Cryptography as a Security Tool

There are many defenses against computer attacks, running the gamut from methodology to
technology. The broadest tool available to system designers and users is cryptography. In this
section, we discuss cryptography and its use in computer security. Note that the cryptography
discussed here has been simplified for educational purposes; readers are cautioned against
using any of the schemes described here in the real world. Good cryptography libraries are
widely available and would make a good basis for production applications.
It is generally considered infeasible to build a network of any scale in which the source and
destination addresses of packets can be trusted in this sense. Therefore, the only alternative is
somehow to eliminate the need to trust the network. This is the job of cryptography.
Abstractly, cryptography is used to constrain the potential senders and/or receivers of a
message. Modern cryptography is based on secrets called keys that are selectively distributed
to computers in a network and used to process messages. Cryptography enables a recipient of
a message to verify that the message was created by some computer possessing a certain key.
Similarly, a sender can encode its message so that only a computer with a certain key can
decode the message. Unlike network addresses, however, keys are designed so that it is not
computationally feasible to derive them from the messages they were used to generate or
from any other public information. Thus, they provide a much more trustworthy means of
constraining senders and receivers of messages. Note that cryptography is a field of study
unto itself, with large and small complexities and subtleties. Here, we explore the most
important aspects of the parts of cryptography that pertain to operating systems.
1. Encryption
Because it solves a wide variety of communication security problems, encryption is
used frequently in many aspects of modern computing. It is used to send messages
securely across a network, as well as to protect database data, files, and even entire
disks from having their contents read by unauthorized entities. An encryption
algorithm enables the sender of a message to ensure that only a computer possessing a
certain key can read the message, or ensure that the writer of data is the only reader of
that data. Encryption of messages is an ancient practice, of course, and there have
been many encryption algorithms, dating back to ancient times. In this section, we
describe important modern encryption principles and algorithms.
An encryption algorithm consists of the following components:
 A set K of keys.
 A set M of messages

 An encrypting function E : K → (M → C). That is, for each k ∈ K, Ek is a

function for generating ciphertexts from messages. Both E and Ek for any k
should be efficiently computable functions. Generally, Ek is a randomized

 A decrypting function D : K → (C → M). That is, for each k ∈ K, Dk is a

function for generating messages from ciphertexts. Both D and Dk for any k
should be efficiently computable functions.
An encryption algorithm must provide this essential property: given a ciphertext c ∈ C, a
computer can compute m such that Ek (m) = c only if it possesses k. Thus, a computer
holding k can decrypt ciphertexts to the plaintexts used to produce them, but a computer not
holding k cannot decrypt ciphertexts. Since ciphertexts are generally exposed (for example,
sent on a network), it is important that it be infeasible to derive k from the ciphertexts. There
are two main types of encryption algorithms: symmetric and asymmetric.

The basic idea of encryption is to encode a message so that only the desired recipient can
decode and read it. Encryption has been around since before the days of Caesar, and is an
entire field of study in itself. Only some of the more significant computer encryption schemes
will be covered here.
The basic process of encryption is shown in Figure 1, and will form the basis of most of our
discussion on encryption. The steps in the procedure and some of the key terminology are as
follows:
The sender first creates a message, m in plaintext.
The message is then entered into an encryption algorithm, E, along with the encryption key,
(Ke).
The encryption algorithm generates the ciphertext, c, = E(Ke)(m). For any key k, E(k) is an
algorithm for generating ciphertext from a message, and both E and E(k) should be efficiently
computable functions.
The ciphertext can then be sent over an unsecure network, where it may be received
by attackers.
The recipient enters the ciphertext into a decryption algorithm, D, along with the decryption
key, Kd.
The decryption algorithm re-generates the plaintext message, m, = D(Kd)(c). For any key k,
D(k) is an algorithm for generating a clear text message from a ciphertext, and both D and
D(k) should be efficiently computable functions.
The algorithms described here must have this important property: Given a ciphertext c, a
computer can only compute a message m such that c = E(k)(m) if it possesses D(k). ( In other
words, the messages can't be decoded unless you have the decryption algorithm and the
decryption key. )
Figure 1 - A secure communication over an insecure medium.

Symmetric Encryption
With symmetric encryption the same key is used for both encryption and decryption, and
must be safely guarded. There are a number of well-known symmetric encryption algorithms
that have been used for computer security:
The Data-Encryption Standard, DES, developed by the National Institute of Standards, NIST,
has been a standard civilian encryption standard for over 20 years. Messages are broken
down into 64-bit chunks, each of which are encrypted using a 56-bit key through a series of
substitutions and transformations. Some of the transformations are hidden (black boxes), and
are classified by the U.S. government.
DES is known as a block cipher, because it works on blocks of data at a time. Unfortunately,
this is a vulnerability if the same key is used for an extended amount of data. Therefore, an
enhancement is to not only encrypt each block, but also to XOR it with the previous block, in
a technique known as cipher-block chaining.
As modern computers become faster and faster, the security of DES has decreased, to where
it is now considered insecure because its keys can be exhaustively searched within a
reasonable amount of computer time. An enhancement called triple DES encrypts the data
three times using three separate keys (actually two encryptions and one decryption) for an
effective key length of 168 bits. Triple DES is in widespread use today.
The Advanced Encryption Standard, AES, developed by NIST in 2001 to replace DES uses
key lengths of 128, 192, or 256 bits, and encrypts in blocks of 128 bits using 10 to 14 rounds
of transformations on a matrix formed from the block.
The blowfish algorithm, uses variable key lengths up to 256 bits and works on 128bit blocks.
RC5 can vary in key length, block size, and the number of transformations, and runs on a
wide variety of CPUs using only basic computations.
RC4 is a stream cipher, meaning it acts on a stream of data rather than blocks. The key is
used to seed a pseudo-random number generator, which generates a keystream of keys. RC4
is used in WEP, but has been found to be breakable in a reasonable amount of computer time.
Asymmetric Encryption
With asymmetric encryption, the decryption key, Kd, is not the same as the encryption key,
Ke, and more importantly cannot be derived from it, which means the encryption key can be
made publicly available, and only the decryption key needs to be kept secret. ( or vice-versa,
depending on the application as shown in Figure 2).
One of the most widely used asymmetric encryption algorithms is RSA, named after its
developers - Rivest, Shamir, and Adleman.
RSA is based on two large prime numbers, p and q, ( on the order of 512 bits each ), and their
product N.
Ke and Kd must satisfy the relationship:
( Ke * Kd ) % [ ( p - 1 ) * ( q - 1 ) ] = = 1
The encryption algorithm is:
c = E(Ke)(m) = m^Ke % N
The decryption algorithm is:
m = D(Kd)(c) = c^Kd % N
An example using small numbers:
p=7
q = 13
N = 7 * 13 = 91
( p - 1 ) * ( q - 1 ) = 6 * 12 = 72
Select Ke < 72 and relatively prime to 72, say 5
Now select Kd, such that ( Ke * Kd ) % 72 = = 1, say 29
The public key is now ( 5, 91 ) and the private key is ( 29, 91 )
Let the message, m = 42
Encrypt: c = 42^5 % 91 = 35
Decrypt: m = 35^29 % 91 = 42

Figure 2 - Encryption and decryption using RSA asymmetric cryptography

Note that asymmetric encryption is much more computationally expensive than symmetric
encryption, and as such it is not normally used for large transmissions. Asymmetric
encryption is suitable for small messages, authentication, and key distribution, as covered in
the following sections.