Encryption of Data
█ LARRY GILMAN
Data are any useful information and encryption is any form of coding, ciphering, or secret writing. Encryption of data, therefore, includes any and all attempts to conceal, scramble, encode, or encipher any information. In the modern world, however, the term data usually implies digital data, that is, information in the form of binary digits ("bits," most often symbolized as 1s and 0s). Digital data are stored, transferred, and processed in increasingly large quantities at virtually every level of government and in the private sector, especially in industrialized countries. Money is transferred between accounts or disbursed from automatic teller machines on the basis of exchanges of digital data; medical records, criminal records, tax records, personal documents and telephone conversations, business negotiations, diplomatic communications, and military communications are all, almost without exception, cast into digital form before being transmitted or stored. All transmission media are vulnerable, however, to interception, and stored records may be accessed by unauthorized persons. The need for encryption of digital data is almost universal; anyone who transfers or stores important digital data has an interest in its security.
Governments have always had the strongest interest in data encryption, both as users of ciphering and coding systems (cryptosystems) and as attackers of the cryptosystems of other governments. The United States government, for example, uses encryption for transmission not only of classified (officially secret) data, but also of many unclassified data. Encryption is thus, distinct from classification. Classification is the official assignment of a particular degree of secrecy to data, whereas encryption refers to the translation of data, classified or not, into a form that is difficult for unauthorized parties to read.
Methods of encryption. Because digital data are numerical, their efficient encryption demands the use of ciphering rather than coding. A cipher is a system of rules for transforming any message text (the plaintext) into an apparently random text (the ciphertext) and back again. Digital computers are ideal for implementing ciphers; virtually all ciphering today is performed on digital data by digital computers.
The U.S. military, the State Department, and the intelligence agencies (including the Central Intelligence Agency, Federal Bureau of Investigation, National Security Agency [NSA], and others), utilize a variety of secret ciphering methods or "cryptosystems," whose nature is classified and about which little information is publicly available. The NSA, which is dedicated to eavesdropping—that is, to the collection of "signals intelligence" (sigint) both in the U.S. and globally, devotes millions of dollars annually to the breaking of ciphers and codes, and is the world's leading employer of mathematicians and purchaser of computer hardware. In the military, different cryptosystems are employed to achieve different levels of security, ranging from person-to-person communications on the battlefield to the exchange of messages with nuclear submarines at sea and other critical, high-end applications where budgets run high.
Government departments handling nonclassified information, industrial and academic organizations, and private individuals produce and transmit even greater quantities of data than do the military, intelligence agencies, and other handlers of classified data. Because of both the private sector and governmental need for reliable, standardized ciphering of nonclassified data, the National Bureau of Standards (an arm of the federal government) first solicited proposals for "cryptographic algorithms for protection of computer data during transmission and dormant storage" in 1973 ( Federal Register 38, No. 93, May 15, 1973). An algorithm developed by German-American cryptographer Horst Feistel, then working for IBM, was eventually chosen as the federal Data Encryption Standard (DES) on July 15, 1977. All information about the DES cipher algorithm is public and no licensing fees need be paid by anyone who wishes to incorporate it into a product. Thus, from 1977 to the present, DES has been built into thousands of data products, becoming among the most widely used cipher in history.
DES is a block cipher, meaning that it chops the message bitstream into blocks or sequences of 64 bits each, then produces a 64-bit ciphertext block by processing the message block through an algorithm (series of mathematical operations) governed by a key (secret number, in this case a 56-bit binary number). The ciphertext block appears to be a random string of bits; to recover the original message block, the 56-bit key that was used to encipher it must be given, stolen, or guessed.
