MODERN ENCRYPTION
Read the following words and word combinations and use them for understanding and translation of the text:
one-time pad – блокнот одноразового использования
to withstand - противостоять
prior to... - перед чем-либо
to be referred to as... - называться
flaw - ошибка
staggering - ошеломляющий
power (зд.) - степень
conventional computers — традиционные компьютеры
to listen in - подслушать
key distribution problem — задача распределения ключей
Until the 1990s, cryptology was based on algorithms -- a mathematical process or procedure. These algorithms are used in conjunction with a key, a collection of bits (usually numbers). Without the proper key, it's virtually impossible to decipher an encoded message, even if you know what algorithm to use.
The "one-time pad" encryption algorithm was invented in the early 1900s, and has since been proven as unbreakable. The one-time pad algorithm is derived from a previous cipher called Vernam Cipher, named after Gilbert Vernam. The Vernam Cipher was a cipher that combined a message with a key read from a paper tape or pad. The Vernam Cipher was not unbreakable until Joseph Mauborgne recognized that if the key was completely random the cryptanalytic difficultly would be equal to attempting every possible key. Even when trying every possible key, one would still have to review each attempt at decipherment to see if the proper key was used. The unbreakable aspect of the one-time pad comes from two assumptions: the key used is completely random; and the key cannot be used more than once. The security of the one-time pad relies on keeping the key 100% secret. The one-time pad is typically implemented by using a modular addition (XOR) to combine plaintext elements with key elements. The key used for encryption is also used for decryption. Applying the same key to the ciphertext results back to the plaintext.
If any non-randomness occurs in the key of a one-time pad, the security is decreased and thus no more unbreakable. Numerous attempts have been made to create seemingly random numbers from a designated key. These number generators are called Pseudo-Random Number Generators (PRNGs) because they cannot give a completely random number stream. Even though the security of a PRNG is not 100% unbreakable, it can provide sufficient security when implemented correctly. PRNGs that have been designated secure for cryptographic use are called Cryptographically Secure Pseudo-Random Number Generators (CSPRNGs). CSPRNGs have qualities that other PRNGs do not. CSPRNGs must pass the "next-bit test" in that given the first k bits, there is no polynomial-time algorithm that can predict the (k+1)th bit with probability of success higher than 50%. CSPRNGs must also withstand "state compromises." In the event that part or all of its state is revealed, it should be impossible to reconstruct the stream of random numbers prior to the revelation.
There are limitless possibilities for keys used in cryptology. But there are only two widely used methods of employing keys: public-key cryptology and secret-key cryptology. In both of these methods (and in all cryptology), the sender (point A) is referred to as Alice. Point B is known as Bob.
In the public-key cryptology (PKC) method, a user chooses two interrelated keys. He lets anyone who wants to send him a message know how to encode it using one key. He makes this key public. The other key he keeps to himself. In this manner, anyone can send the user an encoded message, but only the recipient of the encoded message knows how to decode it. Even the person sending the message doesn't know what code the user employs to decode it.
PKC is often compared to a mailbox that uses two keys. One unlocks the front of the mailbox, allowing anyone with a key to deposit mail. But only the recipient holds the key that unlocks the back of the mailbox, allowing only him to retrieve the messages.
The other usual method of traditional cryptology is secret-key cryptology (SKC). In this method, only one key is used by both Bob and Alice. The same key is used to both encode and decode the plaintext. Even the algorithm used in the encoding and decoding process can be announced over an unsecured channel. The code will remain uncracked as long as the key used remains secret.
SKC is similar to feeding a message into a special mailbox that grinds it together with the key. Anyone can reach inside and grab the cipher, but without the key, he won't be able to decipher it. The same key used to encode the message is also the only one that can decode it, separating the key from the message.
Both the secret-key and public-key methods of cryptology have unique flaws. The problem with public-key cryptology is that it's based on the staggering size of the numbers created by the combination of the key and the algorithm used to encode the message. These numbers can reach unbelievable proportions. What's more, they can be made so that in order to understand each bit of output data, you have to also understand every other bit as well. This means that to crack a 128-bit key, the possible numbers used can reach upward to the 1038 power. That's a lot of possible numbers for the correct combination to the key.
