Selasa, 20 Mei 2008

Symmetric-Key Cryptography

Cryptography converts readable data into gibberish, with the ability to recover the original data from that gibberish. The first flavor of crypto is called symmetric key. In this approach, an algorithm uses a key to convert information to what looks like random bits. Then the same key is used to recover the original data.

Bob is a sales rep for a company that makes printing machinery. He sells to a newspapers, magazines, independent printing houses large and small, and even universities. His product line includes presses, tools, replacement parts, repair services, and training. The end of the quarter is coming up in a couple of weeks, and he’s just received a memo from Alice, the vice president of sales. The company is having difficulty “making its number” the memo says. Then it outlines a new, complex pricing policy.

This new policy list the asking prices for all their products and also indicates the lowest prices sales reps are allowed to negotiate. In the past, they have based the amount of the discounts they give on the size of the order, expectations of futuresales with a given client, and other factors. But now, the memo states, sales reps have the authority to give even bigger discounts.

Bob wants to closely limit who has access to this information. If potential costumers knew how far he was willing to go in discounting, they would have edge in negotiations. Existing costumers might demand rebates, and competitors would gain knowledge that could aid them in winning contract. In addition, stock analyst or business reporters could report the company‘s slow sales this quarter, affecting its reputation.

How can Bob and Alice keep this memo secret? They could choose not to let it leave the office, or may be Bob could simply memorize it.But its more than 20 pages long and too complex to memorize it, and he will need to consult it while trying to make a sale.

So Bob keeps an electronic copy of the memo on his laptop, and takes steps to protect the file. But Bob can lose his laptop, or someone might steal it or simply look through the files while he’s at lunch. To protect the file he decides to encrypt it.

Let say Bob buys a computer program to encrypt sensitives files. When running the program, he simply flips the switch to encrypt and feeds the file to the program. When file comes out of the program, it looks like gibberish. If intruders get their hands on it, they will have no idea what it means.

The problem is that as long as the file is gibberish Bob won’t be able to read it either. To read it he must somehow convert it back to its original form. The program has just a feature; he flips the switch to decrypt, feeds in the gibberish, and out comes the file in its former conditions.

But there is one problem with ths scenario. If intruders are able to operates the program, and can obtain the encrypted file, thus, the intruders can convert the encrypted file back. Even if they can’t, where can Bob safely store the program? If he can keep the program out of the hands of attackers, why not store his file there as well?

No, he does not have a place where he can keep the encrypting and decrypting program safe. And Bob has access to it, he must assume that attackers can gain access. That is why he uses encryption in the first place. By itself, an encryption machine cannot protect secrets. Bob needs additional protection.

That additional protection is a secret number. If he feeds the file and a secret number to the program, the program will encrypt the file. Until the program has a secret number, it will not run. To decrypt the file, Bob must present the gibberish and the same secret number.

If an attacker somehow obtains a copy of the gibberish and feeds it to the program for recovery, it on’t work. The program ask fo the number, which the attacker does not know. It’s possible to try numbers at random ( or to try all possible numbers systematically), but every time a wrong number is inserted, the application simply spits out different gibberish.

Event hough someone can use the same program Bob used, It never re-creates the original file without the secret number. Even if the attacker guesses a number close to the original number, even if it is off by only 1, the program will not produce anything close to the correct encrypted file.

Tidak ada komentar: