the Evolution of Digital Security

THE EVOLUTION OF DIGITAL SECURITY and who made a Secure Communication Environment possible to build During the last half of the century, digital security went a long way thanks to the great people who, most of the time, made their inventions free to use by anyone without being afraid of patent issues. 1961 First computer password 1976 Diffie-Hellman key exchange Fernando Corbató MIT implemented the first password and username method of user authentification for time-sharing computer called CTSS. Cracked by Allan Scherr a Ph.D. researcher at MIT who was looking for a way to bump up his usage time on CTSS. He had been allotted four hours per week, but it wasn't nearly enough time to run the detailed performance simulations he'd designed for the new computer system. Whitfield Diffie Martin Hellman Ralph Merkle The Diffie-Hellman key exchange is a specific method of securely exchanging cryptographic keys over a public channel and was one of the first public-key protocols. 1977 RSA (Rivest-Shamir-Adelman) 1979 Data Encryption Standard (DES) Horst Feistel, Walter Tuchman, Don Coppersmith, Alan Konheim, Carl Meyer, Mike Matyas, Roy Adler, Edna Grossman, Bill Notz, Lynn Smith, Bryant Ron Rivest It is the first algorithm known to be suitable for signing as well as encryption, and was one of the first great advances in public key cryptography. RSA is widely used in electronic commerce protocols, and is believed to be secure given sufficiently long keys and the use of up-to-date implementations. Adi Shamir Leonard Adleman Tuckerman. This was the previously predominant algorithm for the encryption of electronic data. It highly influenced the advancement of modern cryptography in the academic world. DES is now considered to be unsecure due to the 56-bit key size being too small. 1984 ElGamal 1985 Elliptic curves in cryptography Taher Elgamal A predecessor of DSA, the EIGamal cryptosystem is usually used in a hybrid cryptosystem, i.e., the message itself is encrypted using a symmetric cryptosystem and EIGamal is then used to encrypt the key used for the symmetric cryptosystem. Neal Koblitz Victor S. Miller One of the most powerful types of cryptography that is widely used today. The elliptic curve cryptography was first proposed in 1985, but only became widely used in 2004 1991 1991 Pretty Good Privacy (PGP) Digital Signature Algorithm (DSA) Phil Zimmermann David W. Kravitz A digital signature algorithm (DSA) refers to a standard for digital signatures. It was introduced in 1991 by the National Institute of Standards and Technology (NIST) as a better method of creating digital signatures. Along with the RSA, the DSA is considered one of the most preferred digital signature algorithms used today. A methodology used for encrypting and decrypting digital files and communications over the Internet. Phill created PGP to promote awareness of the privacy issue in a digital age. It was initially designed for email security. PGP is such an effective encryption tool that the U.S. government actually brought a lawsuit against Zimmerman for putting it in the public domain and hence making it available to enemies of the U.S. After a public outcry, the U.S. lawsuit was dropped, but it is still illegal to use PGP in many other countries. 1993 Blowfish 1994 HTTPS Bruce Schneier It is a symmetric-key block cipher. At the time Blowfish was released, many other designs were proprietary, encumbered by patents or were commercial or government secrets. Schneier has stated that, "Blowfish is unpatented, and will remain so in all countries. The algorithm is hereby placed in the public domain, and can be freely used by anyone." Netscape Communications A protocol for secure communication over a computer network which is widely used on the Internet. The main motivation for HTTPS is authentication of the visited website and to protect the privacy and integrity of the exchanged data. 1997 САРТСНA 1998 3DES (IBM) Martín Abadi Mark D. Lillibridge (Completely Automated Public Turing test to tell Computers and Humans Apart). First implemented at AltaVista to prevent bots from adding URLS to their search engine Krishna Bharat Andrei Broder Walter Tuchman IBM The original DES cipher's key size of 56 bits was generally sufficient when that algorithm was designed, but the availability of increasing computational power made brute-force attacks feasible. Triple DES provides a relatively simple method of increasing the key size of DES to protect against such attacks, without the need to design a completely new block cipher algorithm. 1998 Advanced Encryption Standard (AES) / Rijndael 1999 GNU Privacy Guard Vincent Rijmen The AES replaced the DES. It is a symmetric block cipher used by the U.S. government to protect classified information and is implemented in software and hardware throughout the world to encrypt sensitive data. Joan Daemen Werner Koch Werner began writing GNU Privacy Guard in 1997, inspired after attending a talk by Richard Stallman who made a call for someone to write a replacement for Phil Zimmermann's Pretty Good Privacy (PGP) which was subject to U.S. export 2004 Off-the-Record Messaging restrictions. 2006 lan Goldberg Nikita Borisov The primary motivation behind the protocol was providing deniable authentication for the conversation participants while keeping conversations confidential, like a private conversation in real life, or off the record in journalism sourcing. ZRTP (Zimmermann Real-time Transport Protocol) Phil Zimmermann 2013 It is a cryptographic key-agreement protocol for a Voice over Internet Protocol (VolP). It provides users the ability to verify that there is no man in the middle, by verbally comparing two strings. The two strings will be displayed on the caller phone and the called phone, and they have to be exactly the same. SHA-3 Guido Bertoni Joan Daemen Michaël Peeters Gilles Van Assche It is a cryptographic hash function that came after SHA-2 that was not yet cracked, which came after SHA-1 that is theorethically crackable, that came after a cracked SHA-0. Thanks to these and many other great people, security tools are now at the level that most of the time renders brute force attacks ineffective. Today, the key to building a secure communication environment is using the right combination of tools and technics and correct implementation. VISIBLE xvisible.net