Archive for November 22nd, 2010
Now I’m doing Cryptography as a discipline, which has got elements of both mathematics and computing science. The main source for this particular post is from: “A Handbook of Applied Cryptography” by A. Menzes, P. van Oorschot and S. Vanstone. It will probably continue to be a fairly major source throughout the project because it’s a recommended and comprehensive text and best of all is free at http://www.cacr.math.uwaterloo.ca/hac/ which is nice. Of course, the reference between cryptography and IP/copyright theft is that it is necessary to have a means of protecting media. Otherwise, how on earth are films/records going to be able to continue charging extortionate prices..?
Cryptography and Cryptanalysis
Cryptography is the study of mathematical techniques related to aspects of information security such as confidentiality, data integrity, entity authentication, and data origin authentication
Cryptanalysis is the study of mathematical techniques for attempting to defeat cryptographic techniques, and, more generally, information security services
Cryptography seeks to build a framework around the following four goals:
- data integrity
- non-repudiation. (p4)
A cryptographic primitive is a tool which is used to provide information security such as encryption schemes, hash functions, and digital signatures. A primitive is evaluated according to criteria such as:
- Level of security
- Methods of Operation
- Ease of Implementation
One-way functions are essential for public key cryptography. The definition from the book is:
A function f from a set X to a set Y is called a one-way function if f(x) is “easy” to compute for all elements x E X but for essentially all elements of the y E Im(f) it is computationally infeasible to find any x E X such that f(x) = y.
More specifically, a trapdoor one-way function is a one way function but with additional information (trapdoor information) it becomes feasible to find for any given y E Im(f), an x E X such that f(x) = y.
It has not rigorously been established whether any one way functions exist (according to the definition above)
How Encryption Works
Two parties Alice and Bob secretly exchange a key pair. Alice encrypts the message and then sends the encrypted message to Bob who can then decrypt the message. The key must be sent along a secure channel, but an adversary can see the encrypted message which is later sent.
An encryption scheme is breakable if a third party, without prior knowledge of the key pair can systematically recover plaintext from corresponding ciphertext within some appropriate time frame
See Kerckhoffs’ desiderata (p14) for the desirability of cipher systems (from 1883 but remain relevant today mostly)
Symmetric-key encryption has the difficulty of securely sending the keys between the parties. The encryption and decryption transformations must be kept secret because the decryption transformation can be deduced from the encryption transformation.
Introduced in the paper “New Directions in Cryptography” (1976) Diffie & Hellman. Definition from the book:
The encryption method is said to be a public-key encryption scheme if for each associated encryption/decryption pair (e,d), one key e (the public key) is made publicly available, while the other d(the private key) is kept secret. For the scheme to be secure it must be computationally infeasible to compute d from e
There are still issues about the transmission of the public key, because an adversary can defeat the system without breaking it – see p28. This requires the use of digital signatures another purpose for which cryptography can be used.
Well for anyone who’s still reading this a few other issues that aren’t from “the book” (well at least that I’ve read yet anyway) are:
- People are stupid, that’s the way to get to an encryption method is attack the protocols etc.
- Means of attacking an encryption system(people/protocols, brute force)
- Issues with data permanence. With Moore’s law still going strong (is it?) how long can data be securely kept? DES was secure enough in its day, but now a message can be encrypted in less than a day
- I also plan to have a look at how some popular encryption schemes work, and at methods to break them