4.3.1 A first example Let’s construct an example of a perfectly secret encryption scheme based on these requirements. It will also help you get a grip on the ingredients of a symmetric cryptosystem given in the previous section. We want to encrypt the roman letters a,b,g by mapping them onto their counterparts in the greek…
4.5.1 Stream ciphers Using a pseudorandom generator, we can construct a symmetric cryptosystem, shown in Figure 4.9. By looking closely at the lower part of the figure, you’ll recognize that this cryptosystem emulates the one-time pad encryption discussed earlier in this chapter. However, unlike the original one-time pad, this encryption scheme uses a short truly…
4.4 Computational security Compared to information-theoretical security, the concept of computational security is weaker in the sense that such cryptographic schemes can, in principle, be broken if Eve has enough time and sufficient computational resources. However, the amount of computations needed to break a computationally secure scheme is so large that a break is absolutely…
4.3.2 The one-time pad The prime example of a perfectly secret encryption scheme is the so-called one-time pad, also known as the Vernam cipher. It was first described by Frank Miller in 1882 and re-invented by Gilbert Vernam in 1917, who also patented the cipher in 1919. The original version of the Vernam cipher had…
Modern operating systems such as Linux use hash functions to store the hash values of passwords rather than the passwords themselves. The rationale is that even if an attacker gets hold of a hashed password, they cannot use it to log in as the victim because the password system requires the plaintext password. Moreover, because…
5.4.3 Disadvantages of password-based authentication In the previous section, we learned of several disadvantages of password-based authentication related to password storage. It turns out that passwords have even more drawbacks related to usability, time invariance, and human psychology. From a usability perspective, the user must be able to correctly enter the password and, thus, successfully…
5.5.1 Ensuring freshness In challenge-response protocols, the freshness of messages describes the property of being recent in the sense of originating subsequent to the beginning of the protocol run [117]. Time-variant parameters provide uniqueness and timeliness guarantees and prevent replay and interleaving attacks [117]. Non-repeating challenges can be generated very simply by using pseudorandom numbers…
5.5.3 Challenge-response using (keyed) one-way functions The second option in a symmetric challenge-response protocol is to use one-way or hash functions to compute the responses. The shared secret K is hashed together with the random challenge RAND (see Figure 5.8). How this is done will be discussed in detail in Chapter 11, Hash Functions and…
The very first SSLv1 draft had no integrity protection at all. In subsequent revisions of that draft, a Cyclic Redundancy Check (CRC) was added. This, however, didn’t solve the message integrity problem because CRC was originally designed as an error-detection code to detect accidental bit flips in communication messages. Unlike cryptographic hash functions, CRCs are…
6.2 Early web browsers At this point in time, two types of browsers were available to the early users of the WWW. The original browser developed by Berners-Lee had more sophisticated features but could only run on NeXT machines. The line-mode browser, on the other hand, could run on any platform but had fewer features…
