Encryption Notes

From CSEP590TU
Revision as of 05:24, 8 November 2004 by John.naegle (talk | contribs) (Quotes)

Jump to: navigation, search

Overview

  • An encryption scheme is sometimes refered to a cipher
  • "Having transformations which are very similar but characterized by keys means that if some particular encryption/decryption tranformation is revealed, then one does not have to redsign the entire scheme but simply charge the key" [1] (page 12)

Quotes

  • "The level of information security sought in any particular situation should be commensurate with the value of the information and the loss, financial or otherwise, that might occur" [2]
  • "Cryptography, over the ages, has been an art practised by many who have devised ad hoc techniques to meet some of the information secuirty requirements" [3] (page 6)
  • "The objectives of information security cannot solely be achived through mathematical algorithms and protocols alone, but required procedural techniques and abidance of laws to achive the desired result" [4] (page 2)
  • "One can gain additional security by keeping the class of encryption and decryption transformation secret but one should not base the security of the entire scheme on this approach. History has sown that maintaining the secrecy of the transormation is very difficult indeed." [5] (page 14)

Uses of Encryption

Information Security

Objectives

Information has many objectives.

    • Privacy
    • Data Integrity
    • Entity Authentication (Identification)
    • Message Authentication
    • Signature
    • Authorization
    • Validation
    • Access Control
    • Certification
    • Timestamping
    • Witnessing
    • Receipt
    • Confirmation
    • Ownership
    • Anonymity
    • Non-repudiation
    • Revocation [6] (page 3)
  • Cryptography isn't the only means of providing information security, but rather one set of techniques [7] (page 4)
  • The digital age has changed information security dramatically. In the paper age, making thousands of indistinguishable copies copies of was much more difficult. In a digitial society, a means to ensure information security that is independent of the physical medium is required - security must rely on the digital information itself.[8] (page 3). Alteration and creation of digitial data is also easy.

Mathematics

  • Intractable problems provide the fundamentals Cryptography systems
  • Bijections are used as the tool for encrypting messages and the inverse transformations are used to decrypt [9] (page 8)
  • A one-way function from X to Y is "easy" to compute for all x in X, but "hard" to find any x in X such that f(x) = y for essential all elements y in the range of f for X. [10] (page 8)
    • I didn't do a very good job transcribing that. (JSN)
    • I tend to think of rolling a large rock down a steep hill. (JSN)
  • A trapdoor one-way function is a one-way function, that, given some extra information it becomes feasible to find for any given y an x such that f(x) = y.
    • Integer factorization
    • None one has yet definitvely proved the existence of such functions
    • The basis for public-key crptography

Types of Encryption

Public Key Cryptography

Symmetric-key Encryption

Attacks

  • An adversary
  • An unsecured channel is one where an adversary can reorder, delete, insert or read
  • A secured change is one where an adversary can not reoder, delete, insert or read
Retrieved from "http://cubist.cs.washington.edu/CSEP590TU-wiki/index.php?title=Encryption_Notes&oldid=1566"