simulation, a Special Recognition Award from the Board of Directon of The Winter Simulation Conference and the ACM/.SICSIM Auwdfor Special Service in 1973 for his leadenhip and work during the classical period of modeling and simulation. A prolific author he has written several hundred technical articles and papen as well as 27 books. Several of his books have been translated into Japanese, German, French, Italian. Dutch, Russian, and Finnish. In addition to his writing, speeches and workshops, Dr. Highland serves as Counsel to the Computer Security Technical Committee of the Chinese Computer Federation [Beijing, PRC] and to other government agencies in the US and overseas. Dr. Highland is the only American Fellow of the Irish Computer [ICS]. He is also a member of the New York Academy of Sciences [NYAS], the Association for Computer Machinery [ACM], the IEEE’s Computer Society [IEEE/CS], American Association for the Advancement of Science [AAAs], The Internet Society [ISOC], Computer Professionals for Social Responsibility [CPRS], Information Systems Security [ISSA] and the Association for Corporate Computing Technical Professionals. More complete biographical data can be found in IVlzo’s Li& in the World, W71o’s Who in Amvico, Who’s Who in Science and Tecmology. Who’s Who in American Education, and wlto’s I+40 in tlte East.
465
& Security, 13 (1994) 458-465
Random Bits & Bytes Harold Joseph Highland, FIGS Editor-in-Chief Emeritus
Data Encryption: A Non-Mathematical Approach - Part 1
do not realize is that many programs do not process data at the same speed. Also some do not offer the identical level of security.
Codes and ciphers have been used for over 4000 years. Only in the past two decades have so many businesses used a cipher scheme to protect valuable data stored in a computer or transmitted horn one site to another. Most businessmen, even some computer security directors, do not have a full understanding of data encryption. Of all the products a company purchases, an encryption program is generally bought blind. It is the one product that the buyer almost accepts on faith, for few have any concept of the evaluation and testing of an encryption package.
Several years ago I included a review of several DES programs available for microcomputers. The same size text took from 8 to 94 seconds to encrypt. The fastest one was a product of a very well-known software producer. When I explained my dilemma to the company’s president, he had the technical manager of that division investigate. I learned within a week that their DES program only went through three iterations instead of the nomal16.When I spoke with the president again, he explained that the DES software was only a convenient supplement to his software and that he did not believe anyone would use it for ‘real’ encryption.
This is the first part of a series explaining cryptography to those readers who always felt that they did not have the mathematical background to understand this mysticism and those who were ‘exposed’ to encryption as part of their security education. I attempted to do such a series a few years ago in response to numerous requests, mail and telephone calls, from readers of the Journal. If you have felt inadequate in understanding encryption, don’t despair - you are not alone! Not all encryption software packages or hardware devices are equal. There is of course a difference between DES [Data Encryption Standard] and PK [Public Key] programs. But not all DES software programs are equal; nor are all Public Key programs. Ignore the differences of the human element in using these various software programs and/or hardware devices. What most people
0 Compulit,
458
Inc. 1994. All rights reserved.
Business professionals are not to blame for their lack of understanding of encryption. The field has a mystique generated by spy stories and a belief that one must be a mathematician to understand encryption. This is not true.
