A Preface to Cryptography
I am not a Cryptographer, I am not a Cryptography student, Cryptology is not my discipline. Please note that there is no guarantee that everything in this series of blog posts is/will be correct, I cannot be held accountable for you implementing a poor crypto system because you decided to do no further reading than my posts. Crypto is a very hard discipline, it takes years & years to get it right. Just keep this in mind when reading my posts, thanks! With that said, I will do my absolute best to ensure that every post is 100% accurate!
Cryptography is everywhere. One could say that statement is false, exaggerated or simply untrue however; it really is everywhere in the modern world. There are so many things you use on a daily basis that rely on crypto and you don’t even realise it. Okay, I know that crypto is not literally everywhere, I mean if we take a tree as an example I could not argue we have use of cryptography here but the point remains the same, in this day & age you’re surrounded by crypto and most people don’t even realise it - I would hope that the people reading these blog posts do realise it considering most of you will be InfoSec students/professionals.
Applications of Cryptography
Now that we’ve come to the conclusion crypto is pretty much everywhere, let us look at some very real modern applications of crypto and work out what that means for us, of course there are some really obvious ones that will spring to your mind right away such as: SSH, VPNs, VeraCrypt, BitLocker, HTTPS but what about less obvious things? How about GSM for example? Or DRM solutions? Bank cards? E-Passports? Okay, I think you get it - crypto is in a lot of places but why does that matter? This is a hard question to answer. However, I think the best way to answer this would be to ask you to imagine what the world would be like without cryptography for example, imagine if your bank card had no crypto mechanisms what would that mean for you? Well it would mean you cannot make payments securely potentially leading to anyone having the ability to use your funds. What about for example if you could not encrypt any files at all? Or imagine a world where everything you login to saves your password in plain-text anyone who owns the database could just go grab your password and credential stuff you - of course that final scenario is still technically possible because the application could just not hash them but the point is: crypto really provides us lots of protection that we are so used to having, I could not imagine using HTTP to login to my online banking but I’ve worn a tinfoil hat for the past 5-6 years so maybe I am just paranoid :D
Cryptology, Cryptography, Cryptanalysis oh my!
You may have heard these terms used interchangeably and forgive my inner old man coming out here but they are not the same thing! This is something that needs to be made clear when learning “cryptography” these aren’t the same thing and they should not be treated as such. Cryptology is really the discipline and cryptography & cryptanalysis are two of the branches in that discipline if you will. So, to put that simply “cryptography” and “cryptanalysis” are branches that form overall study of “cryptology” I think more people need to make that distinction.
We can define cryptography as the art of designing, maintaining and implementing encryption and cryptanalysis as the art of breaking the cryptography however, that does not mean cryptanalysis is only performed by malicious actors, in-fact cryptanalysis is a massive field and the field of cryptography heavily relies on the field of cryptanalysis. Without cryptanalysis we’d never know if the cryptography we implement is actually any good.
Kerckhoffs’s principle is very important to understand if you’re ever going to do anything with cryptology so we’re going to cover it in some depth here, specifically we’re really going to discuss what this principle actually means for us.
Throughout history until around 1970s most cryptographers were under the impression that the best way to keep our crypto systems secure was to keep the algorithms secret and hidden, tucked away if you will. In-fact you can see multiple cases of this throughout cryptology history one of the biggest examples being Nazi Germany & Enigma throughout WWII. They were so convinced they had an ultra secure algorithm and it turned out they were very wrong. However we came to realise that keeping your algorithm completely secret is actually a terrible idea. You might be thinking, “what the hell is Linxz talking about that it is a bad idea to keep our algorithms secret, surely if the attacker doesn’t know anything they cannot attack it!?” And honestly, in almost every single science you would be right to think like that but in cryptology nothing could be more wrong and this is what Kerckhoffs’s principle covers. So, what should we actually be doing Linxz? Well, you should be publishing the entire thing to wherever the hell you can. What I mean is, if you’re going to design a crypto system you should be getting as many eyes as possible to see it! If after a few years nobody breaks it then we (cryptographers) can say “we think this is secure”. The reason we say “think” is because with very few exceptions, there are is no mathematical proof that an algorithm is secure, we don’t know! All we can say is, “it has been a decade, the best cryptologists have reviewed this and they couldn’t find any issues we think it is secure enough for usage.
