The Data Encryption Standard is the most popular cipher in history, even though it’s been around a mere 25 years.
In the early 1970s, the U.S. government was already using several ciphers in classified, secret, and top secret environments. However, it lacked a standardized encryption method for more general use. In 1973, the National Bureau of Standards strove to remedy that.
As explained in Federal Information Processing Standards Publication 74,Guidelines for Implementing and Using the NBS Data Encryption Standard:
Because of the unavailability of general cryptographic technology outside the national security arena, and because security provisions, including encryption, were needed in unclassified applications involving Federal Government computer systems, NBS initiated
a computer security program in 1973 which included the development of a standard for computer data encryption. Since Federal standards impact on the private sector, NBS solicited the interest and cooperation of industry and user communities in this work. Many companies developed proposals, but IBM prevailed. IBM’s DES was subjected to rigor- ous testing and by 1977, the National Bureau of Standards and the National Security Agency endorsed it. Since then, DES has been the de factoencryption algorithm used in non-classified environments and UNIX/Linux passwords.
Federal Processing Standards Publication 46-2 concisely describes DES as
…a mathematical algorithm for encrypting (enciphering) and decrypting (deciphering) binary coded information. Encrypting data converts it to an unintelligible form called
cipher. Decrypting cipher converts the data back to its original form, called plain-text. Both encryption and decryption functions rely on a key, without which unauthorized users can- not decrypt a DES-encrypted message. This key (derived from the user’s typed password and some padded information, as discussed later) consists of 64 binary digits (0s and 1s). 56 bits are used in encryption, and 8 are used in error checking. The total number of possible keys is therefore quite high:
If the complete 64-bit input is used (i.e., none of the input bits should be predetermined from block to block) and if the 56-bit variable is randomly chosen, no technique other than trying all possible keys using known input and output for the DES will guarantee finding the chosen key. As there are over 70,000,000,000,000,000 (seventy quadrillion) possible keys of 56 bits…
Functionally, DES is a block cipher, a cipher that works on data blocks of determinate size (in this case, 64-bit chunks). Blocks of data that exceed this determinate size are broken into 64- bit fragments. The remaining portions shorter than 64 bits are then padded. Paddingis when DES adds insignificant bits to smaller parts to achieve a complete 64-bit block.
From here, DES performs three important operations, the first of which is the initial permuta- tion. In permutation, data bits are shifted to different positions in a table. To gain a sense of what permutation is all about, consider encrypting the following string:
THE RED CAR
You can use a rudimentary permutation cipher that shifts character positioning. This takes two steps. First, you rewrite the string vertically, like this:
T H E R E D C A R
Next, you reconstitute the message to a horizontal string again: TRC HEA EDR Password Attacks CHAPTER5 145
5
P ASSW ORD A TT A CKS 08 0672321343 CH05 5/25/01 3:32 PM Page 145Of course, the DES initial permutation is infinitely more complicated, but it happens in a simi- lar fashion. Through this initial permutation, DES derives an input block. The input block is then scrambled by complex mathematical operations (a process called transformation) to pro- duce a pre-output block. Finally, the pre-output block is subjected to still another permutation, and the final result is the scrambled text, sometimes called encrypted textbut more accurately referred to as encoded text.
Linux User Security
PARTII
146
If you want specifics (including mathematical formulas) on how DES arrives at encrypted text, see the resource links at the end of this chapter or go to http://www.itl.nist.gov/
div897/pubs/fip46-2.htm. Linux’s implementation of DES is crypt(3), an enhanced,
high-speed, efficient DES implementation from Eric Young that’s available in libdes. You’ll find that many security programs use (or incorporate) libdes, including Secure Shell (dis- cussed in Chapter 13, “Telnet and SSH Security”).
N
OTEIn any event, early Linux distributions and most non-shadow password systems store DES- encrypted passwords in /etc/passwd. Here, again, is a typical entry:
robyn:FrGSO11.FdfAa:503:504:Robyn Ness:/home/robyn:/bin/bash
If your system stores passwords this way, you should install password shadowing (discussed later in this chapter). Here’s why: Although it is true that attackers must search a minimum of 32 quadrillion keys (and probably more) to perform a brute-force attack, they need not search for keys at all. Instead, they can copy /etc/passwdto a file and use the encrypted passwords to perform a simple dictionary attack.
For excellent coverage of cryptographic terms, check out Terry Ritter’s Crypto Glossary, located at http://www.io.com/~ritter/GLOSSARY.HTM.