The widespread use of computer technology and the constant increase in the volume of information flow steadily influences the growing interest in cryptography. Modern encryption methods provide virtually complete protection of data, but there is always a problem of reliability of their implementation. Evidence of insecurity may appear in the computer world all the time. There is an abundance of information about errors or “holes” in any program (including those using cryptographic algorithms), or that it was hacked. This creates a lack of confidence both in specific programs and in the ability to protect anything by using cryptographic methods. Therefore, the knowledge of attacks and holes in cryptosystems together with understanding the reasons of their occurrence are necessary conditions for the development of secure systems and their applications. Today, the assessment of cryptographic algorithms is particularly relevant. The problem of determining the effectiveness of remedies is often more time-consuming than their development, requiring special knowledge and, as a rule, more skills than a task of their development. Consequently, there is much cryptographic protection of information on the market about which one cannot say anything definite. The developers keep their encryption algorithms (in practice, often unstable) in secret. Therefore, a society should benefit open discussions of safety security systems of mass use, and the concealment of cryptographic algorithms by their developers should be unacceptable. Therefore, every encryption method has its strengths and weaknesses. For example, it may benefit safety but be difficult in practice.
Encryption is a way to change a message or other document that provides distortion (concealment) of its content. Coding is a kind of usual transformation when a clear text is put into codes. This implies that there is a one-to-one correspondence between characters of a text (dates, numbers and words) and a character code – this is namely the fundamental difference between the encryption codes. Quite often, encoding and encryption are considered to be the same notion, forgetting that in order to solve an encoded message, it is enough to recover it with a known substitution rule (Adams, 1987). Recovery of an encrypted message in addition to knowledge of the rules requires a key to a cipher. A key is a specific condition of the secret encryption and decryption parameters. Such a key allows reading secret messages.
Encryption is used by mankind since that time when the first secret information appeared and the access to it was limited. The idea of encryption is to prevent viewing of the true content of a message (text, file, etc.) to those who have no means of decrypting. A file will be available only to those who can decrypt it. Encryption appeared about four thousand years ago. The first known use of the cipher (code) was an Egyptian text dated at about 1900 BC. One of the most well-known encryption methods is named Caesar. Not trusting his messenger, he codified the elementary letters replacing A, D, B and so on (Adams, 1987). With this combination of encoding, XYZ would have been recorded as ABC, and the word “key” would become indigestible “nob” (direct code N +3) (Adams, 1987). After 500 years, encryption has become commonly used when creating religious texts, prayers and important government documents. Today, the need for funds to ensure the safety information exchange has multiplied.
In addition, most of us use encryption, but not always people are aware of it. Among the various ways to encrypt there are the following main methods:
- Algorithms of replacement, or substitution – a source character is replaced with a character of another (or the same) alphabet in accordance with a predetermined scheme which will be the key of the cipher (Adams, 1987). Separately, this method is almost never used in modern cryptosystems due to extremely low cryptographic strength.
- Algorithms permutations – symbols of the original text are swapped for a certain principle, which is the secret key. Permutation algorithm itself has a low crypt but is included as an element in many modern cryptosystems.
- Algorithms based on complex mathematical transformations of a source text according to some formula. Many of them use the unsolved mathematical problems. For example, in the Internet RSA, encryption algorithm based on the properties of prime numbers is widely used.
Taking a look at each method, one can define their strengths and weaknesses. Algorithms replacement (substitution) is regarded as the simplest method when encrypted text characters are replaced by other characters taken from one (single or monoalphabetic substitution) or many (multi-or polyalphabetic substitution) alphabets (Adams, 1987). Its strength is at the same time its weakness – it is easy to implement but just as easy to decode. The simplest kind is a direct (simple) substitution when letters of encrypted messages are replaced by other letters of the same or a different alphabet. However, this code has a low resistance as the cipher text has the same statistical properties as the original. For example, the English text contains characters with the frequencies of occurrence (Adams, 1987). In the cipher text, it can be compared with the highest frequency of occurrence in the order of the letters. It is natural to assume that one symbol responds to an encrypted letter, etc. This fact corresponds to the replacement table. Further interpretation is easy. Therefore, a simple replacement is rarely used and only in cases where an encrypted text is short. In order to increase the resistance of the font used in polyalphabetic substitution, multiple scripts are used. In fact, it is easy to see that the procedures of both transformations are strictly formal, allowing to implement them algorithmically. Moreover, both procedures can be easily implemented by the same algorithm (Adams, 1987). However, one of the disadvantages of encryption is that with a small length of encryption, a key strength remains low, and the formation of a long key is quite a challenge.
The second method is an algorithm of permutation. This method is a process when the symbols of an encrypted text are rearranged according to certain rules within an encrypted block of characters. The simplest permutation is to write a source code back to front and at the same time break cryptograms to five letters (Goldreich et al., 1997). Before encrypting an original expression, an insignificant letter (e.g. A) should be added. It seems like nothing complicated, but during deciphering a person faces serious inconveniences. If to shorten a string, then a number of lines increase (Goldreich et al., 1997). Consequently, a person gets a square lattice in which one can record a source (Goldreich et al., 1997). However, now it will require a preliminary agreement between an addressee and a sender of messages, because the lattice itself can be of varying lengths and heights, it is possible to write down in rows, columns, or spiral back; one can also write diagonally so encryption can also take different directions. In general, there are lots of options. Basically, the strength of this method lies in its possibility to be varied, but the more varied it is, the more explanations between people it requires. In other words, people are making it more difficult for everyone including themselves (Goldreich et al., 1997).
Finally, algorithms based on complex mathematical transformations have different forms. One of them is RSA algorithm. RSA algorithm (named after the first letters of the names of its creators – Rivest-Shamir-Adleman) is based on the properties of prime numbers (Peikert, 2009). Prime numbers are those which have no divisors other than themselves and one. RSA cryptosystem is widely used on the Internet. When one connects to a secure server using SSL, installs a certificate of WebMoney on a PC or connects to a remote server using SSH or Oren SecureShell, then all of these programs use public-key encryption algorithm using the RSA ideas (Peikert, 2009). In fact, since its inception, RSA was constantly exposed to attacks like Brute-force attack. In 1978, the authors of the algorithm published an article with a string encoded by them (Peikert, 2009). The first who would decrypt the message received a reward of $ 100, but it required to decompose a 129-digit number into two factors (Peikert, 2009). It was the first competition for breaking RSA. In fact, it was solved only 17 years after the publication of the article. RSA cryptographic is based on the assumption that it is extremely difficult to determine a private key (Peikert, 2009). This requires solving a problem of existence of huge integer divisors. So far, RSA algorithm can be broken only by an exhaustive search. Plus, the RSA company regularly holds contests for breaking their own (and not just their own) codes. General recommendations for this cipher are as follows: the algorithm is rather resistant to everyday needs but in order to keep the encrypt data secret for over five years, this method is not recommended.
One of the major requirements for the encoding system is its high resistance. However, increasing resistance of any encryption method usually leads to a considerable complication of the encryption process and the increase in the cost of resources (time, hardware, bandwidth reduction, etc.). Hence, the number of different encryption methods was considered. As a result, it is clear that such algorithms in their “pure form” were used successfully before, but these days they lose their strengths. Therefore, the most reliable solution is a combination of all these methods into the most sophisticated encryption program since each of the considered methods provides custom cryptographic information that has its own advantages and disadvantages.