Encryption technologies: Basics of Cryptography

Cryptography, a Greek word meaning “secret writing,” is a technique used to securely store and transmit data. It has been used since antiquity in military and diplomatic communication.

The message to be encrypted is called plaintext, which can be converted into ciphertext by using a function. The parameter of the function is called the key. While everyone knows the encryption algorithm, only the sender and the specific recipient know the key. Attackers try to decrypt the cryptogram.

Keys need to be changed at regular intervals since they may be disclosed, or security policies may require it. The longer a key is used, the higher the chances of it being obtained. As manual key exchange is time-consuming, the process is left to automated key management.

There are 2 types of encryptions: one is symmetric (secret key) and the other is asymmetric (public key) cryptography.

Symmetric key cryptography

Basic elements of product ciphers

Source: https://faculty.ksu.edu.sa/sites/default/files/computer_networks_-_a_tanenbaum_-_5th_edition_1.pdf

The figure above shows the components of hardware encryption. The P-box performs permutation on the data, the S-box is for substitution. In practice, the P-box is placed inside the S-box. By combining the P and S boxes, the multiplication encryption device is created.

In this encryption group, the same key is used for both encryption and decryption. Examples are DES, 3DES (triple DES) and AES.

DES (Data Encryption Standard)

This method converts a 64-bit plaintext into a 64-bit encrypted text using a 56-bit encryption key.

Circuits can be used for exchanges and substitutions. When substituting, the order of the letters is changed, which is done in the so-called P box. A P-box is a circuit with 8 inputs and 8 outputs, which connects the inputs and outputs according to a parameter, so that the substitution takes place. The substitution requires an S box, which changes a 3-bit plaintext to a 3-bit encoded text.

The first step of encryption is an exchange unrelated to the key and the last operation is the inverse of this. In the penultimate step, the 32-bits element at the beginning are replaced with the 32 bits at the end. The other intermediate steps are performed with different parameters, but the essence is the same.

3DES (Triple Data Encryption Algorithm)

3DES uses triple cryptography to strengthen security. It consists of 2 keys and 3 levels. Firstly, the first key is used to encrypt the plaintext. Then the decryption process is performed with a second key. In the last step, the first key is used again for encryption. Only two keys are used because this is sufficient for a high level of security, it was considered unnecessary to generate more overhead for encryption.

AES (Advanced Encryption Standard)

In 1997, the National Institute of Standards and Technology (NIST for short) issued a tender for the development of an advanced encryption standard (AES), which had to meet several criteria: symmetric-key encryption must be implemented as a block cipher, the algorithm must be public and royalty-free, and it must support 128-bit, 192-bit and 256-bit keys. Finally, Rijndael encryption won in 2000. The name comes from the name of the creators.

Asymmetric cryptography

Each party involved in asymmetric encryption has a public key and a secret key. In addition to encryption, this solution allows both parties to identify each other.

First, the parties create a key pair. The sender encrypts the message with the recipient’s public key. This encrypted message can only be decrypted by the recipient with the secret key known to him. This ensures secure transmission.

The most widely used asymmetric encryption algorithm is RSA, named after the names of its creators: Rivest, Shamir, Adleman. For an attacker to decrypt a message, it is necessary to guess the prime factors from the multiplication of the prime numbers, which is unlikely to happen given the current computational calculations.

The disadvantage is that it uses longer keys than symmetric key encryption, which makes the process slower and uses more resources.

Its main applications are digital signatures and certificate authentication.

Your MFA solution is unsafe (most likely)

Oct 3, 2024 | Integration

SMS and One Time Passcodes Having any MFA is better than relying on passwords alone, but weak or...

Routing Protocols

Jun 24, 2024 | Integration, Szallós

In a network, cables and network devices can break down at any time, and if there is a problem,...

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
_GRECAPTCHA	5 months 27 days	This cookie is set by Google. In addition to certain standard Google cookies, reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when executed for the purpose of providing its risk analysis.
__cfruid	session	Cloudflare sets this cookie to identify trusted web traffic.

Analytics

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.

Cookie	Duration	Description
CONSENT	1 year	These cookies are set via embedded youtube-videos. They register anonymous statistical data on for example how many times the video is displayed and what settings are used for playback.No sensitive data is collected unless you log in to your google account, in that case your choices are linked with your account, for example if you click “like” on a video.

Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.

Cookie	Duration	Description
VISITOR_INFO1_LIVE	5 months 27 days
YSC	session
yt-remote-connected-devices	never	These cookies are set via embedded youtube-videos.
yt-remote-device-id	never	These cookies are set via embedded youtube-videos.

Your MFA solution is unsafe (most likely)

Routing Protocols

COMPANY

About us

Careers

SOLUTIONS

Fusion Center

Integration

Offensive Security

Compliance

Cloud Security

ICS/OT Security

MITRE Gap Assessment

KNOWLEDGE CENTER

Whitepapers

ICS Security Feed

Blog

FOR CLIENTS

NEWSLETTER