7. The Bedrock of Cybersecurity: Cryptography 159 messages. The new paradigm became known as public key cryptography in order to differentiate it from the traditional approach. The traditional approach of using a shared key also now needed a new name and became known as symmetric key cryptography. All of classic cryptography is symmetric key cryptography because the communicating parties share the same key. In the computer era, public key and symmetric key cryptography coexist. This section examines symmetric key cryptography and the next section examines public key cryptography. Symmetric key cryptography is based on the foundational techniques covered in the previous section. It is broken down into two main approaches: stream ciphers and block ciphers. 7.2.1.1 Stream Ciphers “So the boat was left to drift down the stream as it would, till it glided gently in among the waving rushes.” - Through the Looking-Glass by Lewis Carroll Stream ciphers are an implementation in computers of the classic polyalphabetic substitution cipher. Each bit of the plaintext is either flipped (i.e., changed from a 1 to a 0 or vice versa) or kept the same based on a series of ciphertext alphabets. Because there are only two characters in the plaintext and ciphertext alphabets, the Vigenère-like table for stream ciphers is small and simple. Computers accomplish this reversible mapping with the Boolean logic operator, Exclusive OR (XOR). XOR takes two bits as input and produces one bit as output. It outputs a 1 when exactly one of the input bits is a 1 and 0 otherwise. Table 7.8 shows the XOR truth table. Table 7.8 The Exclusive OR truth table used in stream cipher encryption and decryption. Stream ciphers approximate a one-time pad encryption scheme. Computers face the same practical problems of producing and distributing one-time pads that were highlighted above. Instead of a real one-time pad they use a keystream. Importantly, the keystream is not the key. A key is used as input into the keystream generator algorithm to construct the keystream for the communicating parties. The keystream acts as the one-time pad, and it is generated from the key and a keystream algorithm on the fly (see Figure 7.5). This means the communicating parties do not actually have to store a one-time pad like in classical cryptography. They can programmatically generate the one-time pad as needed.
RkJQdWJsaXNoZXIy MTM4ODY=