Basic terminology Let’s start with a few basic terms. Data encryption is a part of the science of cryptology,the study of concealed and secret writing, a method of disguising messages. It is the study of both cryptography and cryptanalysis. Cryptography is the art of creating and using a cipher system that will disguise messages. The original message is called a plaintext. The disguised message, using a particular cipher system, is called a ciphertext. Plaintext is enciphered using a particular cipher algorithm along
0167-4048/94/$7.00
0 1994, Elsevier Science Ltd
Computers & Security, Vol. 13, No. 6
with a cryptographic key [keyword, keyphrase, keynumber] to obtain the ciphertext. The term cryptographic system includes not only the algorithm itself but all other features of the encryption and decryption process. These include physical security features, generation and distribution of cryptographic keys, the enforcement of approved encryption procedures, as well as monitoring and testing of the cryptographic system. Cryptanalysis, on the other hand, is the art ofbreaking cryptosystems, seeing through the disguise even wheln you’re not supposed to read someone else’s ciphertext . Classical cryptanalysis involves an interesting combination of patience, determination, analytical reasoning, use of simple mathematical tools, pattern finding, and sometimes luck. The best textbooks available on the subject are the military cryptanalytics series written by the2 world’s foremost cryptographer, William E Friedman , covering World War I. The best source of books in this area have been published by Aegean Park Press in California. Modern public-key cryptanalysis often consists of factoring large integers, dealing discrete logarithms and using modern mathematical techniques. These are not the traditional fare of the former cryptanalysts. Computational number theorists today are some of the most successful cryptanalysts against public key systems. Considerable material has been written about encryption ciphers but there is great secrecy in the area of cryptanalysis. There are some interesting manuals and books dating back to World War I but some volumes used during World War II are still classified. There is a dearth of good books and other written material about modern methods of cryptanalysis. Two areas of disguising messages will be included in a later part of this series. One is code. This method requires a codebook wherein single words, phrases, letters and syllables can be indicated by a series of numbers or symbols.
The other is steganography where the very existence of the message is concealed. This is a form ofsecret writing using invisible ink, microdots or even plaintext hidden within other copy. l
Basic concepts The algorithm performing encryption and decryption is known as a cipher system that can be composed of one or more of the following methods: 1. Substitution methods 2. Transposition methods 3. Algebraic methods A substitution cipher is one in which the characters of the plaintext message are replaced by characters of another alphabet or by numeric values. The original characters in the ciphertext lose their identity but retain their position. In a transposition cipher the characters of the plaintext are rearranged in their sequence. Although the original characters lose their position, they retain their identity. Algebraic ciphers may be based on highly complex transposition methods or involved substitution methods, or even the use of both methods along with mathematical transformations which are performed by a computer. Both substitution and transposition ciphers have been used since the ancient Greeks and Romans, even the ancient Egyptians. Simple combinations of both methods have been used for several centuries. Historically substitution ciphers have been used more frequently than transposition. However with the advent of the computer complex algebraic ciphers were rapidly developed.
l
[b] decrypt meant changing unauthorized or illegal user. ’ The author ran into difficulties in France several years ago when lecturing about cryptology He used the term, decrypt, to explain converting ciphertext into readable form used by our organization. The deputy chief of the French equivalent of the National Security Administration [NSA], informed the author that correct usage was: [a] deripher meant changing ciphertext authorized receiver of the message but
into
plaintext
by an
ciphertext
into
plaintext
by an
In the United States we use decipher and decrypt interchangeably as we do encipher and encrypt. The French are more specific emphasizing the shade of difference between the pairs of words. 2The author had the legendary Col. Friedman as his instructor when he had his cryptanalysis training shortly after he was commissioned prior to World War II.
459
H. J. High/and/Random
Plaintext
Bits & Bytes
alphabet:
Ciphertext
alphabet
ABCDEFGBIJKLMNOPQRSTUVWXYZ :
DEFGHIJXLMNOPQR8TUPWXYZABC Fig 1.
Substitution
ciphers
There have been many substitution ciphers used over the centuries. At its simplest level, the letters ofa message are replaced with letters of an another alphabeg. The sequence of the letters in the plaintext do not change when they appear in the ciphertext. Caesar Cipher: in Figure 1 we have a simple example of a substitution cipher, one named after Julius Caesar. In it we systematically substitute one letter for another using what is known as an offset transform. There are two character sets or alphabets, the plaintext and ciphertext. The initial letter to start off the ciphertext alphabet is user selected. Here the initial ciphertext letter is D, that is, the plaintext letter A is replaced by the ciphertext letter D, B replaced by E, C replaced by F, etc. This is an example of an ‘offset 3’ Caesar cipher. In an ‘offset 7’ cipher we would find plaintext A replaced by H, plaintext B replaced by I, etc.
This cipher and column matrix. The 1, just as the
replaces each letter by two digits, the row in which the plaintext letter appears in the letter A is indicated by 11, row 1, column letter N is 34.
Again we shall encipher the message send contract at once. The cipher text would appear as in Figure 3.
