Information Security. Mark Stamp

Information Security - Mark Stamp


Скачать книгу
alt="monospace JZDXGXXMOZQMSCSCJXBOVQXCJZMOJZCNSPJZHGXXMOSPLH"/> monospace JZDXZAAXZBXHCSCJXTCSGXSCJXBOVQX

      —ciphertext

      In this chapter we discuss some of the basic elements of cryptography. This discussion will lay the foundation for the remaining crypto chapters which, in turn, underpin much of the material throughout the book. We'll avoid mathematical rigor as much as possible. Nevertheless, there is enough detail here so that you will not only understand the “what″ but you will also have some appreciation for the “how″ and “why.″

      After this introductory chapter, the remaining crypto chapters focus on modern symmetric key cryptography, public key cryptography, and cryptographic hash functions. A handful of topics that are related to cryptography—but not exactly cryptography, per se—are also covered in later chapters.

      The basic terminology of crypto includes the following:

       Cryptology— The art and science of making and breaking “secret codes.″

       Cryptography— The making of “secret codes.″

       Cryptanalysis— The breaking of “secret codes.″

       Crypto— A synonym for any or all of the above (and more), where the precise meaning should be clear from context.

      A cipher or cryptosystem is used to encrypt data. The original, unencrypted data is known as plaintext, and the result of encryption is ciphertext. We decrypt the ciphertext to recover the original plaintext. A key is used to configure a cryptosystem for encryption and decryption.

Schematic illustration of crypto as a black box.

      For an ideal cipher, it is infeasible to recover the plaintext from the ciphertext without the key. That is, even if the attacker, Trudy, has complete knowledge of the algorithms used and lots of other information (to be made more precise later), she can't recover the plaintext without the key. That's the goal, although reality sometimes differs.

      A fundamental tenet of cryptography is that the inner workings of a cryptosystem are completely known to the attacker, Trudy, and the only secret aspect is a key. This is known as Kerckhoffs’ principle, which, believe it or not, is due to a guy named Kerckhoffs.

      In 1883, Kerckhoffs, a Dutch linguist and cryptographer, laid out six principles of cipher design and use [67]. The principle that now bears his name states (among other things) that a cipher “must not be required to be secret, and it must be able to fall into the hands of the enemy without inconvenience.″ This implies that the design of the cipher is not secret.

      Cryptographers will not deem a crypto‐algorithm to be worthy until it has withstood extensive public analysis by many knowledgeable cryptographers. The bottom line is that any cryptosystem that does not satisfy Kerckhoffs’ principle is suspect. In other words, ciphers are presumed “guilty″ until “proven″ innocent. Actually, no practical ciphers are proven secure, but there must be a solid body of cryptanalysis indicating that a cipher is not easy to break.

      Kerckhoffs’ principle is often extended to cover various aspects of security well beyond cryptography. In other contexts, this basic principle is usually taken to mean that the security design itself is open to public scrutiny. The belief is that “more eyeballs″ are more likely to expose more security flaws, and therefore ultimately result in a system that is more secure. Although Kerckhoffs’ principle (in both its narrow crypto form and in a broader context) seems to be universally accepted in principle, there are many real‐world temptations to violate this fundamental tenet, almost invariably with disastrous consequences. Throughout this book we'll see several examples of security failures that were directly caused by a failure to heed the venerable meneer Kerckhoffs.

      In the next section, we look briefly at a few classic cryptosystems. Although the history of crypto is a fascinating topic [61], the purpose of this material is to provide an elementary introduction to some of the crucial concepts that arise in modern cryptography. So, pay attention since we will see all of these concepts again in the next couple of chapters and in many cases, in later chapters as well.

      2.3.1 Simple Substitution Cipher

      First, we consider a particularly simple implementation of a simple substitution cipher. In the simplest case, the message is encrypted by substituting the letter of the alphabet n places ahead of the current letter. For example, with n equals 3, the substitution—which acts as the key—is given by

plaintext: a b c d e f g h i j k l m n o p q r s t u v w x y z
ciphertext: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

      where we've followed the convention that the plaintext is lowercase,


Скачать книгу