Cryptography

Government agencies, banks, and many corporations now routinely send a great deal of confidential information from one computer to another. Such data are usually transmitted via telephone lines or other nonprivate channels, such as the Internet. Continuing development of secure computer systems and networks will ensure that confidential information can be securely transferred across computer networks.

In the early 1970s, Horst Feistel, a scientist at International Business Machines Corporation (IBM Corporation), developed LUCIFER, a computerized cryptosystem that used both substitution and transposition.

In 1977 the United States National Bureau of Standards (now the National Institute of Standards and Technology [NIST]) developed a cryptographic technique called the Data Encryption Standard (DES). DES was based on LUCIFER and made use of the computer binary code (converting plaintext to bits, or binary digits of 1s and 0s). DES transformed 64-bit segments of information into 64-bit segments of ciphertext using a key that was 56 bits in size. Each user randomly selected a key and revealed it only to those persons authorized to see the protected data. DES was broken in 1998.

In 1978 three American computer scientists, Ronald L. Rivest, Adi Shamir, and Leonard Adleman, who later founded the company RSA Data Security, created the Rivest-Shamir-Adleman (RSA) system. The RSA system uses two large prime numbers, p and q, multiplied to form a composite, n. The formula n = pq, capitalizes on the very difficult problem of factoring prime numbers. See also Encryption; Number Theory.

As more and more information is transferred over computer networks, computer scientists continue to develop more secure, complex algorithms. In 1997 the NIST began coordinating development of a replacement for DES called Advanced Encryption Standard (AES). AES will use a more complex algorithm, based on a 128-bit encryption standard instead of the 64-bit standard of DES. This 128-bit algorithm will make AES impossible to decrypt with current technology.

Another encryption system based on 128-bit segments is called International Data Encryption Algorithm, or IDEA. The Swiss Federal Institute of Technology developed the IDEA standard in the 1990s. Computer scientists have also proposed alternatives such as public-key cryptosystems (PKCs), which use two types of keys, a public key and a private key. The public key encrypts data, and a corresponding private key decrypts it. The user gives the public key out to other users, and they can use the public key for encrypting messages to be sent to the user. The user keeps the private key secret and uses it to decrypt received messages. An example of a PKC is the RSA system, described above.

CRYPTANALYSIS

Cryptanalysis is the art of analyzing ciphertext to extract the plaintext or the key. In other words, cryptanalysis is the opposite of cryptography. It is the breaking of ciphers. Understanding the process of code breaking is very important when designing any encryption system. The science of cryptography has kept up with the technological explosion of the last half of the 20th century. Current systems require very powerful computer systems to encrypt and decrypt data. While cryptanalysis has improved as well, some systems may exist that are unbreakable by today’s standards.

Today’s cryptanalysis is measured by the number and speed of computers available to the code breaker. Some cryptographers believe that the National Security Agency (NSA) of the United States has enormous, extremely powerful computers that are entirely devoted to cryptanalysis.

The substitution ciphers described above are easy to break. Before computers were available, expert cryptanalysts would look at ciphertext and make guesses as to which letters were substituted for which other letters. Early cryptanalysis techniques included computing the frequency with which letters occur in the language that is being intercepted. For example, in the English language, the letters e, s, t, a, m, and n occur much more frequently than do q, z, x, y, and w. So, cryptanalysts look at the ciphertext for the most frequently occurring letters and assign them as candidates to be e, s, t, a, m, and n. Cryptanalysts also know that certain combinations of letters are more common in the English language than others are. For example, q and u occur together, and so do t and h. The frequency and combinations of letters help cryptanalysts build a table of possible solution letters. The more ciphertext that is available, the better the chances of breaking the code.

In modern cryptographic systems, too, the more ciphertext that is available to the code breaker, the better. For this reason, all systems require frequent changing of the key. Once the key is changed, no more ciphertext will be produced using the former key. Ciphertext that is produced using different keys—and frequently changed keys—makes the cryptanalyst’s task of code breaking difficult.