Transposition
ciphers
Unlike the substitution cipher where the original plaintext letters are replaced during the encryption process, the letters remain unchanged in a transposition cipher. There are various ways in which individual or sets of letters can be rearranged. In pre-computer days this transposing of letters often was minimal. Picket Fence Cipher: Possibly the fastest and simplest of the transposition ciphers is one in which the odd letters of the message are separated from the even ones, resulting in two strings or character streams.
If we wanted to encipher the message: send contract at once, we would replace the plaintext S with V, replace e with H, replace n with Q, etc. so that we would have: plaintext: SEND
CONTRACT
AT
ONCE
ciphertext:
VHQG
FRQWUDFW
DW RQFH
Polybius Cipher: Another substitution cipher was developed by a Greek, Polybius. The alphabet is displayed as a 5-by-5 square. Since we must fit 26 letters into 25 spaces, one letter is omitted or two combined. Frequently the letter U is left out and replaced by I/ or the letters I and / occupy one box; see Figure 2.
3fn some substitution ciphers numbers or symbols are used in place of the letters of the conventional alphabet.
460
1
2
3
4
5
1
A
B
C
D
E
2
F
G
H
I
J
3
K
L
M
N
0
4
P
Q
R
8
T
5
V
W
X
Y
2
Fig. 2
Computers & Security, Vol. 13, No. 6
plaintext:
8
ciphertext:
35 11 12 33
END
CONTRACT
AT
13 24 12 22 14 31 13 22
31 22
ONCE 24 12 13 11
Fig. 3. To illustrate this technique encrypt communications.
we use the message: always
Message: ALWAYS Odd-Letter
ENCRYPT
COMMUNICATIONS
and column down. In one methods the plaintext is written row after row whereas the ciphertext is obtained by writing column after column. Our message, send contract at once, is written across each row without any space between words. See Fig 4.
Picket: NRP
AWY Even-Letter
1234 --1; SENDC 21 ONTRA 31 CTATO 4;NCEZ 51 ETAON
OMNCTOS
Picket:
LASECYTCMUIAIN In this illustration we have preserved the spaces between words in creating the odd and even pickets. The ciphertext would consist of the odd-letter picket followed by the even-letter picket or visa versa, depending upon the wishes of the individuals using the crypt0 system.
5
Z
Fig. 4.
Plaintext: ALWAYS
ENCRYPT
COMMUNICATIONS
Ciphertext: AWY
NRP
The plaintext message was written horizontally; the ciphertext message is written vertically, column after column. We fill missing spaces with any letters we wish.
OMNCTOSLASECYTCMUIAIN SOCNE
To decipher the message the receiver would count the total number of letters and spaces and divide the ciphertext into two parts. If the total number is uneven, the larger of the two is the upper sets of characters. The two streams would be set up and the message read as one would view a picket fence about a house. Top-Letter
Columnar
NTAER
DRTZO
CAOZN
Note: In the next segment there will be an introduction to algebraic ciphers and the techniques of adding complexity to simple ciphers.
Canadian Evaluation Criteria
Picket:
NRP AWY \/\/\/\/\/\/\/\/\/\/\/\/\/\/ LASECYTCMUIAIN Bottom-Letter
ENTCT
OMNCTOS
Picket:
Cipher: Another transposition cipher is somewhat similar to the Polybius substitution cipher. It is possible to transpose the plaintext by using rows across
The latest version of the “Canadian Trusted Computer Product Evaluation Criteria [CTCPEC],Version 3.0e”, is available free of charge to readers of Computers G Security. The volume presents a set of technical hardware/firmware/software criteria for trusted products which is consistent with the Information Technology Security Standards of the Canadian Government.
461
H. J. Highland/Random Bits & Bytes
Title: Author: Publisher:
A companion document, Cryptographic Modules, contains data exchange criteria for networks and criteria to evaluate trusted products incorporating cryptographic modules. The CTCPEC and its companion document are available from:
Canadian Trusted Computer Product Evaluation Criteria, Version 3.0e Eugen Mate Bacic [Project Leader], Aaron Cohen, Paul Cromier, et al. CSSCYCommunications Security Establishment; The Government of Canada; 1993.