The keys used in modern cryptography are so large, in fact, that a billion computers working in conjunction with each processing a billion calculations per second would still take a trillion years to definitively crack a key. This isn't a problem now, but it soon will be. Current computers will be replaced in the near future with quantum computers, which exploit the properties of physics on the immensely small quantum scale. Since they can operate on the quantum level, these computers are expected to be able to perform calculations and operate at speeds no computer in use now could possibly achieve. So the codes that would take a trillion years to break with conventional computers could possibly be cracked in much less time with quantum computers. This means that secret-key cryptology (SKC) looks to be the preferred method of transferring ciphers in the future.
But SKC has its problems as well. The chief problem with SKC is how the two users agree on what secret key to use. It's possible to send a message concerning which key a user would like to use, but shouldn't that message be encoded, too? And how do the users agree on what secret key to use to encode the message about what secret key to use for the original message? There's almost always a place for an unwanted third party to listen in and gain information the users don't want that person to have. This is known in cryptology as the key distribution problem.
RSA encryption, named for the surnames of the inventors, relies on multiplication and exponentiation being much faster than prime factorization. The entire protocol is built from two large prime numbers. These prime numbers are manipulated to give a public key and private key. Once these keys are generated they can be used many times. Typically one keeps the private key and publishes the public key. Anyone can then encrypt a message using the public key and send it to the creator of the keys. This person then uses the private key to decrypt the message. Only the one possessing the private key can decrypt the message. One of the special numbers generated and used in RSA encryption is the modulus, which is the product of the two large primes. In order to break this system, one must compute the prime factorization of the modulus, which results in the two primes. The strength of RSA encryption depends on the difficultly to produce this prime factorization. RSA Encryption is the most widely used asymmetric key encryption system used for electronic commerce protocols.
Notes:
One-time pad (другое название Vernam Cipher) – система симметричного шифрования. Является единственной системой шифрования, для которой доказана абсолютная криптографическая стойкость.
XOR (Exclusive or) – сложение по модулю 2, логическая и битовая операция.
Pseudo-Random Number Generator – генератор псевдослучайных чисел.
Cryptographically Secure Pseudo-Random Number Generator – криптографически безопасный генератор псевдослучайных чисел.
RSA encryption (аббревиатура от имен Rivest, Shamir, and Adleman) – криптографический алгоритм с открытым ключом, основывающийся на вычислительной сложности задачи факторизации больших целых чисел.
Assignments
1. Translate the sentences from the texts into Russian in writing paying attention to the underlined words and phrases:
1. The "one-time pad" encryption algorithm was invented in the early 1900s, and has since been proven as unbreakable.
2. Even when trying every possible key, one would still have to review each attempt at decipherment to see if the proper key was used.
3. The one-time pad is typically implemented by using a modular addition (XOR) to combine plaintext elements with key elements.
4. Numerous attempts have been made to create seemingly random numbers from a designated key.
5. CSPRNGs must pass the "next-bit test" in that given the first k bits, there is no polynomial-time algorithm that can predict the (k+1)th bit with probability of success higher than 50%.
6. SKC is similar to feeding a message into a special mailbox that grinds it together with the key.
7. RSA encryption, named for the surnames of the inventors, relies on multiplication and exponentiation being much faster than prime factorization.
8. One of the special numbers generated and used in RSA encryption is the modulus, which is the product of the two large primes. In order to break this system, one must compute the prime factorization of the modulus, which results in the two primes.
2. Answer the following questions:
1. Is the one-time pad an unbreakable means of encryption?
2. What two assumptions does the unbreakable aspect of the one-time pad come from?
3. What is the difference between PRNG and CSPRNG?
4. What is safer: PKC or SKC?
5. What can the strength of RSA encryption depend on?
3. Translate into English:
Как бы ни были сложны и надежны криптографические системы, их слабое место при практической реализации - проблема распределения ключей. Для того, чтобы был возможен обмен конфиденциальной информацией между двумя субъектами ИС, ключ должен быть сгенерирован одним из них, а затем каким-то образом опять же в конфиденциальном порядке передан другому. Т.е. в общем случае для передачи ключа опять же требуется использование какой-то криптосистемы.
Для решения этой проблемы на основе результатов, полученных классической и современной алгеброй, были предложены системы с открытым ключом.
Суть их состоит в том, что каждым адресатом ИС генерируются два ключа, связанные между собой по определенному правилу. Один ключ объявляется открытым, а другой закрытым. Открытый ключ публикуется и доступен любому, кто желает послать сообщение адресату. Секретный ключ сохраняется в тайне.
Исходный текст шифруется открытым ключом адресата и передается ему. Зашифрованный текст в принципе не может быть расшифрован тем же открытым