ALGORITHMS FOR DUMMIES…
An algorithm is an effective method that can be expressed within a finite amount of space and time and in a well-defined formal language for calculating a function*. Today, algorithms are running computers, used in cryptography, in routing information, in planning and optimizing resources, in word processing, etc. The American TV series “NUMB3rs” has, between 2005 and 2010, popularized the use of algorithms in our daily lives: the main character uses them to solve criminal cases for the FBI**.
There are many types of algorithms:
– Algorithms to compute fingerprints, which are a short set of features representing a content (one way function): such as SHA (Secure Hash Algorithm) and MD (Message Digest). The most recent ones are the most resistant against hacking attempts (SHA-2 et MD-6), older ones have been broken and are very fast to compute. For instance, Microsoft uses MD4 to encrypt passwords in NTLM.
– MAC (Message Authentication Code)*** computation allows to add an origin and integrity validation to a message or content: only the legitimate sender of the message would have been able to produce this code, so in addition to origin validation, MAC guaranties integrity thanks to a key. MAC algorithms are mainly used in SHA-type (SHA-2 or SHA-3) or MAC-type fingerprint calculation. These algorithms are, for example, used in secure communications, with an IPSec-type (Internet Protocol Security) VPN (virtual private network). MAC computations are fast, in opposition to RSA-based asymmetric fingerprint computations.
– Symmetric encryption algorithms, such as AES, RC, DES, etc. They are typically used for encrypting content for confidentiality purposes. A common key has to be already shared between two individuals or machines, or a key negotiation protocol has to be used (such as Diffie and Hellman –DH-).
– Asymmetric algorithms: That’s typically RSA (derived from the names of the cryptographs Rivest, Shamir and Adleman) which allows confidentiality by using a “public” key to encrypt, and the receiver uses a “private” key to decrypt the information. It also allows authentication with private-key signing, the receiver can use their public key to check the signature. The advantage of asymmetric algorithms is the possible broad diffusion of public key while the owner keeps their private key. Despite some latencies, these algorithms have clear advantages by allowing data exchange or document signing between unconnected parties; Appending a signature, for example, lets one party perform an “off-line” verification.
Using cryptography is, at the end, only implementing these types of algorithms. Yet, it is still better to be certified, by a CESTI for instance, to be sure of implementing them properly.
* Wikipedia
** https://fr.wikipedia.org/wiki/Numbers_%28s%C3%A9rie_t%C3%A9l%C3%A9vis%C3%A9e%29
http://mathworld.wolfram.com/topics/NUMB3RS.html
*** https://en.wikipedia.org/wiki/Message_authentication_code