Security

What is encryption?

4 views August 26, 2018 bicobro 0

Encryption is a way to encode messages that it only can be read by parties that have a key to decode it. If you, as a kid, want to exchange messages without being intercepted by your parents or teacher you can do something like the following:

As you can see the following is done:

1. First you choose a character set. In this case a set with 27 characters. Every character gets its own value between 1 and 27.
2. Then you choose a key or cypher. This key may only be shared with the people that are allowed to read the message. The key in this example is “hello world”.
3. After that the message in case, “message” must be encrypted. This is done by adding the value of each message-character to the value of each key-character. This will result in the values: 21, 10, 31, 31, 16, 34 and 28.
4. This values must be normalized to fall within the 1 to 27 range. 27 will be substracted from every value greater than 27. This wil result in the values: 21, 10, 4, 4, 16, 7 and 1.
5. When the values are converted to the character set this result in the encrypted message: WJDDPGA.
6. With the given key we can decrypt the encrypted message by subtracting the characters with the characters of the key. When the result is less than 0, 27 must be added to the value. For example the third character “D”=4 of the encrypted message minus “L” =12 of the key = -8 then -8 + 27 = 19 = “S” of “meSsage”

If you want to encrypt messages larger than the key. You can repeat the key over and over.

Encryption in software

If you want to get a rough idea of how it works in software, take a look at the following code.

```public static string xorIt(string key, string input)
{
StringBuilder sb = new StringBuilder();
for(int i=0; i < input.Length; i++)
sb.Append((char)(input[i] ^ key[(i % key.Length)]));
String result = sb.ToString ();

return result;
}```

What happens in this piece of code is that a text (variable “input”) is taken and XOR-ed with an ‘encryption key’ (variable “key”). XOR-ing is something similar to adding as shown in the first example.

To decrypt you can simply re-XOR the encrypted message with the same key.

Is this a secure way of encryption? No, you should use modern encryption algorithms which are designed by real smart mathematicians like the AES block cypher.

However, if you want to use this XOR-based stream cypher of the example above, it will be unbreakable when:

• you use a key containing real random characters,
• use a key that is large enough to cover your message entirely, and,
• you never use your key twice.

If you take this precautions, even a smart mathematician can’t decrypt your message without having the key.