|
|||||||
|
|
|
|||||
|
|
|||||||
 |
An Overview/ Terminology |
A message is plaintext (sometimes called cleartext). The process of disguishing a message in such a way as to hide its substance is encryption. An encrypted message is ciphertext. The process of turning ciphertext back into palintext is decryption. (If you want to follow the ISO 7498-2 standard, use the terms "encipher" and "decipher". It seems that some cultures find the terms encrypt and decrypt offensive, as the refer to dead bodies.)
The art of keeping messages secure is cryptography, and it is practiced by cryptographers. Cryptanalysts are practitioners of cryptanalysis, the art and science of breaking ciplhertext; that is, seeing through the disguise. The branch of mathematics encompassing both cryptography and cryptanalysis is cryptology and its practitioners are cryptologists.
In addition to providing confidentionality, cryptography is often asked to other jobs:
These are vital requirements for social interaction on computers, and are analogous to face-to-face interactions. That someone is who he says he is ... that someone's credentials -whether a driver's license, a medical degree, or a passport- are valid ... that a document purporting to come from a person actually came from that person ... These are the things that authentication, integrity and nonrepudation provide.
A cryptographic algorithm, also called a cipher, is the mathematical function used for encryption and decryption. (Generally, there are two related functions: one for encryption and the other for decryption.)
If the security of and algorithm is based on keeping the way that algorithm works a secret, it is a restricted algorithm. Restricted algorithms have historical interest, but are woefully inadequate by today's standards. A large or changing group of users cannot use them, because every time a user leaves the group everyone else must switch to a different algorithm. If someone accidentally reveals the secret, everyone must change their algorithm.
Even more damning, restricted algorithms allow no quality control or standardization. Every group of users must have their own unique algorithm. Such a group can't use off-the-shelf hardware or software products; an eavesdropper can buy the same product and learn the algorithm. They have to write their own algorithms and implementations. If no one in the group is a good cryptographer, then they won't know if they have a secure algorithm.
Despite these major drawbacks, restricted algorithms are enormously popular for low-security applications. Users either don't realize or don't care about the security problems inherent in their system.
Modern cryptography solves this problem with a key. This might be any one of a large number of values. The range of possible values of the key is called the keyspace. Both the encryption and decryption operations use this key.
Some algorithms use a different encryption key and decryption key. That is, the encryption key is different from the corresponding decryption key.
All of the security in these algorithms is based in the key (or keys); none is based in the details of the algorithm. This means that the algorithm can be published and analyzed. Products using the algorithm can be mass-producted. It doesn't matter if an eavesdropper knows your algorithm; if she doesn't know your particular key, seh can't read your messages.
A cryptosystem is an algorithm, plus all possible plaintexts, ciphertexts and keys.
There are two general types of key-based algorithms: symmetric and public-key. Symmetric algorithms, sometimes called conventional algorithms, are algorithms where the encryption key can be calculated from the decryption key and vice versa. In most symmetric algorithms, the encryption ket and the decryption key are the same. These algorithms, alse called secret-key algorithms, single-key algorithms, or one-key algorithms, require that the sender and the receiver agree on a key before they can communicate securely. The security of a symmetric algorithm rests in the key; divulging the key means that anyone could encrypt and decrypt messages. As long as the communication needs to remain secret, the key must remain secret.
Symmetric algorithms can be divided into two categories. Some operate on the plaintext a single bit (or sometimes byte) at a time; these are called stream algorithms or stream ciphers. Others operate on the plaintext in groups of bits. The group of bits are called blocks and the algorithms are called block ciphers. For modern computer algorithms, a typical block size is 64 bits -large enough to preclude analysis and small enough to be workable.
Public-Key algorithms (alse called asymmetric algorithms) are designed so that the key used for encryption is different from the key used for decryption. Furthermore, the decryption key cannot (at least in any reasonable amount of time) be calculated from the encryption key. The algorithms are called "public-key" because the encryption key can be made public. A complete stranger can use the encryption key to encrypt a message, but only a specific person with the corresponding decryption key can decrypt the message. In these systems, the encryption key is often called the public key and the decryption key is often called the private key.
The whole point of cryptography is to keep the plaintext (or the key, or both) secret from eavesdroppers (also called adversaries, attackers, interceptors, interloppers, intruders, opponents, or simple the enemy). Eavesdroppers are assumed to have complete access to the communications between the sender and the receiver.
Cryptanalysis is the science of recovering the plaintext without access to the key. Successful cryptanalysis may recover the plaintext or the key. It also may find weeknesses in a cryptosystem, that eventually lead to the previous results. (The loss of the key through noncryptanalytic means is called a compromise.)
An attempted cryptanalysis is called an attack. There are four general types of cryptanalytic attacks. Of course, each of them assumes that the cryptanalyst has complete knowledge of the encryption algorithm used:
There are at least three other types of cryptanalytic attack.
Lars Knudsen classified these different categories of breaking an algorithm. In decreasing order of security:
An algorithm is unconditionally secure if, no matter how much ciphertext a cryptanalyst has, there is not enough information to recover the plaintext. In point of fact, only a one-time pad is unbreakable given infinite resources. All other cryptosystems are breakable in a ciphertext-only attack, simply by trying every possible key one by one and checking whether the resulting plaintext is meaningful. This is called a brute-force attack.
Cryptography is more concerned with cryptosystems that are computationally infeasible to break. An algorithm is considered computationally secure (sometimes called strong) if it cannot be broken with available resources, either current or future.
Steganography serves to hide secret messages in other messages, such that the secret's very existence is concealed. Historical tricks include invisible inks, tiny pin punctures on selected characters, minute differences between handwritten characters, pencil marks on typewritten characters, grilles which cover most of the message except for a few characters, and so on. More recently, people are hiding secret messages in graphic images.
| Alice | First participant in all the protocols |
| Bob | Second participant in all the protocols |
| Carol | Participant in the three- and four-party protocols |
| Dave | Participant in the four-party protocols |
| Eve | Eaves dropper |
| Mallory | Malicious active attacker |
| Trent | Trusted arbitrator |
| Walter | Warden; he'll be guarding Alice and Bob in some protocols |
| Peggy | Prover |
| Victor | Verifier |