Cryptology and number theory in computer security
Cryptology is the scientific discipline focused on the encryption and decryption of messages, playing a crucial role in ensuring the confidentiality and integrity of communications in computer security. Number theory, a branch of mathematics concerned with the properties of integers, underpins many cryptographic techniques, especially public-key cryptography. This method utilizes pairs of keys—public and private—to secure data, with the RSA algorithm being the most notable example; it relies on the computational difficulty of factoring large prime numbers to safeguard private keys. Security experts also rely on digital signatures to verify message integrity, but hackers often exploit these systems by intercepting and altering messages while attaching fraudulent signatures.
To counter these threats, forensic analysis techniques are employed to detect unauthorized attempts to access or modify encrypted data. Moreover, modern antivirus software plays a vital role in protecting systems from malicious attacks by monitoring files for suspicious activity. As cyber threats continue to evolve, both cryptology and number theory remain essential components of computer security, providing the necessary tools to secure electronic communications against increasingly sophisticated methods of intrusion and deception.
Subject Terms
Cryptology and number theory in computer security
DEFINITIONS: Cryptology is the scientific study of the hiding, disguising, or encryption of messages. Number theory is the branch of mathematics that is concerned with the properties of the positive integers.
SIGNIFICANCE: Computer security experts use public-key cryptography to ensure the confidentiality of electronically transmitted messages through encryption and the integrity of messages with digital signatures. Cryptology is an important part of investigations regarding attempts by computer hackers to decrypt messages or modify digital signatures. Hackers sometimes use public-key encryption to hide attacks, such as Trojan horses, and forensic analysis techniques have been developed to detect such attempts.
Cryptology encompasses both cryptography, the hiding of messages, and cryptanalysis, the revealing of hidden messages. Number theory is involved in cryptography in many ways, but its most important use is in public-key encryption.
A number of computationally intensive algorithms exist in number theory, one of which is factoring the product of two large prime numbers. In 1978, Ron Rivest, Adi Shamir, and Leonard Adleman published a public-key encryption algorithm named RSA (from the initials of the inventors’ last names) that uses the difficulty of factoring large numbers to protect the value of a private key. RSA has been used to encrypt electronic files to ensure their confidentiality and to create digital signatures for e-mail to ensure its integrity.
When computer hackers want to see encrypted files, they often devise attacks to steal the receivers’ private keys, which will allow them to decrypt the files. When such attacks occur, forensic experts can use tools designed to detect the attacks; similar tools are available to defend against such attacks. Hackers recognize that digital signatures can be used to guarantee the integrity of e-mail. They often intercept e-mail messages, modify the contents, and then attach invalid signatures. The hackers then have to ensure that the receivers use fake public keys to check the signatures. One way hackers could do this would be by replacing certificate authorities’ public keys in the recipients’ e-mails. Antivirus software can protect against this kind of attack by performing its usual checks of e-mail.
Encryption and Number Theory
Encryption is the process of using a key to transform a readable plaintext message into an unreadable ciphertext message. Decryption reverses encryption to recover the plaintext message. When the encryption and decryption key are the same, the encryption is described as algorithm-symmetric. Although symmetric algorithms are complex, they do not use much number theory.
Public-key encryption algorithms, which are often based on number theory, use different keys for encryption and decryption. The most famous public-key encryption algorithm, RSA, selects two large prime numbers (a prime number is divisible only by one and by itself) and forms a modulus, n, as their product. The modulus n is too large to be factored. The ciphertext message, C, is created by raising the integer value of the plaintext message, M, to the power e modulo n, and the plaintext message is recovered from C by raising C to the power d modulo n. The public key is the pair (e, n) and the private key is the pair (d, n).
RSA is widely used for encrypting files and signing messages. It has proven to be very resistant to brute-force attacks on the private keys. A major part of the RSA scheme involves creation of the private keys and the safe distribution of the corresponding public keys. Usually, the private key is safely transmitted to its owner by a trusted public-key infrastructure (PKI) vendor who then uses digital certificates, which contain the owner’s public key and are signed by the PKI vendor, to distribute the public key.
and Encryption
In 1976, Whitfield Diffie and Martin Hellman developed an algorithm that allowed two people to create a shared symmetric key. The algorithm is similar to the RSA public-key algorithm and makes considerable use of modular exponential arithmetic. To create the shared symmetric key, each person involved uses a secret number that never leaves his or her computer but generates the shared secret key as the result of several data exchanges. If a hacker knows that a purchaser and an online store are generating a symmetric key with the Diffie-Hillman key exchange, the hacker could drop a Trojan horse into the purchaser’s computer, capture the secret information, and then masquerade as the purchaser to buy items for personal gain. In investigating such an attack, a forensic expert could log into the purchaser’s computer and check to see if the Trojan horse is still there; if it is, it might provide information on the location of the hacker.
Hackers can gain access to other people’s computers in a number of ways, not the least of which is through Web browsers. When they gain access, they often try to leave files that contain worms, Trojan horses, or viruses. Given these threats, computers have become increasingly well equipped with antivirus software that is designed to protect users from such attacks. One of the most important techniques used by antivirus software is to check all files and quarantine any files that look suspicious. A clever trick used by modern hackers is to encrypt attack files with private RSA keys so that the files are not detected by antivirus software. This allows the hackers to return later, decrypt the files, and carry out their intended attacks. Web browser helper objects are especially susceptible to this kind of delayed attack. Increasingly sophisticated forensic software has been developed to catch multilevel attacks of this type.
Bibliography
Abobala, Mohammad, Hasan Sankari, and Mohamed Bisher Zeina. "On Novel Security Systems Based on the 2-Cyclic Refined Integers and the Foundations of 2-Cyclic Refined Number Theory." Journal of Fuzzy Extension and Applications, vol. 5, no. 1, 2024, pp. 69-85, doi.org/10.22105/jfea.2024.423818.1321. Accessed 15 Aug. 2024.
Hellman, Martin. “An Overview of Public Key Cryptography.” IEEE Communications Magazine, May, 2002, 42-49.
Mandia, Kevin, Chris Prosise, and Matt Pepe. Incident Response and Computer Forensics. 2d ed. Emeryville, Calif.: McGraw-Hill/Osborne, 2003.
Shieneier, Bruce. “Inside Risks: The Uses and Abuses of Biometrics.” Communications of the ACM 42 (November, 1999): 136.
Shinder, Debra Littlejohn. Scene of the Cybercrime: Computer Forensics Handbook. Rockland, Mass.: Syngress, 2002.
Vacca, John R. Computer Forensics: Computer Crime Scene Investigation. 2d ed. Hingham, Mass.: Charles River Media, 2005.
Yan, Song Y. Cryptanalytic Attacks on RSA. New York: Springer, 2008.