Manager CSE INFOSEC PO. Box 9703, Terminal Ottawa, Ontario, Canada Kl G 324
The Computer Security Criteria are metrics used to evaluate the effectiveness of the security services provided by a product. Even if one does not operate in a trusted system environment, this volume covers many of the criteria that should be used in evaluating the security of the components of any system. This is a 208 page 8.5 by 11 inch volume.
Services
The Communication Security Establishment of the Department of National Defense of the Canadian Government has a mail server for this on the Internet. It accepts anonymous login under fip. For those hesitant or still new in using the Internet, see Fig. 5 for a sample dialog [note that bold face copy is user entered; computer generated data is in italics.
Internet FTP Dialogue We have reproduced llnfamiliar
an FlT
session
with the procedure,
downloaded
files under
bold; computer
IJser responses
FI‘P.
response
[Signing on to Canadian
in normal type”
Department
Ready: ftp ftp.cse.dnd.ca 220 moowis FTP server (Version
[If you are unfamiliar
6.10
with commands
mark (?) after the computer
user-f tp: Available
? user_ftp
change_wdir. cud delete, dl get host list,
Is,
Type
“1 ist
dir requests”
and entered
Our comments
of National
Thu
Login anonymous send e-mail address login ok, highlandgdockmaster.ncsc.mil access restrictions login ok,
user-f tp: 331 Guest Password: 230 Guest
question
to assist some of our readers.
Feb
commands
11
are shown in
are noted within [brackets].
Defence
bulletin
11:03:52
as password. - use your apply.
EST
own
board]
1993)
ready.
address!
on the system you have reached,
type a
response.]
requests: Login, noop print. quit, quote rename, send, for
1,
user
pr, p q, logout rn put a short
status, st trace help list-help, list-requests, lr
description
Fig. 5.
462
A few may be
and for others it might be a long time since they
of
lh
the
abbrev, exec_corn, do if answer execute,
requests.
ab ec
e
Computers & Security, Vol. 13, No. 6
[Change
from the root directory
the simpler
command,
to publications
pub successful.
[You can obtain
a list within that directory
to appropriate
user_ftp: total 5 -r--r--r__ drwxr-sr-x drwxr-sr-x drwxr-sr-x drwxr-sr-x
, 2 2 2 2
user ftp: totaT 6344 _r__r__r__ _r__r__r__ -r--r--r__ -r--r--r__ -r--r--r__ _r__r__r__ _r__r__r__ -r--r--r__ -r--r--r__ _r__r__r__ _r__r__r__ _r__r__r__ -r--r--r__ _r__r__r__ _r__r__r__ _r__r__r__ _r__r__r__
0 0 0 0 0
dir , , 1 1 , 1 1 1 1 1 1 1 1 1 1 1 1
0 0 0 0 0
535 512 1024 512 512
either
1s or dir and then
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
you browse
17:22 17:30 19:36 16:56 19:Ol
README criteria papers reviews symposium
714851 172626 798673 240171 872246 308847 960370 288615 1166479 394313 362429 12612
Jun Jun May May May May Jun Jun Jun Jun Aug Aug
2 2 12 12 12 12 27 27 27 27 31 25
993 993 993 993 993 1993 17:29 17:29 17:29 17:29 1993 1993
CTCPEC.ascii CTCPEC.ascii.2 CTCPEC.v3.0e.ptl.ps CTCPEC.v3.0e.ptl.ps.Z CTCPEC.v3.0e.pt2.ps CTCPEC.v3.0e.ptZ.ps.Z CTCPEC.v3.0f.ptl.ps CTCPEC.v3.0f.ptl.ps.Z CTCPEC.v3.0f.ptZ.ps CTCPEC.v3.0f.pt2.ps.2 Crypto.vl.O.ps NITSM.8.93e.asci
: 0 0 0
13747 15540 16082 1948 2248
Aug Aug Jun Apr
25 25 27 26
1993 1993 17:32 20:08
NITSM.8.93f.asci NITSM.8.93e.wSl NITSM.8.93f.wSl README ccrevfor.txt
the README
others
file on screen
files,
in postscript
print README ASCII mode
[To transfer
a file from the Canadian
data
it is necessary
for details
about the texts
format and some in WordPerfect.
