List of posts

 List of posts

  1. Crypt(?)
  2. Principles
  3. Symmetric vs. asymmetric encryption
  4. Unconditional vs. conditional security
  5. Perfect secrecy and the One Time Pad (OTP)
  6. Cryptographic hash functions


Comments

Post a Comment

Popular posts from this blog

Perfect Secrecy and the One Time Pad (OTP)

Image
I have explained unconditional  (or  information-theoretical)  security in my previous post (see Unconditional vs. Conditional Security ). As I have mentioned there, we can refer to unconditional security in the context of various cryptographic primitives, among which the  encryption schemes (see Symmetric vs. Asymmetric Encryption ). An encryption scheme that is information-theoretically secure provides  perfect secrecy (see, e.g., [1]) ,  because the  ciphertext  perfectly  hides  the  plaintext.  In other words, the adversary has the same probability to correctly indicate the message  m  regardless if he/she knows the corresponding ciphertext  c.  Hence, the knowledge of the ciphertext gives no new information about the plaintext. We ignore the length of the message - which, of course, is exposed - and assume that all the possible messages are equally long. More rigorously, the  a-posteriori  probability  Pr[M=m/C=c]  to guess the plaintext  m  ( a - posteriori  in the sense that
Read more

Principles

Image
  There exist many  principles  in information security. By  principle  I understand some general guidelines or best practices one should be aware of and apply when designing/implementing/configuring/etc. secure systems (You might sometimes find sources that refer to the components of the  CIA Triad  - see Crypt(?)   -  as principles; that is not what this post is about). I also use the term  principle  to follow the first in line:  Kerckhoff's principle, which is  maybe the most known principle in cryptology.  The list is not exhaustive, but I think it is a good selection. Also, keep in mind that implementing one principle depends on the situation (goal, costs, trade-off with other aspects such as efficiency and usability, etc.). Kerckhoffs's principle is the second in a list of six principles specified by A.Kerckhoffs in his paper entitled La Cryptographie Militaire , published in 1883 [1]. The article is available online . The principle states that a cryptosystem should
Read more

Unconditional vs. Conditional Security

Image
The cryptographic constructions (also referred to later on as cryptographic schemes) are built to stand against  adversaries  that mount intentional  attacks  (see  Crypt(?) ).  In general, we aim for powerful adversaries: a cryptographic construction that stands against one adversary also stands against  weaker  adversaries (i.e., adversaries with less capabilities). So, the stronger the adversary is, the better (i.e., more secure) the scheme is. The most powerful adversary we can think of is  unbounded  in the sense that he/she can use infinite resources (e.g., unlimited computational power and time). A cryptographic construction that fully stands against an unbounded adversary is called  unconditionally secure  or  information-theoretically secure.  Examples of  information-theoretically secure  schemes include  One Time Pad (OTP) [1]   and  Shamir's secret sharing scheme  [2 ] . Information-theoretical security is a strong concept that sometimes (in fact, most of the time!) can
Read more