Foundations of Encryption
As we prepare for the presentation on 27th of May by Johan Loos, it’s probably a good time to look at one of history’s great heroes Alan Turing.
Alan and his team (such as Joan Murray) were pioneers and were responsible for the decryption of the Nazi secret communications during the WWII via the Enigma machine. Alan’s work “On Computable Numbers” became the foundation of computer science as we know it. This work wasn’t truly recognized until many years after his death.
Brief History via Wikipedia: https://en.wikipedia.org/wiki/Alan_Turing
After the war Alan went on to create multiple computing machines before turning his attention to mathematical biology. If you haven’t see the remake movie about him during WW2 its worth checking out.
Encryption of Today
What Alan worked to break was symmetrical encryption where the same key is used to encrypted the clear text / plain text data and produce a coded message or a cipher text. This is still heavily used today but a stronger and more functional way of encryption is with asymmetrical encryption, with the combined use of public and private keys. Or, as per Javvad Malik as part of an ISC2 blog on encryption: “Encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information. In many contexts, the word encryption also implicitly refers to the reverse process, decryption to make the encrypted information readable again”
Malik goes on to discuss about how to turn princes into frogs, as an example of encryption and decryption via the two methods noted above.
RSA comes from the surnames of Ron Rivest, Adi Shamir, and Leonard Adleman, who publicly described the algorithm in 1977) is a crypto system that uses public and private keys to secure data via encryption. The RSA algorithm is possible by factoring of very large prime numbers and also (currently) has the benefit of not being easily broken.
You can check out the steps here: https://sites.google.com/site/danzcosmos/the-rsa-algorithm.
Johan will also cover the math behind it as well and its use in TLS (Transport layer Security).
Once you understand these basics you are one step closer to acing the CISSP exam! (But also CISSP-ISSAP, CCSP, SSCP, …). You will find a number of questions on encryption in the exams and I usually found that the more I understood about encryption the more interested I became. Hope that applies to you too.
Next, join us on May 27th at 19h to watch as Johan presents different types of RSA attacks in TLS communications. If you are new or well-aged in cyber security I’m sure you will take away something from this opportunity.