Category Archives: Cryptography

Signing Contents Digitally: An Email Implementation

“I was happy when I design my own signature. Also, deciding to put my signature under this job makes me happier. Characteristic of signatures transforms in time. However, it would be remain same in a day. Letters takes the form of yourself, they makes your name official on a paper”. That’s the cover text of Turkish Singer Sila‘s album named as signature.

Handwritten signatures proves identity of signer on a marked document. Characteristics of letter formation are unique for every person like finger prints. Also, one’s fine motor skills might affect his handwriting. This leaves clues about signatory’s idendity. So, signatures can be verified by Questioned document examination.

Digital signatures are like handwriten signatures. They demonstrates authenticity of digital content and they can be verified too.

Digital signatures include two different cryptography concepts: cryptographic hash functions and public key cryptography.

new-york-one-way-1024x768

Hash functions are one way irreversible functions

Continue reading

Exchanging Encrypted Mails

2016 released Snowden is a biographical movie fictionalised life story of Former NSA employee Edward Snowden. The movie reveals illegal surveillance techniques of the government organization. Also, harversting email and search history data is revealed by Snowden, too. This paranoia might convince Zuckerberg. He covered his webcam and mic with tape.

Beyond the paranoia, doubt often forces more rigorous scientific analysis and leads discoveries. In other words, thoroughly conscious ignorance. So, we can protect mails even if they are harvested by third parties. In this post, we will mention an implementation of exchanging encrypted mails.

We will build an exchanging encrypted mail implementation, and run it via gmail infrastructure. In order to work on gmail, you need to allow less secure applications to access your gmail account. You should skip this step if you work on an alternative mail server. Also, we would develop this implementation by referencing Java Mail API.

Continue reading

Protecting Java Codes: Encrypted Class Loader

Cloud services are adopted by both start-ups and enterprises in recent years. However, it comes security issues. At this point, developed codes differ from the data. Critical data should be stored as encrypted. On the other hand, developed codes are mostly installed on server vulnerably. For istance, Java projects could be installed on a server as a jar/ear extention file. This files include java classes hierarchically. However, there are several decompilers extract original java codes from class files.

What if the developed code includes patentable algorithm? An enterprise might protect its intellectual property. In this case, installing the project on a server directly would be like turkeys voting for Christmas. So, what we are saying is that we should encrypt the important codes just as critical data, store them in cloud database, and decrypt it on runtime to protect intellectual property. In this way, custom codes would be still secure even if the cloud system is invaded because encryption key would not be stored on cloud system.

Continue reading

Key Exchange: From Carrying Handcuffed Briefcases To Modern Cryptosystems

You should be familiar to handcuffed briefcases in spy movies. Most probably, shared secret key is in the briefcase and the agent transfers the secret key between parties in old fashioned way. Either courier’s hand is cut or he is kidnapped to steal the briefcase. So, handcuffs could not guarantee the security of the briefcase and key.

lucy-handcuffed-1000

Scarlett Johansson with handcuffed briefcase in Lucy (2014)

Continue reading

Double and Add Method

Computing a new point on an elliptic curve Q = kP for given k and P could be performed by combination of point addition and point doubling. Thus, computation is performed by less than k steps. This approach is called as addition chains. Finding the optimum addition chain is NP-Complete problem.

In this post, we’ll mention the double and add method (a.k.a. binary method) and implement the concept in Java.

Continue reading

The Math Behind Elliptic Curves over Binary Field

In the previous post, we’ve mention the math behind addition law for elliptic curves over Galois Field GF(p) – prime field. Now, math behind elliptic curves over Galois Field GF(2n) – binary field would be mentioned. In literature, elliptic curves over GF(2n) are more common than GF(p) because of their adaptability into the computer hardware implementations.

ell_strikes_back_2

Elliptic Curve Binary Form

Elliptic Curves over GF(2n)

Algebraically, an elliptic curve over binary field is represented as the following form:

y2 + xy = x3 + ax2 + b, (b≠0)

Negative Point

Suppose that P(x, y) is a point on the curve. The negative of the point P(x, y) is -P(x, -(x+y)), and -P is still on the curve.

Continue reading

The Math Behind Elliptic Curve Cryptography

The most of cryptography resources mention elliptic curve cryptography, but they often ignore the math behind elliptic curve cryptography and directly start with the addition formula. This approach could be very confusing for beginners. In this post, proven of the addition formula would be illustrated for Elliptic Curves over Galois Field GF(p) – prime field.

ell_strikes_back_1 (1)

An Illustration from cr.yp.to

Elliptic Curves over GF(p)

Basically, an Elliptic Curve is represented as an equation of the following form.

y2 = x3 + ax + b (Weierstrass Equation)

Pre-condition: 4a3 + 27b2 ≠ 0 (To have 3 distinct roots)

Addition of two points on an elliptic curve would be a point on the curve, too. Adding two points on an elliptic curve is demonstrated on the following illustration.

P(x1, y1) + Q(x2, y2) = R(x3, y3)

Continue reading