Chapter 12
Cryptography Explained
In this chapter
·
Mathematics of encryption
·
Cryptanalysis: how encryption systems are "broken"
·
Theory of strong symmetric algorithms
·
Detailed descriptions of the DES and AES algorithms
·
Theory of public key encryption
·
Detailed description of the RSA algorithm; details of other public
key algorithms
·
Digital signatures
·
Quantum cryptography
Creating and implementing
good cryptography is subtle and difficult, because the goals of a cryptographic
algorithm seem to conflict with each other. We want to construct an algorithm
that is easy for the legitimate sender and receiver to operate, but
difficultbordering on impossiblefor the malicious interceptor to break. As we
noted in Chapter 2, the interceptor can
use any kind of attack to try to break the encryption: find a weakness in the
algorithm, deduce or coerce or guess a key, determine the decryption of a
single message or a whole flood of transmissions, exploit a flaw in the
algorithm's implementation, or even cut and paste encrypted text without
actually knowing the underlying plaintext. Although cryptography is arguably
the most important tool a security expert has available, failed or flawed
cryptography can give the false illusion of security. For these reasons, the
security expert should have both a solid understanding of cryptography and a
healthy respect for what can go wrong with its use. This chapter gives you that
understanding by explaining in detail the mathematics underpinning different
encryption schemes.
If there is one lesson to be
learned from the history of cryptography, either before or after
computerization, it is that cryptography is best left to experts. By learning
the material in this chapter, you will have an advanced understanding of
cryptography. But be mindful that understanding is not the same as mastery. You
need to learn more than this book offers to appreciate cryptography's subtlety.
At the end of the chapter, we recommend several references to help you on your
way to mastery, should you be interested in it. The information presented in Chapter 2 described the basic concepts of
cryptography, addressing what you need to know to understand how to use
cryptography in various kinds of security controls. In this chapter, we look
more closely at the how and why, not just the what.
Solid cryptography is based
on results generated by the disciplines of mathematics and formal computer
science. Thus, this chapter begins with discussion from these fields, with
enough detail for you to understand the cryptography but not so deep as to be
far beyond the scope of this book. Then we progress to the two branches of
cryptography introduced in Chapter 2 :
symmetric (single, secret key), and asymmetric (public key) algorithms. We
present details of the DES, AES, and RC- series of symmetric systems, and the
knapsack, RSA, and El Gamal asymmetric systems. We conclude with quantum
cryptography, an interesting but futuristic approach with some emerging commercial
products; it is new and relatively untested, but it is likely to appear in
actual cryptosystems in the next few years.
Related Topics
Privacy Policy, Terms and Conditions, DMCA Policy and Compliant
Copyright © 2018-2024 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.