From 3ffb4a79ee779e422679cc53277781cbf9b266cd Mon Sep 17 00:00:00 2001 From: eneller Date: Thu, 7 May 2026 13:46:07 +0200 Subject: [PATCH] update --- crypto.bib | 14 ++++++++++++++ crypto.tex | 46 ++++++++++++++++++++++++++++++++++++++++++---- 2 files changed, 56 insertions(+), 4 deletions(-) diff --git a/crypto.bib b/crypto.bib index e2521ce..d687e5d 100644 --- a/crypto.bib +++ b/crypto.bib @@ -45,3 +45,17 @@ year={1978}, publisher={ACM New York, NY, USA} } +@misc{ enwiki:ciphersuite, + author = "{Wikipedia contributors}", + title = "Cipher suite --- {Wikipedia}{,} The Free Encyclopedia", + year = "2026", + url = "https://en.wikipedia.org/w/index.php?title=Cipher_suite&oldid=1342766306", + note = "[Online; accessed 10-April-2026]" +} +@misc{ enwiki:mitm, + author = "{Wikipedia contributors}", + title = "Man-in-the-middle attack --- {Wikipedia}{,} The Free Encyclopedia", + year = "2026", + url = "https://en.wikipedia.org/w/index.php?title=Man-in-the-middle_attack&oldid=1347824570", + note = "[Online; accessed 10-April-2026]" +} \ No newline at end of file diff --git a/crypto.tex b/crypto.tex index 037bb0f..b69bccd 100644 --- a/crypto.tex +++ b/crypto.tex @@ -21,6 +21,8 @@ \newacronym{DES}{DES}{Data Encryption Standard} \newacronym{AES}{AES}{Advanced Encryption Standard} \newacronym{RSA}{RSA}{Rivest–Shamir–Adleman} +\newacronym{mitm}{MITM}{Man-in-the-middle attack} +\newacronym{CA}{CA}{Certificate Authority} @@ -156,19 +158,51 @@ confusion through substitution boxes (S-box) and diffusion through permutation boxes (P-box). \cite{enwiki:confusion-diffusion} -\section{DES}\label{sec:des} +\section{Symmetric Encryption} +\subsection{DES}\label{sec:des} The \acrfull{DES} is a symmetric (or private-key) cipher developed in the 1970s at IBM as an archetypal block cipher. It takes in a block of 64 bits and transforms it to a ciphertext using a key of equal length. Despite suspicions of backdoors engineered into the algorithm due to the involvement of the NSA in the development of \acrshort{DES}, it was approved as a federal standard in the USA in 1976 and only retired due to its short key length, -for which the NSA however was directly responsible as well. \newline +for which the NSA however was directly responsible as well. Nevertheless, it sparked public and scientific interest in the research of encryption algorithms, producing a large body of publications. +Extended versions of \acrshort{DES} such as Triple-DES (or 3DES) are still in use in embedded applications (chipcards). -\section{AES} +In \acrshort{DES}, the message is encrypted in 16 rounds, as well as an initial and final permutation (IP and FP), +which are inverses. IP and FP were included to facilitate hardware loading of blocks. +Each round consists of several parts: +\begin{itemize} + \item split the 64-Bit message into two 32-Bit blocks left (L) and right (R). + \item derive a 48-Bit \textit{round key} from the original 64-Bit \textit{main key} using a fixed \textit{key schedule}. + \item apply the \textit{Feistel function} to the R-block, which also applies the \textit{round key}. + \item XOR the right block to the left block. +\end{itemize} +A round key is then applied to the \textbf{R-Block} in a \textit{Feistel function} + + +The decryption process uses the same algorithm with a reversed \textit{key schedule}. + + +\subsection{AES} The \acrfull{AES} superseded \acrshort{DES} in 2001 after an official selection process. Unlike its predecessor, it does not use a Feistel network. -\section{RSA} + + + + +\section{Asymmetric Encryption} +Symmetric encryption however historically suffered from a key exchange problem; +because the same key is used for encryption and decryption, a secure channel is required to agree on a common key. +This chicken-and-egg problem can be solved in two ways. + +\paragraph{The Difie-Hellman Key Exchange} is an algorithm allowing the communication parties to establish a shared secret using +properties of the discrete logarithm. + +\paragraph{Asymmetric} Cryptography +Both methods however are still vulnerable to a \acrfull{mitm}, thus also requiring a trusted \acrfull{CA} for authentication. \cite{enwiki:mitm} + +\subsection{RSA} \acrfull{RSA} is the first asymmetric (or public-key) cryptographic algorithm and can thus be used for encryption and digital signing. It was named after its eponymous inventors in \citeyear{rsa} after trying to disprove the existence of \textit{trapdoor functions}, a concept introduced by \citeauthor{diffiehellman} in their appropriately named pivotal paper \citetitle{diffiehellman}. @@ -186,6 +220,10 @@ The algorithm they came up with relies on modular arithmetic, which remains the \item For the private key, % TODO \end{enumerate} \clearpage + +\section{Conclusion} +Complementary, +typical cipher suite: ECDHE-ECDSA-AES128-GCM-SHA256 \citetitle{enwiki:ciphersuite} %\printglossary[type=\acronymtype] %\printglossary \printbibliography