Cryptography

Cryptography is a commonly used technology to deliver security services required by a system. It is a mathematical based technology that transforms data into the unintelligible form to prevent undetected modification or unauthorized access [57]. The BRAVIS system provides the above mentioned security services by using cryptography technology. The basic and widely used cryptographic methods embrace symmetric key algorithms, asym-metric key algorithms, hash functions, and digital signatures.

Symmetric key algorithms

Symmetric key algorithms assure confidentiality by transforming a plaintext into an un-readable form. The name of symmetric key algorithms originates from their fundamental property that the same key is used in the encryption and decryption process (see Figure 3.2).

Symmetric key algorithms require that the shared secret key is distributed to the communi-cating parties via a secure channel, because the privacy of the communication mainly de-pends on the secrecy of the key. Therefore symmetric key algorithms are also called secret key algorithms. Secure key exchange channels for the delivery of keys are usually difficult to set up between people who never met before.

Figure 3.2: Symmetric encryption

Typical symmetric key algorithms, such as DES (Data encryption standard) [58] and AES (Advanced encryption standard) [59], are basically constructed by using substitution opera-tion in conjuncopera-tion with transposiopera-tion operaopera-tions to archive the maximum security. A sub-stitution operation replaces a plaintext symbol by another one. A transposition, also called permutation, rearranges the order of symbols. Substitution and transposition operations serve to achieve confusion and diffusion, respectively, which are two essential attributes required for a secure symmetric key algorithm [60]. Confusion means that any relationship between the plaintext, the ciphertext, and the key are concealed. Diffusion refers to the property that the statistical structure of the plaintext is not retained in the ciphertext.

Asymmetric key algorithms

Asymmetric key algorithms introduce a pair of keys for each participant: a public and a private key. The public key can be publicly and widely disseminated, while the private key must be kept secret by the owner. Therefore these algorithms are also referred as public key cryptographic algorithms. The public key is generated from the private key, but the private key cannot be determined from the public key. A plaintext encrypted using the public key can only be decrypted with the associated private key, and vice versa. The primary benefit of asymmetric key algorithms is that the need for the secure key-exchange channel is

elimi-nated, so that people who have no pre-existing security arrangement can securely exchange messages. Asymmetric key algorithms can be used for confidentiality as well as authentica-tion purposes. Figure 3.3 illustrates their use for confidentiality.

Figure 3.3: Asymmetric encryption

Asymmetric key algorithms are different from symmetric ones in the way they provide se-curity. The security of asymmetric key algorithms completely relies on the difficulty to solve some well-known problems in number theory. The famous RSA (Rivest-Shamir-Adelman) algorithm [61] was established on the basis of the problem of factoring large numbers. The Diffie-Hellman (DH) algorithm [62] which is broadly used in key exchange protocols depends on the difficulty of computing discrete logarithms in a large finite field.

Asymmetric key algorithms are usually in the order of 1000 times slower than symmetric ones due to their larger computation complexity. Moreover, asymmetric key algorithms need larger key sizes than symmetric ones to achieve equivalent security strength. The fol-lowing table gives a comparison of the different key sizes for the same security level for the two kinds of algorithms.

Table 3.2: Key size comparison at the equivalent security strength [63], [64]

Symmetric Algorithms ( DES, AES)

40 bits 56bits 64bits 80bits 96bits 112bits 120bits 128bits

Asymmetric algorithms (RSA, DH)

274 bits 384bits 512bits 1024bits 1536bits 2048bits 2560bit 3072bits

Hash functions

Hash function is a computationally efficient function that maps an arbitrary length message to a fixed length value. For instance, the widely used SHA-1(Secure Hash Algorithm 1) algorithm hashes a variable-length message to a 160 bit value. A hash function must have the following properties when employed in cryptography:

One-way: Given a hash value, it should be computationally infeasible to derive the corresponding original message.

Collision resistance: It should be computationally infeasible to find two different inputs that hash to a common value.

These properties assure that each message has a unique hash value associated with it. So the hash value is also regarded as “digital fingerprint” or “message digest” of a message. Hash functions can be used for checking the data integrity of a message in a local host. However, they alone are unable to protect the data integrity of a message transmitted over a network.

An attacker could insert his own message and the hash value of that message into the net-work to cheat the receiver, because the receiver has no means to determine whether a mes-sage comes from the proper communication partner or not.

In practice keyed hash functions, also called message authentication codes (MACs), are used for data integrity checks of networked applications. The MAC of a message is com-puted by either encrypting the hash value of the message with a joint secret key or hashing the concatenation of the message and the secret key. Thus any alteration of the message including message fabricating can be detected by the recipient, because the MAC value is tightly bundled with the secret key that the attacker does not know. HMAC [65] is a stronger variant of the MAC method. It applies keyed hash functions twice in succession to generate the hash value of a message.

Digital signatures

Message authentication codes protect the message integrity of two communicating parties, but they do not protect the two parties against each other [66]. This is because the two par-ties share the same secret key, so that each can deny that he/she actually sends the informa-tion or forges a message on behalf of the other. To prevent these possible disputes, digital signature schemes have to be introduced which use an asymmetric key algorithm.

Digital signatures are usually created in two steps. First the sender calculates the hash value of the message, then he/she encrypts (signs) the hash value with his private key. Signing the message digest instead of signing the message itself allows to make the digital signature shorter and to reduce the computation delay, since the length of message digest is fixed regardless of the length of the message. Moreover, a hashing function is much faster than a signing operation in practice. To verify the digital signature, the receiver first re-computes the hash value of the message and then decrypts the digital signature with the respective public key of the sender and compares this decrypted hash value with the recomputed one.

If the two values match the signature is valid. Figure 3.4 illustrates the process of creation and verification of a signature.

Figure 3.4: Digital signature

Digital signatures are mainly used to verify the authenticity of the origin of information (data origin authentication and non-repudiation), since the sender’s private key uniquely identifies the sender. As a side-effect of a digital signature, the data integrity of a message is checked as well, because the signature is verified by comparing the received hash value with the recomputed one. Moreover, digital signatures have become an essential element in a signature-based authentication protocols for entity authentication.