4.3.1 A first example Let’s construct an example of a perfectly secret encryption scheme based on these requirements. It will also help you get a grip on the ingredients of a symmetric cryptosystem given in the previous section. We want to encrypt the roman letters a,b,g by mapping them onto their counterparts in the greek…
4.4.1 Asymptotic approach and efficient computation To account for future advances in computing technology, software or hardware optimized for a specific type of attack, and potential differences in the desired security level (e.g., average internet user versus government agency), modern cryptography uses a so-called asymptotic approach rooted in complexity theory [97]. The asymptotic approach treats…
5.1 The identity concept Let’s recall from Chapter 2, Secure Channel and the CIA Triad that entity authentication is the ability to assure one communicating party – using fresh supporting evidence – of the identity of a second communicating party and to ensure that the second party was actually active when the supporting evidence was…
5.1.1 Basic principles of identification protocols The simple exchange of a question and an answer between Alice and Bob described previously can be seen as a rudimentary identification protocol. We touched on this subject in Section 2.5, Authentication in Chapter 2, Secure Channel and the CIA Triad, and will now provide some more details. But…
4.4 Computational security Compared to information-theoretical security, the concept of computational security is weaker in the sense that such cryptographic schemes can, in principle, be broken if Eve has enough time and sufficient computational resources. However, the amount of computations needed to break a computationally secure scheme is so large that a break is absolutely…
5.1.2 Basic factors for identification In information security, there are three basic ways for a legitimate party, say Alice, to prove their identity: Often, these factors are combined in what is called multi-factor authentication. For example, to withdraw money from an ATM, you need your credit card (something you have), but you also need your…
5.5 Challenge-response protocols The working principle of cryptographic challenge-response protocols is illustrated in Figure 5.5. Claimant Bob proves his identity to verifier Alice by demonstrating that he knows a secret that, by design, is known only to Bob (and, potentially, Alice). However, unlike with basic password-based authentication, as shown in Figure 5.3, Bob does not…
5.5.1 Ensuring freshness In challenge-response protocols, the freshness of messages describes the property of being recent in the sense of originating subsequent to the beginning of the protocol run [117]. Time-variant parameters provide uniqueness and timeliness guarantees and prevent replay and interleaving attacks [117]. Non-repeating challenges can be generated very simply by using pseudorandom numbers…
5.5.2 Challenge-response using symmetric keys In challenge-response protocols using symmetric keys, the claimant and the verifier share a (typically high-entropy) secret K. An obvious approach to entity authentication is to send a nonce as a challenge RAND to the claimant and to expect the encrypted challenge as a response: RES = EK(RAND) (see Figure 5.6)….
6.2 Early web browsers At this point in time, two types of browsers were available to the early users of the WWW. The original browser developed by Berners-Lee had more sophisticated features but could only run on NeXT machines. The line-mode browser, on the other hand, could run on any platform but had fewer features…
