Encryption

Encryption in parts

Encryption is often made up of two parts: Substitution and Transposition. 

 

The usage or combination of these parts is what makes up the encryption "cipher" of the algorithm that's used to encrypt data in a way that only the intended recipient can read the data.

Substitution

Substitution based Encryption ciphers have been in existence since the Roman Era. One of the first know "ciphers" is the caesar cipher. 

 

This cipher basically takes each character of the original text and replaces it with a character shifted X many times from it's original position in the alphabet. 

 

The X is basically the cipher "key." Without the "key" the original text would be hard to decipher. 

 

https://en.wikipedia.org/wiki/Caesar_cipher

Substitution

If we take the text "the quick brown" along with the cipher key of 3.

 

We can encrypt the text into "wkh txlfn eurzq".

 

The downside is that if we use the word "the" a lot, we'll also see "wkh" many times in the encrypted text. Using frequency analysis, a person could determine that "wkh" is equal to "the" and with that information decipher that the cipher key is "3". 

Tranposition

Transposition was later added to substitution to fix the problems introduced by substitution. A transpositional cipher works by making an anagram of the original text in a very specific way. 

 

Given  "wkh txlfn eurzq" (spaces included)

w k h |

t x l f

n | e u

u r q

if we go top down starting from the right, we get

" fuqhlerkx rwtnu"

Tranposition

By layering substitution and transposition on top of each other we fix the flaws from the previous cipher. 

 

A famous example of this is the "Engima" machine invented by the German to encrypt their messages against allied forces. 

 

This was eventually cracked by Alan Turing because the engima machine had a flaw where any character could not be encrypted into the original character it was. 

Blocking

Modern encryption algorithms take small chunks of the original text and apply substitution and transposition ciphers to those chunks in an alternating fashion many times over. 

 

This ensures that the block of text is truly encrypted. To add entropy to this process, another technique called Cipher Block Chaining is also applied. 

CBC

The initialization vector is the seed or "password key" used to start the encryption process. The password is added to the start of the text and becomes the first block of text to be encrypted.

 

The output of that encrypted block then becomes the input of the next block ensuring that consecutive instances of the word "the" is always encrypted to a different value each time.

 

With this technique, the wrong password would return a completely different output.

ASCII Example

"the "

0111 0100 = 116 = t
0110 1000 = 104 = h
0110 0101 = 101 = e
0010 0000 = 32  = ' '

 

Shift right =>

 

0011 1010 = 58 = :
0111 1100 = 114 = r
1011 0010 = 2

0001 0000 = 16 = (Data link escape)

ASCII Example

This shows how manipulating the bits by just moving them left or right can completely change the output. This achieves both substitution and transposition based on how we move the bits around.

 

 

Other types

Other types of encryption include: 

Hashing Functions

Public Key Cryptography

Elliptical Curve Cryptography

 

Hasing Functions

Hashing functions try to encrypt data by using a hash table to categorize data into unique outputs. 

 

Given a random number 16, a Hashing function that just runs modulus of 7 on the input would always return the value, 2. But 23 will also return the value 2.

 

A strong hashing function will aways return a unique output for any given input. 

Destructive Hashing

Some hashing functions are destructive in the sense that once a input is hashed, the original input value can never be "un-hash" from the output.

 

This can be very valuable for storing user passwords in a database. Paired with encrypting the password, the user password should be safe from decryption and unhashing even from the person that owns the application server.

Bcrypt

Bcrypt is a encryption algorithm that is commonly used to store user password in our industry. 

 

It will encrypt a password using a random initialization vector (called a "salt").

It will then run a hashing algorithm over the output of the encryption algorithm a specified number of times.

This is called the "work factor".

This is to ensure that as computers get faster, we can just increase the work factor so that password will always take a generous amount of time before the password is encrypted. 

Resources

 - ASCII Table: http://www.asciitable.com/

 

 - Ciphers: https://en.wikipedia.org/wiki/Cipher

-Caesar Cipher: https://en.wikipedia.org/wiki/Caesar_cipher
 - Transposition Ciphers: https://en.wikipedia.org/wiki/Transposition_cipher

 - Hash Functions: https://en.wikipedia.org/wiki/Hash_function


 - SHA 1: https://www.youtube.com/watch?v=DMtFhACPnTY

- Encryption: https://www.youtube.com/watch?v=BYz4X1BlcQc

Made with Slides.com