[Next] [Up/Index] [Previous]

Miscellaneous Items

Computer programs that handle data encryption, such as the well-known program PGP (Pretty Good Privacy) involve other functions besides encryption itself.

The information to be encrypted is usually compressed first, because this squeezes out patterns in the plaintext that might be useful to a cryptanalyst. And, of course, it also saves bandwidth, and compression isn't going to be possible after encryption, because encrypted texts look random.

But there is one oversimplification in that last statement. If an encrypted text consists of random binary bits, then if these bits are transmitted in the form of bytes containing eight random bits each, no further compression is possible. On the other hand, if they were transmited one bit to a byte, each byte either containing the ASCII character "0" or the ASCII character "1", then compression would be possible.

While that would be silly, transmitting an encrypted series of bits in the form of printable ASCII characters only might make good sense, by making it easier to transmit your data without problems over a network where control characters have special meanings. Although TCP/IP was specifically designed to permit all 256 possible byte values to be transmitted transparently (the only control character with special meaning is DLE, Data Link Escape, and two DLEs in a row always represent a real DLE that is part of user data) binary data is usually transmitted over the Internet in "base-64" format, where 64 printable ASCII characters, specifically chosen not to be different in the versions of ASCII used for different languages, and to be also present in EBCDIC, are used.

Even the case of a simple pencil and paper cipher does, in a rudimentary form, illustrate these two additional phases of encryption.

Changing

Please send more money.

to

WGRXT RTRVU IPQRI PVRE

actually involves three transformations of the plaintext to reach the ciphertext.

First,

Please send more money.

is changed to

PLEASESENDMOREMONEY

to remove information that is harder to encipher securely, and which is not essential to the understanding of the text. This is a form of compression, even if it is not lossless, and functions more by discarding information than by compressing it. Of course, we've already seen the straddling checkerboard principle, which does use the same basic principle (prefix-property variable-length coding) as Huffman codes, which are a serious method of compression.

Then,

PLEASESENDMOREMONEY

is changed to

WGRXTRTRVUIPQRIPVRE

which is the actual encryption procedure, described in terms of the 26 letters of the alphabet, and nothing else.

Finally,

WGRXTRTRVUIPQRIPVRE

is changed to

WGRXT RTRVU IPQRI PVRE

for ease of reading and transmission, which illustrates the process of applying armor to the output of an encryption process.

Finally, digital signatures need one-way hash functions. Ordinary checksums aren't adequate, since it is possible to construct a message with a different meaning having the same checksum as the one someone intended to sign. One-way hash functions are similar to block ciphers in some ways, but different in others.

Hash functions can also be used as a way of producing encryption keys from pass phrases or from random input of imperfect quality.


[Next] [Up/Index] [Previous]

Table of Contents
Main Screen