Creating and cracking secure ciphers

This entry was posted on Thursday, November 12th, 2015.

Steven Woo, VP of Solutions Marketing at Rambus, recently sat down with Ernest Worthman of Semiconductor Engineering to discuss the concept of secure ciphers.

“One of the key challenges is how to develop a cipher that continues to be difficult to crack against the increasing capabilities of computing power, over time,” Woo told the publication. “[Remember], given enough time and resources, any cipher can be cracked.”

cyberlock

Indeed, says Woo, one of the most important skills for a top-level cryptanalyst is the ability to correctly identify the point at which a cipher will require a disproportionate amount of time and effort to crack.

“[Essentially, this is] the point where it isn’t worth the hackers’ time and money to crack [the ciphers] and they give up,” he explained. “It also is important to understand how the keys are constructed, so you can comprehend the time and effort it takes someone to crack the cipher.”

Perhaps not surprisingly, traditional encryption methods have placed an emphasis on keeping the key, rather than algorithm secret. However, evolving processing capabilities means concealing the key may no longer be sufficient or effective.

By monitoring the noise coming off the chip, one is able to infer something about the secret key because you know the algorithm,” Woo added.

Similar to Woo, Worthman says top cryptanalysts must be capable of thinking both like a designer and attacker.

“One also has to understand the advanced and complex mathematics, such as differential and linear analysis and others, to be able to build and tear down ciphers,” he writes. “In addition, one has to understand the myriad of ciphers currently in use, such as RSA, AES, SHA, ECC, and all of their nuances.”

As Worthman points out, most of the world isn’t aware of the complexity inherent in the evolving field of cryptanalysis.

“Some think they do, which is why there are so many failures of cryptography today. But eventually those who need cryptography will turn to the real experts – especially when the world of the Internet of Everything (IoE) really starts to develop,” he concluded.

Interested in learning more? The full text of “The Secret World Of Ciphers” is available on Semiconductor Engineering here.