Modern cryptology

Cryptography is an ancient discipline. Messages were already being encrypted in the archaic period of Greece. One of these, dating from the sixth century BC, consisted of wrapping a roll of paper around a cylinder and then writing the message on the paper. The unrolled paper was then sent off to the receiver, who could easily decrypt the message if he knew the diameter of the original cylinder. For many years, Cryptography was the exclusive reserve of military and diplomatic circles. Literature on the subject was very limited. The first fundamental publication was the 1949 article of Claude Shannon -“The communication theory of secrecy systems” [Sha]which lays down a mathematical basis for cryptographic systems, beginning with the definition of a new model : Information Theory. Feistel made a significant subsequent contribution with the publication in the beginning of the seventies of his work on iterative block-cipher systems [Fei1, Fei2]. This led to the DES encryption algorithm being proposed in 1997 as a secret-key encryption standard for non-classified applications. The increase in computer power challenged the security of DES, which was replaced by a new standard called AES in October 2000. This algorithm is the result of recent research, especially in Cryptanalysis. But the major advance in Cryptography was incontestably the 1976 publication of “New directions in cryptography” [Dif], by Whitfield Diffie and Martin Hellman. This article introduced the revolutionary concept of public-key cryptography. Even though the authors did not give a practical realisation of a public-key system, the properties were nonetheless clearly enunciated. Moreover, they presented a protocol by which two entities could agree a secret key from preliminary knowledge of public data only. The first realisation of a public-key system was due to Ronald Rivest, Adi Shamir and Leonard Adleman in 1978 : the RSA system [Riv]. Since then, the literature on this topic has not ceased to develop. More recently, Cryptography has had to offer additional capabilities in order to meet new threats arising from the development of information networks and the massive digitisation of documents. The principal examples of these capabilities are guaranteeing the authenticity of messages (their provenance and their contents) and certifying a person’s identity. The former are realised by digital signature algorithms and the latter by identification techniques. This introductory article presents first of all the two principal categories of cryptographic procedures which are most frequently used: encryption algorithms, which serve to protect the confidentiality of data and signature algorithms which, just like handwritten signatures, guarantee the provenance and the integrity of messages. The article details several practical implementation aspects of these procedures. It must be noted that the desired capabilities of a particular application need to be listed in advance before looking for an appropriate cryptographic solution.