Chapter 2

CRYPTOGRAPHY APPROACHES AND ATTACKS

Encryption's central role in computer security demands a thorough understanding by IT professionals who wish to employ it. The IT professional needs a firm command of cryptography in order to build proper defenses against breaches and attacks. This chapter presents a more in-depth review of cryptographic techniques and their potential weaknesses. Knowledge of basic cryptographic approaches, combined with an understanding of the generation and distribution of keys discussed in Chapter 3, will provide the foundation required to examine the robustness of hardware-based computer-security technologies discussed in subsequent chapters.

SYMMETRIC KEY CRYPTOGRAPHY

As explained in Chapter 1, symmetric key cryptography uses the same key to encrypt and decrypt a file. There are many symmetric key algorithms that have been developed over the years, including (but by no means limited to):

• One-time pads
• DES and Triple DES
• International Data-Encryption Algorithm (IDEA)
• Rivest Cipher 4 (RC4)
• Blowfish
• AES
• Quantum cryptography

Before examining specific cryptographic algorithms in detail, it is important to separate such ciphers into two categories: block and stream ciphers. A block cipher is a symmetric key cryptographic process that operates on fixed-length groups of bits called “blocks” using the same transformation for each block. During encryption, a block cipher might take a fixed-length block of 128 bits from plain text, for example, and, using ...