When first implemented, DES was effectively unbreakable—except, probably, by the NSA, which reportedly lobbied the National Bureau of Standards to keep the key length down to a level that NSA supercomputers could cope with. Key length is a basic aspect of cipher security because any cipher can in theory be cracked by the brute-force method known as exhaustion, that is, the trying out of every possible key. In the case of DES, there are 2 56 > 72,000,000,000,000,000 (72 × 10 16 ) possible keys. For many years, DES-enciphered data were safe because few organizations possessed the computing power to test 72 × 10 16 keys in a reasonable time, but this ceased to be true several years ago. In July, 1998, a team of cryptographers cracked a DES-enciphered message in 3 days by the exhaustion method, and in 1999 a network of 10,000 desktop PCs cracked a DES-enciphered message in less than a day. DES was clearly no longer invulnerable, but a replacement was not yet in view; users therefore switched to an algorithm termed "triple DES." Triple DES encrypts a plaintext block using one 56-bit key, re-encrypts the resulting ciphertext block using a second 56-bit key, and then rere-encrypts the result of the second encryption using a third 56-bit key. However, cryptographers have determined that triple DES is unsatisfactory as a long-term solution, and in 1997, the National Institute of Standards and Technology (NIST) solicited proposals for a cipher to replace DES entirely, the Advanced Encryption Standard (AES).
An algorithm named Rijndael (pronounced RAIN doll), created by Belgian cryptographers Vincent Rijmen and Joan Daemen, was announced as the AES in December, 2001 (Federal Information Processing Standard 197). AES is structurally similar to DES—both are block ciphers, for example—but AES uses blocks and keys that are 128, 192, or 256 bits long (at the user's discretion—longer blocks and keys entail slower processing), rather than a mere 56 bits long as in the original DES. According to the NIST, a computer that could try out all possible 56-bit DES keys in one second would require approximately 1.49 × 10 14 years to try out all possible 128-bit AES keys. Triple DES is still the most commonly-used cryptosystem for the encryption of data and will remain an approved cryptographic standard for the foreseeable future; however, AES has started appearing in commercial products.
Encryption scientists expect that AES will remain secure for at least twenty years. However, in September 2002, two cryptographers—Nicolas Courtois of France, and Josef Pieprzyk of Australia—announced that they had designed an attack on AES that would reduce the number of calculations to crack the cipher from order 2 256 (for the longest key option) to order 2 100 . This remains beyond the capabilities of present-day computers, but raises concern for the long-term security of AES.
Both DES and AES are symmetrical-key cryptosystems, meaning that both the sender and receiver must be in possession of an identical secret key to encrypt and decrypt messages to each other. Systems based on public-key cryptography have also become important in the last decade or so, especially the RSA system (named for its inventors, Ronald Rivest, Adi Shamir, and Leonard Adleman). Public-key systems are widely favored for occasional transmissions among networks of users, rather than for dedicated links. RSA has been licensed to the makers of Web browsers such as Netscape and Explorer, allowing their users to employ public-key cryptography for sending encrypted e-mails, making online purchases, and doing online banking (most often without knowing that they are employing cryptography at all). RSA has also been used, without authorization, in the freeware program known as PGP (pretty good privacy). PGP can be downloaded for free from a number of Web sites for personal use.
█ FURTHER READING:
Meyer, Carl H., and Stephen M. Matyas, Cryptography: A New Dimension in Computer Data Security. New York: John Wiley & Sons, 1982.
Singh, Simon. The Code Book. New York: Doubleday, 1999.
"Race to Pick a Better Cipher." Science no. 5382 (1998): 1411.
Seife, Charles. "Crucial Cipher Flawed, Cryptographers Claim." Science no. 5590 (2002): 2193.
National Institute of Standards and Technology. "Advanced Encryption Standard: Questions and Answers." Computer Resource Security Center. March 5, 2001.< http://csrc.nist.gov/encryption/aes/round2/aesfact.html > (November 16, 2002).
Nechvatal, James, et al. "Report on the Development of the Advanced Encryption Standard." National Institute of Standards and Technology. October 2, 2000. http://csrc.nist.gov/encryption/aes/round2/r2report.pdf (Nov. 16, 2002).