Introduction
Different Algorithms
Source Code
Introduction
It's not easy to find good background information, especially the US tries everything to hinder people from using or developing strong encryption. Of course, it is a problem if you think of terrorists or other ciminals, but that can't be the only reason. It is a nightmare for the political leaders of any country if they can't control their people, no matter how much they talk about democracy. Fortunately the US policy has become less strict.
Why should you learn more about encryption? Most of all for one reason: to check the reliabiliy of a program which promises you security. Of course, you can simply trust in what the marketing people say, but maybe you are like me. I want to look behind the curtain and learn more about Public Key Systems, IDEA, DES, ... - and why nobody is able to break them.
Keeping private information private is a serious task. Don't make the mistake and rely on self-written functions. In almost all cases, they are not safe! Today's cryptoanalysis can reveal any weakness which is hidden in pseudo-complicated code. There are many traps even if you implement a well known algorithm, so be very carefull.
The best entry point is this Introduction to cryptography (PDF, 1,08 MB) that comes with the PGP-package. It first explains basic terms and technologies, later the author of PGP (Phil Zimmermann) himself describes his program: some history, the used algorithms, vulnerabilities, etc.
Notes on Cryptography (PS, 337k) covers history, math, public key sytems and much more.
Different Algorithms
Cryptographic Algorithms Descryption explains shortly the meaning of many terms and points to other web-locations. It was written by Frog, you can use it as a starting point for web-browsing.
You will often need a Random Number Generator (RNG). Of course, it's only a Pseudo RNG - a computer can't give you something random, so one must try to generate numbers that are very hard for an observer to distinguish from random numbers. Please read about the Yarrow Cryptographic Pseudorandom Number Generator (PDF, 153k).
Read about TwoFish (PDF, 597k), a very secure algorithm.
Read this memo about the MD5 Message-Digest Algorithm which can be used to generate a digital signature of any file.
Rijndael is the official winner of the AES contest. Even a Fanpage exist with background information and links to implementations.
Source Code
For a quick start you can download this C++ code for Win32. It covers DES, IDEA, MD5 and MDC.
The Crypto++ library is very versatile and beautifully designed. If you are used to the STL and templates you will love it, beginners will have some difficulties and should study the documentation and the examples carefully.
The OpenSSL is "a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library." I think with this one sentence everything is said.
Home Reverse Engineering My essays and progs Programming Compression Encryption Who am I