Home Computer Science



Basic terminology and conceptsThe scientific study of any discipline must be built upon rigorous definitions arising from fundamental concepts. What follows is a Ust of terms and basic concepts used throughout this book. Where appropriate, rigor has been sacrificed (here in Chapter 1) for the sake of clarity. Encryption domains and codomains
Encryption and decryption transformations
'More generally is obtained if E,. is simply defined as a 1 — 1 transformation from M to C. That is to say, E_{e} is a bijection from M to Im(E_{e}) where Im(E_{e}) is a subset of C.
Achieving confidentiality An encryption scheme may be used as follows for the purpose of achieving confidentiality. Two parties Alice and Bob first secretly choose or secretly exchange a key pah (e, d). At a subsequent point in time, if Alice wishes to send a message m e M to Bob, she computes c = E_{e}(m) and transmits this to Bob. Upon receiving c, Bob computes D,/(c) = m and hence recovers the original message m. The question arises as to why keys are necessary. (Why not just choose one encryption function and its corresponding decryption function?) Having transformations which are very similar but characterized by keys means that if some particular encryption/decryption transformation is revealed then one does not have to redesign the entire scheme but simply change the key. It is sound cryptographic practice to change the key (encryption/decryption transformation) frequently. As a physical analogue, consider an ordinary resettable combination lock. The structure of the lock is available to anyone who wishes to purchase one but the combination is chosen and set by the owner. If the owner suspects that the combination has been revealed he can easily reset it without replacing the physical mechanism. 1.22 Example (encryption scheme) Let M = {mi, m2, m3} and С = {с!,С2,сз}. There are precisely 3! = 6 bijections from M to C. The key space K. = {1,2,3,4,5,6} has six elements in it, each specifying one of the transformations. Figure 1.5 illustrates the six encryption functions which are denoted by E,, 1 < i < 6. Alice and Bob agree on a trans Figure 1.5: Schematic of a simple encryption scheme. formation, say E. To encrypt the message mi, Alice computes Ej (mi) = c_{3} and sends сз to Bob. Bob decrypts c_{3} by reversing the arrows on the diagram for E and observing that c_{3} points to mi. When M is a small set, the functional diagram is a simple visual means to describe the mapping. In cryptography, the set M is typically of astronomical proportions and, as such, the visual description is infeasible. What is required, in these cases, is some other simple means to describe the encryption and decryption transformations, such as mathematical algorithms. □ Figure 1.6 provides a simple model of a twoparty communication using encryption. Figure 1.6: Schematic of a twoparty communication using encryption. Communication participants Referring to Figure 1.6, the following terminology is defined.
Channels
One should note the subtle difference between a physically secure channel and a secured channel  a secured channel may be secured by physical or cryptographic techniques, the latter being the topic of this book. Certain channels are assumed to be physically secure. These include trusted couriers, personal contact between communicating parties, and a dedicated communication link, to name a few. Security A fundamental premise in cryptography is that the sets M.C. К, {E_{e}: e e /С}, {Д/: d e K.) are public knowledge. When two parties wish to communicate securely using an encryption scheme, the only thing that they keep secret is the particular key pair (e, d) which they are using, and which they must select. One can gain additional security by keeping the class of encryption and decryption transformations secret but one should not base the security of the entire scheme on this approach. Histoiy has shown that maintaining the secrecy of the transformations is very difficult indeed. 1.23 Definition An encryption scheme is said to be breakable if a thud party, without prior knowledge of the key pair (e, d), can systematically recover plaintext from corresponding ciphertext within some appropriate time frame. An appropriate time frame will be a function of the useful lifespan of the data being protected. For example, an instruction to buy a certain stock may only need to be kept secret for a few minutes whereas state secrets may need to remain confidential indefinitely. An encryption scheme can be broken by trying all possible keys to see which one the communicating parties are using (assuming that the class of encryption functions is public knowledge). This is called an exhaustive search of the key space. It follows then that the number of keys (i.e., the size of the key space) should be large enough to make this approach computationally infeasible. It is the objective of a designer of an encryption scheme that this be the best approach to break the system. Frequently cited in the literature are Kercklioffs’ desiderata, a set of requirements for cipher systems. They are given here essentially as Kercklioffs originally stated them:
This list of requirements was articulated in 1883 and, for the most part, remains useful today. Point 2 allows that the class of encryption transformations being used be publicly known and that the security of the system should reside only in the key chosen. Information security in general So far the terminology has been restricted to encryption and decryption with the goal of privacy in mind. Information security is much broader, encompassing such things as authentication and data integrity. A few more general definitions, pertinent to discussions later in the book, are given next. • An information security> senice is a method to provide some specific aspect of security. For example, integrity of transmitted data is a security objective, and a method to ensure this aspect is an information security service.
Cryptology
Cryptographic techniques are typically divided into two generic types: symmetrickey and publickey. Encryption methods of these types will be discussed separately in § 1.5 and §1.8. Other definitions and terminology will be introduced as required. 
<<  CONTENTS  >> 

Related topics 