CSCE 313 Lecture 24

« previous | Thursday, April 19, 2012 | next »

Encryption

Closed Design: Everything (algorithm and key kept secret)

Open-Design:

1. Key exchanged by private means
2. Message composed
3. Message encrypted
4. Message sent over public channel (attacker cannot read)
5. Message received and decrypted

Encryption algorithm takes a message and a key, and produces ciphertext

• Needs to be efficient
• Most encryption schemes can be broken, but depends on resources
• Longer key is often more secure (${\displaystyle 2^{n}}$ possible keys where ${\displaystyle n}$ is length)

Breaking Encryption

Depends on what you have

• Ciphertext: exhaustive search until "recognizable plaintext"
• Plaintext and Ciphertext: find out what it takes to get from plain to cipher, and vice-versa
• Algorithm: figure out what the key is

Models of Security

• Unconditional security: perfect secrecy; impossible to crack
• Complexity-theoretic security
• Provable security: breaking algorithm would require solving an unsolved problem
• Computational security: takes a long long time to break

Types of Cryptography

• Hash functions: no key
• Secret key (symmetric): one key used for encryption and decryption
  • crypt command in Linux
  • challenge-response: send r, verify returned encrypted {r}
  • send message integrity code (checksum) with message
• Public key (asymmetric): two keys (public, private)
  • encryption(public)/decryption(private) or signing(private)/verification(public)