Copyright © 1996, 1998 RSA Data Security, Inc. All rights reserved. RSA BSAFE Crypto-C, RSA BSAFE Crypto-J, PKCS, S/WAN, RC2, RC4, RC5, MD2, MD4, and MD5 are trade- marks or registered trademarks of RSA Data Security, Inc. Other products and names are trademarks or regis- tered trademarks of their respective owners. For permission to reprint or redistribute in part or in whole, send e-mail to [email protected] or contact your RSA representative. RSA Laboratories’ Frequently Asked Questions About Today’s Cryptography, v4.0 2 Table of Contents Table of Contents............................................................................................ 3 Foreword......................................................................................................... 8 Section 1: Introduction .................................................................................... 9 Question 1.1. What is the RSA Laboratories’ Frequently Asked Questions About Today’s Cryptography? ................................................................................................................ 9 Question 1.2. What is cryptography? ............................................................................................10 Question 1.3. What are some of the more popular techniques in cryptography? ................... 11 Question 1.4. How is cryptography applied? ............................................................................... 12 Question 1.5. What are cryptography standards? ....................................................................... 14 Question 1.6. What is the role of the United States government in cryptography? ............... 15 Question 1.7. Why is cryptography important? ........................................................................... 16 Section 2: Cryptography................................................................................ 18 Section 2.1: Cryptographic Tools ..................................................................................................... 18 Question 2.1.1. What is public-key cryptography?...................................................................... 18 Question 2.1.2. What is secret-key cryptography?....................................................................... 19 Question 2.1.3. What are the advantages and disadvantages of public-key cryptography compared with secret-key cryptography? ...................................................... 20 Question 2.1.4. What is a block cipher? ......................................................................................... 21 Question 2.1.5. What is a stream cipher? ...................................................................................... 25 Question 2.1.6. What is a hash function? ...................................................................................... 27 Question 2.1.7. What are Message Authentication Codes (MACs)? ......................................... 28 Question 2.1.8. What are interactive proofs and zero-knowledge proofs? .............................. 29 Question 2.1.9. What are secret sharing schemes? ....................................................................... 30 Section 2.2: Simple Applications of Cryptography ........................................................................... 31 Question 2.2.1. What is privacy? .................................................................................................... 31 Question 2.2.2. What is a digital signature and what is authentication? ................................. 32 Question 2.2.3. What is a key agreement protocol? ..................................................................... 33 Question 2.2.4. What is a digital envelope? .................................................................................. 34 Question 2.2.5. What is identification? .......................................................................................... 35 Section 2.3: Hard Problems ............................................................................................................. 36 Question 2.3.1. What is a hard problem? ...................................................................................... 36 Question 2.3.2. What is a one-way function? ............................................................................... 37 Question 2.3.3. What is the factoring problem? ........................................................................... 38 Question 2.3.4. What are the best factoring methods in use today? ......................................... 39 Question 2.3.5. What improvements are likely in factoring capability?................................... 40 Question 2.3.7. What is the discrete logarithm problem? ........................................................... 42 Question 2.3.8. What are the best discrete logarithm methods in use today? ......................... 43 Question 2.3.9. What are the prospects for a theoretical breakthrough in the discrete log problem? ................................................................................................................. 44 Question 2.3.10. What are elliptic curves? .................................................................................... 45 Question 2.3.11. What are lattice-based cryptosystems? ............................................................ 46 Question 2.3.12. What are some other hard problems?............................................................... 47 RSA Laboratories’ Frequently Asked Questions About Today’s Cryptography, v4.0 3 Section 2.4: Cryptanalysis .............................................................................................................. 48 Question 2.4.1. What is cryptanalysis? .......................................................................................... 48 Question 2.4.2. What are some of the basic types of cryptanalytic attack? .............................. 49 Question 2.4.3. What is exhaustive key search? ........................................................................... 50 Question 2.4.4. What is the RSA Secret Key Challenge? ............................................................. 51 Question 2.4.5. What are the most important attacks on symmetric block ciphers? .............. 52 Question 2.4.7. What are the most important attacks on stream ciphers? ............................... 54 Question 2.4.8. What are the most important attacks on MACs? .............................................. 55 Question 2.4.9. At what point does an attack become practical?............................................... 56 Section 2.5: Supporting Tools in Cryptography ............................................................................... 57 Question 2.5.1. What is primality testing? ................................................................................... 57 Question 2.5.2. What is random number generation? ................................................................. 58 Section 3.1: RSA ............................................................................................................................ 59 Question 3.1.1. What is RSA? .......................................................................................................... 59 Section 3: Techniques in Cryptography.......................................................... 60 Question 3.1.2. How fast is RSA? .................................................................................................... 60 Question 3.1.3. What would it take to break RSA? ...................................................................... 61 Question 3.1.4. What are strong primes and are they necessary for RSA?............................... 62 Question 3.1.5. How large a key should be used in RSA? .......................................................... 63 Question 3.1.6. Could users of RSA run out of distinct primes? ............................................... 64 Question 3.1.7. How is RSA used for privacy in practice? ......................................................... 65 Question 3.1.8. How is RSA used for authentication and digital signatures in practice? ...... 66 Question 3.1.9. Is RSA currently in use? ........................................................................................ 67 Question 3.1.10. Is RSA an official standard today? .................................................................... 68 Question 3.1.11. Is RSA a de facto standard? ................................................................................ 69 Section 3.2: DES ............................................................................................................................ 70 Question 3.2.1. What is DES? .......................................................................................................... 70 Question 3.2.2. Has DES been broken? .......................................................................................... 71 Question 3.2.3. How does one use DES securely? ....................................................................... 72 Question 3.2.4. Should one test for weak keys in DES? .............................................................. 73 Question 3.2.5. Is DES a group? ...................................................................................................... 74 Question 3.2.6. What is triple-DES? ............................................................................................... 75 Question 3.2.7. What is DES-X? .....................................................................................................