user_ftp: 150 Opening
some systems
27 27 IO 27 20
0 0 0 0 0 0 0 0 0 0 0 0
to view copy on the screen.]
the filename
Jun Jun Jun Jun Jul
criteria successful.
command
connection
for
README
(1948
host to your machine,
not only to include
Some
Use the print
bytes).
use the get command.
the host’s original
filcnamc
On
but also
that you wish to use on your system.]
user_ftp: get CTCPEC.ascii CTCPEC 226 Transfer complete. Total elapsed time: 92.8 seconds. 1948 bytes transferred in 89.9 seconds
[Once
by entering
directory.]
are ASCII
letter
change - wdir or
1s
user_ftp: cwd 250 CUD command
[Suggest
using either
cwd.]
user_ftp: cwd 250 CUD command
change
directory
you have finished g will permit
browsing
(170
bits/set).
and downloading,
entering
logout, quit or even the
you to exit the host system and return to you own.]
463
H. J. Highland/Random Bits & Bytes
NTIS Volumes Of Interest
NERAC Inc, Tolland CT, October 1993,250 updated with each order, PB94-850104/WCC.
The National Technical Information Service (NTIS) is a self-supporting agency of the US Department of Commerce. It provides access to the results of both US and foreign government-sponsored research and development and engineering activities. For copies of any of the publications we consider of interest to computer security directors and personnel, you can communicate with: US Deoartment of Commerce Nation2 Technical Information 5285 Port Royal Road
Service
Orders: + 1 703 487-4650 Telex: 89-9405 or 64617 FAX: +l 703 321-8547
Research Directions in Database Security IV R.K.Burns,Mitre Corp,BedfordMA,July 1993,21Opp, AD-A268 885/i/WCC. This report contains the papers written for the Fourth RADC Database Security Workshop, held in Little Compton, Rhode Island, 22-25 April 1991. The papers reflect a range of research topics from the semantics of polyinstantiation to the problems of actually building trusted database management systems. The goal of this workshop was to provide a forum for the discussion of the work in progress, to clarify and amplify ideas, and to advance the multilevel database security research agenda. Cryptography and Cryptosystems (Latest citations from INSPEC - The Database for Physics,Electronics, and Computing) NERAC Inc, Tolland CT, October 1993,250 updated with each order, PB94-8518211WCC.
citations,
The bibliography contains citations concerning the theory, design, standards, protocols, and applications of cryptography and cryptosystems. Citations examine cryptographic algorithms, techniques, cipher systems, schemes, knapsacks and keys of various types. Applications to the security or privacy of communications, computer information and data processing are discussed. Data Compression: Techniques and Applications (Latest citations from the INSPEC - The Database for Physics, Electronics and Computing)
464
citations,
The bibliography contains citations concerning techniques, studies and applications of data compression. Topics include data compression techniques involving algorithms and transforms, and analyses of data enhancement or degradation using the various techniques. Applications include data storage for computer memories, and compression of digital, video, and hybrid digital/video data for video processing, communications and teleconferencing, television and biomedical statistics. New Class of Cryptosystems Based on Interconnection Networks M. Portz, Technische Hochschule Aachen (Germany, F.R.), Fachgruppe Informatik, 1991, 21pp, TIB/A9302177/WCC. The notion of interconnection networks has been viewed from the crypographic point of view. It has been shown how to construct a set of permutations out of a set of Boolean functions. The appropriateness of two classes of Boolean functions as control-setting functions has been investigated. Pseudo-random Boolean functions as control-setting functions result in pseudo-random permutations and Boolean functions fulfilling the strict avalanche criterion of higher order result in fast computable permutation generators, which possibly turns out to be a good cryptosystem. Finally, it has been proposed to use different network topologies and different Boolean functions to define cryptosysterns. Workshop on Security Procedures for the Interchange of Electronic Documents: Selected Papers and Results R.G. Saltman, National Inst. of Standards and Technology, Gaitherburg MD, August 1993, 128pp, PB94-101854/WCC. Contents: @Linking Security Commerce; l
Balanced
Electronic
and the Law of Computer-Based
Data Interchange
Security;
Computers & Security, Vol. 13, No. 6
l
@Health Care Perspective EDI;
Issues in the
Professor Harold Joseph Highland, FICS is a dinosaur.He was graduated from the university and commissioned as a Second Lieutenant in 1938. He is managing Director of Compulit, Inc. [Elmont, NY, USA] and heads its Microcomputer Security Laboratory He retired more than a decade ago with the academic rank of Distringuished Professor from the Technical College of the Start University ofNew York.
