/usr/share/doc/gnupg-doc/GNU_Privacy

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>Concepts</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="The GNU Privacy Handbook"
HREF="book1.htm"><LINK
REL="PREVIOUS"
TITLE="Making and verifying signatures"
HREF="x136.htm"><LINK
REL="NEXT"
TITLE="Public-key ciphers"
HREF="x196.htm"></HEAD
><BODY
CLASS="CHAPTER"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>The GNU Privacy Handbook</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="x136.htm"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="x196.htm"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="CHAPTER"
><H1
><A
NAME="CONCEPTS"
></A
>Chapter 2. Concepts</H1
><DIV
CLASS="TOC"
><DL
><DT
><B
>Table of Contents</B
></DT
><DT
><A
HREF="c174.htm#AEN185"
>Symmetric ciphers</A
></DT
><DT
><A
HREF="x196.htm"
>Public-key ciphers</A
></DT
><DT
><A
HREF="x210.htm"
>Hybrid ciphers</A
></DT
><DT
><A
HREF="x216.htm"
>Digital signatures</A
></DT
></DL
></DIV
><P
>GnuPG makes uses of several cryptographic concepts including 
<I
CLASS="FIRSTTERM"
>symmetric ciphers</I
>, 
<I
CLASS="FIRSTTERM"
>public-key ciphers</I
>, and 
<I
CLASS="FIRSTTERM"
>one-way hashing</I
>.
You can make basic use GnuPG without fully understanding these concepts,
but in order to use it wisely some understanding of them is necessary.</P
><P
>This chapter introduces the basic cryptographic concepts used in GnuPG.
Other books cover these topics in much more detail.
A good book with which to pursue further study is 
<A
HREF="http://www.counterpane.com/schneier.html"
TARGET="_top"
>Bruce 
Schneier</A
>'s
<A
HREF="http://www.counterpane.com/applied.html"
TARGET="_top"
>``Applied 
Cryptography''</A
>.</P
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN185"
>Symmetric ciphers</A
></H1
><P
>A symmetric cipher is a cipher that uses the same key for both encryption
and decryption.
Two parties communicating using a symmetric cipher must agree on the
key beforehand.
Once they agree, the sender encrypts a message using the key, sends it
to the receiver, and the receiver decrypts the message using the key.
As an example, the German Enigma is a symmetric cipher, and daily keys
were distributed as code books.
Each day, a sending or receiving radio operator would consult his copy
of the code book to find the day's key.
Radio traffic for that day was then encrypted and decrypted using the
day's key.
Modern examples of symmetric ciphers include 3DES, Blowfish, and IDEA.</P
><P
>A good cipher puts all the security in the key and none in the algorithm.
In other words, it should be no help to an attacker if he knows which
cipher is being used.
Only if he obtains the key would knowledge of the algorithm be needed.
The ciphers used in GnuPG have this property.</P
><P
>Since all the security is in the key, then it is important that it be
very difficult to guess the key.
In other words, the set of possible keys, i.e., the <I
CLASS="EMPHASIS"
>key
space</I
>, needs
to be large.
While at Los Alamos, Richard Feynman was famous for his ability to
crack safes.
To encourage the mystique he even carried around a set of tools
including an old stethoscope.
In reality, he used a variety of tricks to reduce the number of
combinations he had to try to a small number and then simply guessed
until he found the right combination.
In other words, he reduced the size of the key space.</P
><P
>Britain used machines to guess keys during World War 2.
The German Enigma had a very large key space, but the British built
specialized computing engines, the Bombes, to mechanically try 
keys until the day's key was found.
This meant that sometimes they found the day's key within hours of
the new key's use, but it also meant that on some days they never
did find the right key.
The Bombes were not general-purpose computers but were precursors
to modern-day computers.</P
><P
>Today, computers can guess keys very quickly, and this is why key
size is important in modern cryptosystems.
The cipher DES uses a 56-bit key, which means that there are
2<SUP
>56</SUP
> possible keys.
2<SUP
>56</SUP
> is 72,057,594,037,927,936 keys.
This is a lot of keys, but a general-purpose computer can check the
entire key space in a matter of days.
A specialized computer can check it in hours.
On the other hand, more recently designed ciphers such as 3DES, 
Blowfish, and IDEA
all use 128-bit keys, which means there are 2<SUP
>128</SUP
> 
possible keys.
This is many, many more keys, and even if all the computers on the
planet cooperated, it could still take more time than the age of
the universe to find the key.</P
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="x136.htm"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="book1.htm"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="x196.htm"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Making and verifying signatures</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Public-key ciphers</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>
gnupg-doc 2003.04.06+dak1-1ubuntu1 / usr / share / doc / gnupg-doc / GNU_Privacy_Handbook / html / c174.htm
