Security - Telenor
Security - Telenor
Security - Telenor
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Lars R. Knudsen (38) is Professor<br />
at the Institute of Informatics<br />
at the University of Bergen. He<br />
received his M.Sc. and Ph.D.<br />
degrees in computer science<br />
and mathematics from Aarhus<br />
University, Denmark, in 1992,<br />
respectively 1994. He has written<br />
numerous scientific papers<br />
in the area of cryptology and is<br />
regarded a world expert in block<br />
cipher encryption algorithms.<br />
lars.knudsen@ii.uib.no<br />
10<br />
Advanced Encryption Standard (AES).<br />
Encryption for our Grandchildren<br />
LARS R. KNUDSEN<br />
Introduction<br />
Encryption used to be something which only the<br />
secret services and military had a real interest in<br />
and which private citizens only knew from<br />
crosswords and puzzles in Sunday newspapers.<br />
Today encryption is an important part of the<br />
information society. Outside of the secret services<br />
the interest in encryption started to blossom<br />
at the end of the 1970s.<br />
First, IBM (International Business Machines)<br />
developed the cryptosystem Lucifer, which later<br />
was adapted as a US Federal Information Processing<br />
Standard, although slightly modified.<br />
This standard was published in January 1977<br />
as the DES (Data Encryption Standard) and is<br />
today probably the most used encryption system<br />
in the world (at least outside of the secret services).<br />
The system is a so-called secret-key cryptosystem,<br />
where the same information, or key,<br />
is used to encipher (or encrypt) and decipher (or<br />
decrypt) the messages.<br />
Second, the researchers Whitfield Diffie and<br />
Martin Hellman discovered (or re-discovered 1) )<br />
so-called public-key cryptography, where the<br />
secret key is split into two parts, a public part<br />
and a secret part. The public part of the key is<br />
made available to everyone; the secret part stays<br />
secret with one party. The public key can be<br />
used by everyone to encrypt a message, while<br />
the secret key can be used to decrypt the ciphertext<br />
and restore the message.<br />
The differences between today’s secret-key and<br />
public-key cryptosystems are many, but there is<br />
a need for both of them. Even though the DES<br />
has withstood almost 25 years of cryptanalytic<br />
attempts to find shortcuts in the algorithm by<br />
cryptanalysts from all over the world, time is<br />
running out for the algorithm. The main problem<br />
is that the DES was designed to accept keys of<br />
only 56 bits, which means that there are 2 56 ≈<br />
10 17 different keys. Even though this number<br />
may seem huge, (as an example, 2 56 seconds are<br />
about 2 billion years), it is small enough to<br />
enable the design of special-purpose built hardware,<br />
which can run through all possible values<br />
of the key in a very short time. In 1998 it was<br />
estimated that an attacker who is willing to<br />
invest one million US dollars, could try all values<br />
of the key, one by one, in just half an hour!<br />
With a few encrypted messages on hand, one<br />
can simply decrypt these under all possible values<br />
of the key. The value of the key which yields<br />
some meaningful messages is with a high probability<br />
the correct one, and the system is broken.<br />
Technical Detail<br />
In a cryptosystem the message is always first<br />
converted to a number. This number is then<br />
encrypted by applying some mathematical or<br />
non-mathematical operations to it, and the<br />
resulting number is then transformed back to<br />
cipher-text. The numbers are represented in the<br />
binary number system, that is, a number is either<br />
a zero or a one. As an example, the number 17<br />
in the decimal number system (the one we use<br />
normally) is 10001 in the binary number system.<br />
The symbols in the binary number system are<br />
called bits.<br />
AES – Advanced Encryption<br />
Standard<br />
In 1997 the American National Institute for<br />
Standards and Technology (NIST) decided that<br />
it was time to find a substitute for the DES. Surprisingly<br />
(at least to this author) NIST invited<br />
parties from all over the world to participate in<br />
this process and announced a call-for-candidates<br />
for the Advanced Encryption Standard (AES).<br />
The conditions for the competition were many<br />
and included a whole range of documentation<br />
requirements and test results.<br />
The most important requirements for the system<br />
are that there must not be any trapdoors (shortcuts),<br />
and that the best attack against the system<br />
is the trivial one of trying all keys one by one. A<br />
more specific requirement is that the secret keys<br />
must be of length of at least 128 bits. This means<br />
that there will be at least 2 128 different keys,<br />
which is about 10 39 . The above mentioned special-purpose<br />
built machines to try all keys one<br />
by one will not have a chance of being applicable<br />
in practice before 2030 – 2040, or probably<br />
even later.<br />
NIST also invited the world’s cryptanalysts to<br />
participate in the process. The goal of NIST is<br />
that the whole process be as open as it can be,<br />
and that all aspects of the design and analysis<br />
are made public.<br />
1) The English intelligence service claims that they invented the public-key techniques around the<br />
same time.<br />
Telektronikk 3.2000