Shared Secret Key Authentication
Over two thousand years ago, cryptosystems, secret
communication procedures, were used to conceal the meanings in written
messages and keep communications secret. These same cryptosystems
can also be used to authenticate or verify information, which is not
secret - information printed on financial instruments, tickets, product
packages and containers, identification cards and
even biometric information.
Let's
look at a very simple 'shared secret key' cryptosystem to see how
information can be authenticated or verified.
A Simple 'Shared Secret Key' Cryptosystem
In this simple 'shared secret key' cryptosystem there is an algorithm
and a key, which is known only to the creator and authenticator of
information - thus, a 'shared secret key' cryptosystem. The
algorithm and the 'shared secret key' are used to encrypt (scramble)
information and decrypt (unscramble) information.
The two components of this simple cryptosystem include
the:
| |
Algorithm |
- Letter Substitution |
| |
Key |
- Substitution of each letter with the letter
twenty
places to the right as follows:
|
| Information: |
abcdefghijklmnopqrstuvwxyz |
| Substitute: |
uvwxyzabcdefghijklmnopqrst |
|
In
this simple system, during encryption the letter a is substituted or
written with the letter u, b with v, c with w, etc.. When decrypting
a written u is substituted or read as a, v as b, w as c, etc.. This
simple cryptosystem can be used to authenticate or verify
information which is not secret. For example, an identification
card's descriptive information, "6 feet, 200 pounds
and brown hair", can be encrypted and that encrypted
information, along with the actual descriptive information, can be
printed on the identification card.
When
the identification card is used, the descriptive
information, "6 feet, 200 pounds and brown hair", can be
verified or authenticated by first decrypting the encrypted
information printed on the identification card. This decrypted
information can then be compared to the descriptive information
printed on the card and of course to the actual appearance of the
card's bearer.
In
this example only the identification card issuer and authenticator
know the algorithm and key. Thus, fraud perpetrators, who wish to
create counterfeit or altered identification cards but don't know
the algorithm and key, cannot create the correct encrypted
information necessary to pass the authenticator's verification
tests.
However,
if fraud perpetrators knew that a letter substitution system was
used as the algorithm, they could guess at the 'shared secret key'
and their chance of success would be 1 in 25 (For example, the letter a can be
equal to any letter except a). Also, if someone, in possession of
encrypted and decrypted information, knew or guessed that a
letter substitution system was used, he or she could determine the
'shared secret key' by simple 'trial and error' calculations because
there are only 25 possible 'shared secret keys'. It would not take
very long to test the 25 possible keys in this system.
So this simple system could be used as an authentication system, but it would have minimal security, because it would be relatively easy for fraud
perpetrators to determine the correct 'shared secret key' and then create counterfeit information that would pass the system's
authentication tests.
More Advanced Cryptosystems
To reduce the risks of 'trial and error' calculations discovering a 'shared
secret key', it is necessary to use a cryptosystem with more possible keys.
In general cryptosystems with a large number of possible keys are
more secure than those with a small number, because it requires more time to test a large number of possible
keys by 'trial and error' than to test a small number by 'trial and error'.
The
more time it takes to test all the possible keys, the more secure is
the system. For example, in a low security cryptosystem
all the possible keys might be tested in a few minutes, while in a
high security
cryptosystem it might take ten years to test all the possible
keys.
Today
with the abundance of inexpensive powerful computers almost anyone
can test a large number of possible keys by 'trial and error' in a
very short period of time. Therefore, cryptosystems, which may have
been secure before the computer age, are not secure today. Any
modern cryptosystem must involve computers - or must be developed
with computers in mind.
Modern 'Shared Secret Key' Cryptosystems
As computers became
ubiquitous, encryption algorithms, like the Letter Substitution,
were replaced by complex mathematical systems. Probably the best
known 'shared secret key' cryptosystem of the computer age is
the Data Encryption Standard (DES), which was developed in the late
1970s. DES, initially used to secure computer databases and
electronic communications, was promulgated by the National Institute
of Standards and Technology (NIST) to provide a system for the
protection of the confidentiality and integrity of the federal
government's sensitive unclassified computer information. Later it
was also used for security in many other areas, such as the
electronic transfer of funds and Internet
security.
In
the DES cryptosystem all information is converted into bits (0
or 1) and each key is 56 bits
long. Because each key is 56 bits long there are more than 70
quadrillion (2 to the 56th power) possible keys which can
be used with the DES algorithm.
Since it would have taken many years to discover a
correct DES key by 'trial and error', this algorithm was
considered very secure in the late 1970s. DES remained the security standard for years, but by
the 1990s, as cheaper computers became more powerful, it became less
costly and time consuming to discover a correct DES key by 'trial
and error'.
More
secure (longer key lengths with more possible keys) algorithms were developed and in the
fall of 2000, the Advanced Encryption Standard (AES) was selected by
the National Institute of Standards and Technology (NIST) as the
replacement for DES. AES has optional Key lengths of 128, 192 and
256 bits so that the number of possible Keys is 2 to the
128th, 192nd and 256th power when using AES.
With current technology it would take many, many years to discover by
'trial and error' a correct AES Key.
Thus,
mathematicians have responded to advances in computer technology by creating
more secure (longer key lengths with more possible keys) cryptosystems which make 'trial and
error' key determination almost impossible.
Authentication with Modern 'Shared Secret Key' Cryptosystems
Modern
'shared secret key' cryptosystems can be used to authenticate
information about financial instruments, tickets, packages and containers, which carry products, and identification
cards. For example, they can be used to authenticate a seat's location printed on an event ticket.
Here
is one way this can be accomplished. An event ticket's seat and row numbers, along with
the seat's section, and a 'shared secret key' could be entered into an encryption
algorithm like AES. The output would be 'encrypted information',
which is a scrambled representation of the seat's location printed on the ticket. This 'encrypted
information' could then be printed on the ticket or the 'encrypted
information' could be truncated to create an Authentication
Code. For example, the 'encrypted
information' could be converted to a 4 digit Authentication Code which could be printed on the ticket.
Then when
a ticket was presented for entrance to the event the event ticket's seat and row numbers, along with
the seat's section could be
entered into the same encryption algorithm along with the same
'shared secret key', which was used to create the ticket's 'encrypted
information' or Authentication Code. This calculated
information could then be compared to the information printed on the
ticket. If the calculated information was not equal to the information
printed on the ticket, then it would be assumed that the ticket was a counterfeit.
In
this system fraud perpetrators cannot create counterfeit tickets, which will pass authentication, because they don't know
the 'shared secret key' and they cannot determine the 'shared secret
key' by trial and error in any reasonable time period. Without the
'shared secret key' they cannot create the correct 'encrypted
information' or Authentication Code necessary to pass the
authentication tests.
For additional security a Hash Function, which is a one way function whose output cannot be decrypted, can be used to calculate a digest or fingerprint of the information that will be authenticated. See Ethent Views: "Hash Function Authentication" for a discussion of Hash Functions.
Ethent Views
1)
'Shared secret key' cryptosystems can be used to authenticate
information and they can be very effective, for example, as counterfeit detectors in preventing
the acceptance of counterfeit event tickets. Only a
small amount of information needs to be printed on a ticket - for
example a 4 digit Authentication Code.
2)
The 'shared secret key' size should be sufficiently long so that
'trial and error' calculations are not feasible and no more
than 2 parties should know the 'shared secret key'. If a large
number of parties know the 'shared secret key' there is substantial
risk that one of the parties will use the 'shared secret key' to
create fraudulent documents, which will pass the authentication
tests.