LA ECONOMÍA MORAL Y LA VIOLENCIA EN EL TOLIMA

As mentioned earlier, encryption involves hiding the actual information so that any unintended receiver would not be able to decipher the contents of the information. Traditionally this has been carried out by performing a mathematical operation on the part of the information using a key which is a set of characters known only to the sender and the intended receiver. One of the earliest forms of such encryption was developed by the famous Ro- man emperor Julius Caesar where each character of the information was transformed to another character based on addition operation with a spe- cific key. This simple encryption technique is popularly called the Caesar Cipher [35]. Many variations of this simple technique have been devel- oped over the years. Another such technique is called the one time pad where the key length is very large and is equal to the size of the message to

18 2 Overview of Security

be encrypted. This can be implemented by having the characters of any particular book as a key. This technique was employed on a wide scale in World War II. Other than this transformation technique, transposition techniques are also used where the order of the characters are changed to deceive the unintended receivers. One implementation of such a technique would be to arrange the characters in equal sized rows and then inter- change the rows with the columns. It can be shown that while transforma- tion techniques aim at creating confusion, transposition techniques aim at creating diffusion, which means that in transposition techniques two changes in the same message will result in changes in different positions of the message. More recent techniques like the Data Encryption Standard (DES) [36], Advanced Encryption Standard (AES) [37], etc. combine the above mentioned two techniques to generate both confusion and diffusion.

Encryption schemes may be broadly categorized into two main types: symmetric key encryption and asymmetric key encryption. In the former there is only one key which is shared between the sender and the receiver. In this type of scheme, the sender encrypts using the shared key and the re- ceiver decrypts using the same key. Examples of such encryption schemes are DES and AES where a combination of transformation and transposition using the shared key is applied.

In the second type of encryption scheme or asymmetric key encryp- tion, there is a pair of keys called the public key and the private key. The public and the private keys are generated through a mathematical function having the property such that when information is encrypted by the public key it can only be decrypted by the corresponding private key. Knowing the public key it would be computationally very expensive to generate the private key. So each person or a system using such an encryption scheme has its own set of public and private keys where the private key is stored secretly and the public key is disclosed to the whole world. Let us assume that Alice wants to send information to Bob. Alice should know the public key of Bob and only Bob knows his own private key. Alice encrypts the information with Bob’s public key and Bob decrypts it with his private key. Examples of such schemes are RSA [38], El Gamal [39], etc. RSA is most popular among all the different techniques. It uses the principle that, if any one knows the product of two very large primes it would be compu- tationally very expensive to determine any of the prime if the other prime is known. El Gamal, on the other hand, is based on the principle that the discrete logarithm is computationally very difficult. A high level view of the public key encryption is illustrated in Fig. 2.1.

Fig. 2.1. Overview of public key encryption

Now readers may have questions in mind that why do we require two different types of encryption and what are the scenarios where each of them can be applied. Symmetric encryption schemes like the DES are

always vulnerable to adversaries knowing the secret keys as several crypt- analysis techniques like differential and linear cryptanalysis [40] are avail- able which can help someone to ascertain the key based on a sufficient amount of data. To reduce this vulnerability, the shared key needs to be changed periodically to have a secure conversation. In practical settings a combination of symmetric and asymmetric encryption mechanisms are used. Let us again take an example of Alice who wants a secure conversa- tion with Bob. Alice creates a session key (shared key) and sends it to Bob encrypted with Bob’s public key. After this phase, all conversations taking place between Alice and Bob are encrypted by the session key. This is an example where asymmetric key encryption is used to send the session key and symmetric key is used to encrypt the regular conversation using the session key. A lot of variation of the above mentioned simple technique is generally used in practice. One variation would be to generate the session computationally less intensive than the public key schemes like the RSA. However asymmetric schemes are more secure as the key need not be shared between the sender and the receiver. Therefore symmetric key schemes are

20 2 Overview of Security

key using the Diffie-Hellman [41] technique where information from both the parties is used to generate the session key. Another variation would be to use the Key Distribution Center (KDC) which is responsible for generat- ing the session key.