4.3.1 A first example Let’s construct an example of a perfectly secret encryption scheme based on these requirements. It will also help you get a grip on the ingredients of a symmetric cryptosystem given in the previous section. We want to encrypt the roman letters a,b,g by mapping them onto their counterparts in the greek…
4.4.1 Asymptotic approach and efficient computation To account for future advances in computing technology, software or hardware optimized for a specific type of attack, and potential differences in the desired security level (e.g., average internet user versus government agency), modern cryptography uses a so-called asymptotic approach rooted in complexity theory [97]. The asymptotic approach treats…
4.4.2 Negligible probabilities As discussed earlier in this chapter, computational security allows having encryption schemes that Eve might break with some very small probability. As long as this probability is negligible, such schemes are considered secure. But how specifically small does a probability need to be to be considered negligible? In cryptography, this is precisely…
4.5 Pseudorandomness Computational security is built on the concept of pseudorandomness, the idea that bit strings (that is, ciphertexts) can look completely random even though they are not. Pseudorandomness enables us to build (computationally) secure symmetric encryption schemes where a relatively short key, let’s say 128 bits long, is used to securely encrypt multiple terabytes…
4.5.1 Stream ciphers Using a pseudorandom generator, we can construct a symmetric cryptosystem, shown in Figure 4.9. By looking closely at the lower part of the figure, you’ll recognize that this cryptosystem emulates the one-time pad encryption discussed earlier in this chapter. However, unlike the original one-time pad, this encryption scheme uses a short truly…
4.5.3 Pseudorandom functions and chosen-plaintext attacks Being secure against passive eavesdropping is oftentimes not enough in practice. Encryption schemes must also be secure against so-called chosen-plaintext attacks. In a nutshell, a chosen-plaintext attack describes the situation where Eve can ask Alice or Bob to encrypt multiple messages of Eve’s choice, and do so in an…
5.1 The identity concept Let’s recall from Chapter 2, Secure Channel and the CIA Triad that entity authentication is the ability to assure one communicating party – using fresh supporting evidence – of the identity of a second communicating party and to ensure that the second party was actually active when the supporting evidence was…
5.1.1 Basic principles of identification protocols The simple exchange of a question and an answer between Alice and Bob described previously can be seen as a rudimentary identification protocol. We touched on this subject in Section 2.5, Authentication in Chapter 2, Secure Channel and the CIA Triad, and will now provide some more details. But…
4.4 Computational security Compared to information-theoretical security, the concept of computational security is weaker in the sense that such cryptographic schemes can, in principle, be broken if Eve has enough time and sufficient computational resources. However, the amount of computations needed to break a computationally secure scheme is so large that a break is absolutely…
5.1.2 Basic factors for identification In information security, there are three basic ways for a legitimate party, say Alice, to prove their identity: Often, these factors are combined in what is called multi-factor authentication. For example, to withdraw money from an ATM, you need your credit card (something you have), but you also need your…
