4.3.1 A first example Let’s construct an example of a perfectly secret encryption scheme based on these requirements. It will also help you get a grip on the ingredients of a symmetric cryptosystem given in the previous section. We want to encrypt the roman letters a,b,g by mapping them onto their counterparts in the greek…
4.4.2 Negligible probabilities As discussed earlier in this chapter, computational security allows having encryption schemes that Eve might break with some very small probability. As long as this probability is negligible, such schemes are considered secure. But how specifically small does a probability need to be to be considered negligible? In cryptography, this is precisely…
5.1 The identity concept Let’s recall from Chapter 2, Secure Channel and the CIA Triad that entity authentication is the ability to assure one communicating party – using fresh supporting evidence – of the identity of a second communicating party and to ensure that the second party was actually active when the supporting evidence was…
5.3 Message authentication versus entity authentication What happens if message authentication or entity authentication fails? We can answer this question by looking at Figure 5.2 again. There are two ways in which Eve can manipulate messages sent from Bob to Alice. Eve’s first option, illustrated on the left-hand side in Figure 5.2, is to break…
4.3.2 The one-time pad The prime example of a perfectly secret encryption scheme is the so-called one-time pad, also known as the Vernam cipher. It was first described by Frank Miller in 1882 and re-invented by Gilbert Vernam in 1917, who also patented the cipher in 1919. The original version of the Vernam cipher had…
5.4 Password-based authentication Password-based authentication is arguably the most common way used to authenticate humans to electronic devices. An average internet user has about 70 to 80 passwords to identify themself to websites they visit and services they use [130]. Most existing password schemes use time-invariant passwords. The user initially chooses a string of characters,…
5.5 Challenge-response protocols The working principle of cryptographic challenge-response protocols is illustrated in Figure 5.5. Claimant Bob proves his identity to verifier Alice by demonstrating that he knows a secret that, by design, is known only to Bob (and, potentially, Alice). However, unlike with basic password-based authentication, as shown in Figure 5.3, Bob does not…
5.5.1 Ensuring freshness In challenge-response protocols, the freshness of messages describes the property of being recent in the sense of originating subsequent to the beginning of the protocol run [117]. Time-variant parameters provide uniqueness and timeliness guarantees and prevent replay and interleaving attacks [117]. Non-repeating challenges can be generated very simply by using pseudorandom numbers…
5.5.2 Challenge-response using symmetric keys In challenge-response protocols using symmetric keys, the claimant and the verifier share a (typically high-entropy) secret K. An obvious approach to entity authentication is to send a nonce as a challenge RAND to the claimant and to expect the encrypted challenge as a response: RES = EK(RAND) (see Figure 5.6)….
5.5.3 Challenge-response using (keyed) one-way functions The second option in a symmetric challenge-response protocol is to use one-way or hash functions to compute the responses. The shared secret K is hashed together with the random challenge RAND (see Figure 5.8). How this is done will be discussed in detail in Chapter 11, Hash Functions and…