of Computer
The Legal Viability of Electronically Environmental Compliance Reports;
l
Authenticity
l
What Price Data Security;
Security
and Assurance;
*Security Requirement and Evidentiary Interchange of Electronic Documents; l
Submitted
on Security Procedures for
*On the Optimal Expenditure costs; l
character to spread the word about computer security. Make use of Closed Circuit Television (CCTV) and VCR technology to liven up an education and awareness programme. Computer security videos can be shown on CCTV giving many people the opportunity to view them simultaneously. Humor can be used in presentations in a variety of publications. Develop an outreach programme that can provide computer security professionals with a positive voice in the community. Invest in the future by providing computer security awareness to children and adults today.
The Need for Risk Analysis;
Steps Toward Developing
a Security Policy
Security Issues in the Database Language SQL W.T.Polk and L.E. Bassham, National Inst. of Standards and Technology, Gaithersburg MD, August 1993,49pp, PB94-104585/WCC. The document examines the specific functionality that might be required of relational database management systems (RDBMSs) and compares them with the requirements and options of the SQL specifications. The comparison shows that the security functionality of an SQL-compliant RDBMS may vary greatly. A variety of security policies is considered which can be supported by SQL. The document ends by showing which types of functions are required by the examined security policies. How Do You Get People to Pay Attention to Computer Security? G.S. Warshawsky, Lawrence Livermore National Lab. CA, March 1993,22pp, DE930171781WCC. A computer security education and awareness programme can reach many people in a variety ofways.The use of attention grabbers can add excitement and interest to your awareness programme. Create a recognizable
He is the founding editor of Computers & Security and now servesas Editor-in-Chief Emeritus. Furthermore he serves on the editorial board of six professional magazines in the United States and overseas,and writes special features periodically. Over the yean he write for nte New York Tims and other newspapers, and has worked as a research statistician, tv producer, economist,consumermagazine editorandpublisher,bookeditorandinterior designer. He turned to acedemia in 1957 and became a Dean of a university graduate school. Dr. Highland was the first recipient of the IFIPKristian Beckman Au& made in public recognition of an individual, who has significantly contributed to the development of international information security. He also received the IFIP Oursrandblg Service Awardfor a decade of service in information security education and publishing. He also received the Thomas Fitgemld Award in recognition of his contribution to infosec from the ISSA. For his work in modeling and simulation as well as for random number generator research he received 7heDishguished SewiceAuurd from The Institute ofManagement Sciences College of Simulation, a Special Recognition Award from the Board of Directon of The Winter Simulation Conference and the ACM/.SICSIM Auwdfor Special Service in 1973 for his leadenhip and work during the classical period of modeling and simulation. A prolific author he has written several hundred technical articles and papen as well as 27 books. Several of his books have been translated into Japanese, German, French, Italian. Dutch, Russian, and Finnish. In addition to his writing, speeches and workshops, Dr. Highland serves as Counsel to the Computer Security Technical Committee of the Chinese Computer Federation [Beijing, PRC] and to other government agencies in the US and overseas. Dr. Highland is the only American Fellow of the Irish Computer [ICS]. He is also a member of the New York Academy of Sciences [NYAS], the Association for Computer Machinery [ACM], the IEEE’s Computer Society [IEEE/CS], American Association for the Advancement of Science [AAAs], The Internet Society [ISOC], Computer Professionals for Social Responsibility [CPRS], Information Systems Security [ISSA] and the Association for Corporate Computing Technical Professionals. More complete biographical data can be found in IVlzo’s Li& in the World, W71o’s Who in Amvico, Who’s Who in Science and Tecmology. Who’s Who in American Education, and wlto’s I+40 in tlte East.
465