“Encryption is the building block of a secure system“
The early signs of encryption dates a few thousand years back to 1900 BC, but the earliest recorded cryptosystem is from 100 BC. But what is encryption? Why was it necessary and how has it evolved over the years?
Historical Methods
Encryption is the method of converting the data into an encoded form. There are various ways this can be achieved. Julius Caesar invented the Caesar cipher to hide the messages he sent to his generals.
Caesar Cipher
He used a substitution cipher, where he shifted each alphabet of the message by 3 places, A → D, B→ E, C→ F and so on.
For example :
Plaintext : ROOTFLOE PROVIDES CYBER SECURITY SERVICES.
after encryption using caesar cipher
CipherText : URRWIORH SURYLGHV FBEHU VHFXULWB VHUYLFHV.
This becomes a meaningless text to anyone who intercepts and reads the message but the person on the other end can decrypt the message using the key, the key here is that the alphabets are shifted by 3 places. This substitution cipher can be used by shifting the alphabets by any number of places.
Atbash Cipher
This is also a substitution cipher where the alphabets are interchanged with each other in a particular fashion. Here A→ Z, B→Y, C→X, D→ W and so on.
For example :
Plaintext : ROOTFLOE PROVIDES CYBER SECURITY SERVICES.
after encryption using atbash cipher
CipherText : ILLGUOLV KILERWVH XBYVI HVXFIRGB HVIERXVH.
Caesar and Atbash cipher are monoalphabetic ciphers where a single alphabet is substituted with another alphabet.
Vigenere Cipher
It is a polyalphabetic substitution where the alphabets are shifted based on a keyword. Each alphabet is associated with a number, where A→1, B→2, C→3 . . . . Z→26 respectively. First alphabet is shifted by the number of the first alphabet of the keyword and the second alphabet is shifted by the number of the second alphabet of the keyword and it continues, after the letters of the keyword are finished, the keyword is used again and again.
For example :
Plaintext : ROOTFLOE PROVIDES CYBER SECURITY SERVICES.
Keyword : APPLE
after encryption using Vigenere cipher
CipherText : RDDEJLDT AVOKXOIS RNMIR HTNYRXIJ WEGKTGEH.
Enigma
This was a machine invented by German engineer Arthur Scherbius near the end of World War I but was used extensively during the World War II to relay orders to the german troops and its allies.
The core of the Enigma machine was the rotors that were arranged in a circle with 26 letters on them. Each rotor represents a different single monoalphabetic substitution cipher and together they became a huge mechanical polyalphabetic substitution machine. Alan Turing also called as the father of modern cryptography led the team of british mathematicians that was able to intercept and break the enigma code and help Britain in the World War II and helped save millions of lives.
Modern Methods
Until the mid 1970s there was a single type of encryption which we call symmetric encryption now, Whitfield Diffie and Martin Hellman are credited with discovery of asymmetric encryption.
In symmetric encryption a single key is used to encrypt as well as decrypt the messages but in asymmetric encryption 2 different keys are used, one to encrypt and other to decrypt. You can read about asymmetric encryption which is also called as Public key cryptography here.
Major advances were made in the field of symmetric encryption since the days of Enigma. Complicated algorithms were created to make encryption more stronger.
DES
It stands for Data Encryption Standard. This was created by IBM in 1974 when the National Bureau of Standards of the United States called for an encryption standard which was much stronger than the current existing standards. It is a block cipher which divides the data into blocks and performs complex mathematical calculations for encryption and decryption. DES has a key size of 56 bits, which is quite less in this day and age, Electronic Frontier Foundation were able to break a DES key publicly in 22 hours.
Triple DES
To overcome the short key size of DES, Triple DES was conceived which performs the DES operation 3 times on the data block and in turn effectively increases the key length of the encryption algorithm. There are three keys K1, K2, K3. For encryption the data block is encrypted using K1, decrypted using K2 and encrypted using K3. This increases the strength of the encryption. For decryption the process is reversed, K3 is used to decrypt, K2 is used to encrypt and K1 is used to decrypt. Using the DES 3 times in succession and using three different keys, the total key size comes to 3*56 = 168 bits.
AES
The National Institute of Standards and Technology of the United States (NIST) called for a new encryption standard in 1997 calling it the Advanced Encryption Standard. Rijndael, an encryption algorithm created by two belgian cryptographers Vincent Rijmen and Joan Daemen was chosen as the AES encryption algorithm out of 15 entries submitted to the process. There are 3 different key sizes for AES, 128, 192 and 256 bits. AES is the most widely used encryption standard in the world now with general consensus being this might be the de-facto standard for the private sector.
An organisation has to be careful while choosing the encryption algorithm and methods to encrypt the company and customer data. Choosing a weak encryption or weak implementation of the encryption algorithms might put your data at risk.
If your system is compromised or if you would like to be prepared you can contact us at info@rootfloe.com for a free consultation.
Shreyas is an Intern at Rootfloe and holds Masters degrees in Information Security from Royal Holloway University of London and Computer Networks from BMSCE Bengaluru.
