Watch, Follow, &
Connect with Us

Please visit our new home
community.embarcadero.com.

Public Report
Report From: Conference/US/2006/General    [ Add a report in this area ]  
Report #:  32419   Status: Open
Implementing Cryptography by Jim McKeeth
Project:  Conference Build #:  No
Version:    1 Submitted By:   Christine Ellis
Report Type:  Suggestion / Enhancement Request Date Reported:  8/7/2006 3:16:39 PM
Severity:    Infrequently encountered problem Last Updated: 8/28/2006 1:37:28 PM
Platform:    All platforms Internal Tracking #:  
Resolution: None  Resolved in Build: : None
Duplicate of:  None
Voting and Rating
Overall Rating: (12 Total Ratings)
4.42 out of 5
Total Votes: 6
Description
Implementing Cryptography by Jim McKeeth
TYPE: Regular Session
LEVEL: Advanced
PREREQUISITES: Basic understanding of cryptography and higher math.
ABSTRACT: This session will jump right into implementing cryptography. All the examples will be in Delphi, but most of the libraries and information can be used equally well in C++ Builder and the native libraries are typically compatible with Kylix.  Also covers .NET Framework cryptography.  Exceptions and differences between platforms will be noted where possible. Cryptography is more complicated then most people think, and implementing it wrong can be worse then not implementing. Some of our examples will include using the .NET framework for encryption support.

Just to get our feet wet we start out with a few simple examples including XOR, Replacement and Bit Rotations. Many of the more complex routines are based on simple techniques like these combined with others and repeated many times over.

Strong encryption requires really big numbers so the first thing we need is to find away to get really big numbers. Delphi natively provides 32 and 64 bit numbers. For some levels of encryption these are enough. For really strong encryption we must go beyond the standard provided number types. We can write our own library or use an existing 3rd party ones. The basis of many of these libraries is a core written in assembler and it is important to understand the function of assembler.

When these numbers are in memory or on disk they can be stored in their basic binary format, but when they are represented to the user a different format is needed. Standard decimal representation (base 10) will work, but is not as space efficient as using other bases or standards.

Many people get really excited about real random numbers versus pseudo-random numbers like Delphi's random routine provides. When it comes to encryption and key generation this is even more important. Real random numbers are very difficult to obtain on a computer, so very complex pseudo-random routines must be used instead. There are a number of routines available to create random numbers. Most all routines need a seed, or a starting point for generating numbers. If a routine is feed the same seed it will always generate the same random numbers so a good, unreproducible seed is important. Randomize provides Delphi's random seed from the system clock. Other, more secure sources include entropy gathers or seed phrases.

Entropy gathering can be accomplished by gathering seemingly random data like mouse movements, file IO, etc. This data is then mixed and mashed together to remove patterns. There are libraries that can be used to gather entropy or we can use some techniques of our own.

Hashes are one-way or trapdoor algorithms that provide a digital "thumb print" for data. A very simple hash sums up the values of all the bytes rolling the values over as they get too big for the hash size. Hashing is many times used to "randomize" entropy. First we will look at some hashing that uses simple algorithms and native numbers, then we will look at some libraries that use larger numbers and provide cryptographically secure hashes.

Encryption keys are typically secured by a password or pass-phrase but other sources include biometrics or smart cards. These methods are used to identify a user to allow them access to the encrypted data. Naturally implementing a good encryption mechanism is worthless if this is easily compromised.

Symmetrical or private key encryption is the most common and simplest form of encryption. First we will look at some simple algorithms (like the ones we opened the session with). Then we will look at some stronger algorithms provided by 3rd party native Delphi components (compiles into our project). A few examples will be given of using these different libraries. Finally we will look at some external libraries that provide symmetrical encryption functionality.

Asymmetrical or public key encryption is what most people associate with the term strong encryption. This is probably the more complex type of encryption. First we will look at implementing public key encryption using just native number types, then we will look at some 3rd party libraries that use large number routines. Many examples will be given. Finally we wrap up with some external libraries that provide public key encryption support to various standards.

Keys exchanges are what allows people to communicate via encryption. There are a few systems available for key exchanges and we will look at some of these.

Signatures are a combination of public key encryption and hashes. These are very useful for establishing identification electronically. Again we will look at some native code libraries using large numbers as well as some external libraries to provide signature functionality.

Simple examples
Need really big numbers

Ways to get large numbers in Delphi

Using assembly

A look at some large number libraries

Representing


MIME


Hexadecimal


Base 64

Pros and Cons of each

Random Numbers
Delphi's built in random number routines

Some standard routines

Cryptographic routines


ISAAC

Entropy gathering
User Identification

Passwords


Storing


Entering


Generating


Validating


Biometrics


Smart cards


Bar codes


Magnetic strip cards
Hashes

Uses

Obtaining
Symmetrical Encryption

Simple Algorithms

Native Delphi Libraries

External Libraries
Asymmetrical Encryption

Simple Algorithms

Native Delphi Libraries

External Libraries
Keys
Signatures

At the completion of this course an attendee should have the information necessary to choose and implement a cryptographic solution in Delphi with little trouble.
SPEAKER BIOGRAPHY: Jim McKeeth is a software developer with over 15 years of experience in developing software and building online communities. He runs the Boise Software Developers Group, Idaho s longest running group of its kind. Jim works at Washington Group International as a Senior Software Engineer. He is a certified trainer and has shared the stage with some of the top trainers on the continent. Jim maintains a number of successful blogs and enjoys spending time with his wonderful family.
Steps to Reproduce:
None
Workarounds
None
Attachment
None
Comments

None

Server Response from: ETNACODE01