However, Kerckhoffs’s principle does cover more than just “don’t keep your cryptosystem private so we’ll look at the whole principle and not just that one point. It is worth noting that cryptographer Claude Shannon reformulated Kerckhoffs’s principle to “the enemy knows the system i.e., one ought to design systems under the assumption that the enemy will immediately gain full familiarity with them”, this is known as “Shannon’s Maxim” in the crypto community however Kerckhoffs’s principle is just as valid. In 1883 Auguste Kerckhoffs wrote two articles on La Cryptographie Militaire in which he stated 6 principles for designing a military cryptosystem. A few of these points are actually irrelevant these days however, axiom 2 is the one we’re really interested in.
- The system must be practically, if not mathematically, indecipherable;
- It should not require secrecy, and it should not be a problem if it falls into enemy hands;
- It must be possible to communicate and remember the key without using written notes, and correspondents must be able to change or modify it at will;
- It must be applicable to telegraph communications;
- It must be portable, and should not require several persons to handle or operate;
- Lastly, given the circumstances in which it is to be used, the system must be easy to use and should not be stressful to use or require its users to know and comply with a long list of rules.
As we mentioned, axiom 2 is the one that we’re interested in the most “it should not require secrecy, and it should not be a problem if it falls into enemy hands” this still remains true to this day and modern cryptographers all recognise this and Claude Shannon’s statement as true when it comes to designing a cryptosystem. It is really important for you to understand that when creating a cryptosystem we need to publish the design, so many people are under the impression that by keeping it hidden it makes it safe but that is not the case at all, in-fact it is merely “security by obscurity” which as you should know we try to avoid this in the field of security.
“Rolling Your Own”
Some of you may have heard the phrase “don’t roll your own” and I’d like to touch on this topic a little bit so people can actually understand what this term means, where it comes from and why we say this phrase.
Rolling your own usually refers to writing your own cryptosystems and then using them in practice and newsflash, the cryptographers are right this is a terrible idea! Designing a cryptosystem is hard, it takes a long time to develop something which can be deemed secure by the wider community. However, I think people take this phrase a little bit too far. Writing your own cryptosystems is a great way of learning, it really teaches you a lot and yes it is hard work and the chances are anyone with some decent cryptanalysis skills will break it but it is a fantastic learning mechanism! With that said, I think the phrase “don’t roll your own” should be adapted to “don’t roll your own in practice”. As I mentioned, designing your own cryptosystems is a fantastic way to learn and I encourage it but please, please do not implement these systems over standardized cryptosystems. There is a reason why AES has it’s name, it has been around for a very long time and as far as we know it is “secure” so stick with it. No matter how much better you think your crpytosystem is, it’s not!
Conclusion; writing your own crytposystems is great and an amazing way to learn however, just don’t use them on a live/production system, your home brewed encryption tool is not better than Rijndael so please don’t treat it like it is. I don’t want to discourage anyone from writing their own encryption systems I just don’t want anyone to get the impression they can write one, use it on a production system and it’s going to be the best thing ever written because chances are anyone with a decent level of crypto knowledge can break it and I don’t want to be held responsible for that, nor does anyone else in this field/community.
It is worth noting this section of the blog is not so much fact more opinion. Some people in the community hold a different view on “rolling your own” hell, I’ve heard people say not to do it at all which I don’t agree with but I just thought I’d explain the term a little bit and give my thoughts on what it actually means!
Due to the post getting considerably lengthy already I’ve decided that I am going to split the introduction to cryptography over multiple posts, maybe 2-3 it really depends on how much I feel like I should cram into a post, however, this post was a lot more on the theoretical side/background to cryptology so it is not that interesting! I have still not decided the layout for these posts so I actually don’t know what we will cover in the next one! Most likely it is going to be Sub Ciphers & Symmetric encryption but we’ll see when I start writing it!
If you’re really interested in everything I said here, I would highly advise you to go and do some more reading on Kerckhoffs’s principle it is really interesting stuff! Wikipedia is probably enough, I don’t expect anyone to go away and read the two entries he made in La Cryptographie Militaire but if you’re interested in that, you can find an english version with annotations here.
Thanks for reading! I’ll see you in the next post!