27-09-2012, 05:10 PM
Recent developments in cryptography
Recent developments in cryptography.docx (Size: 31.55 KB / Downloads: 24)
Abstract.
Modern information protection methods can only be effective if an almost impossibly wide range of conditions is met. Proper
cryptography is one of these conditions. This article reviews some recent
cryptographic development, but focuses on understanding the cryptographic decision making process.
Introduction
This article reviews some recent trends and developments in cryptography. Understanding the impact of the latest advances in cryptography is necessary to
achieve and maintain adequate information security, but it is by no means suffi-
cient: cryptography is not the solution to anybody’s security problems, it is just
one of its many ingredients.
Cryptography is a mathematical discipline and as such a subject where nonspecialists can easily feel overwhelmed. All too often cryptographic tools are
described in terms that are beyond the grasp of even well-informed security
managers. Also if plain language is used, it is not always obvious how it should
be interpreted. Examples abound. Application of a cryptographic method that
is heralded as ‘provably secure’ does in general not lead to a system that cannot
be broken into. Neither does the latest announcement of a ‘broken cryptographic
standard’ imply immediate practical vulnerabilities.
The target audience of this paper consists of higher level security managers
and officers who have a broad range of decision making responsibilities. The
purpose is to help them get a proper understanding of the practical implications
and relevance of cryptographic developments that have recently caught widerthan-usual attention. Thus, for instance, an attempt is made to explain what
‘provably secure’ may stand for, and why usage of ‘broken’ systems does not
necessarily lead to immediate disasters. Also, attention is paid to the reasons
behind the upcoming abolishment of the Data Encryption Standard (DES) and
the subsequent introduction of the Advanced Encryption Standard (AES).
The list of non-cryptographic security related issues not treated in this paper
is virtually endless. At the highest level, and often overlooked, is the definition
of a suitable trust model. Without it the entire concept of ‘information security’
does not make sense, and auditing becomes impossible. At the opposite end of the
spectrum one finds the users and the password selection problem. A satisfactorysolution to the latter requires cooperation of the entire user community – not
the least reason why security is an elusive objective. Enforcing the multitude
of security related policies is probably the least enviable task of the security
manager. This article offers no solution to this problem – or to any problem for
that matter – only the observation that users tend to follow the rules better if
they understand what the rules are supposed to be good for – just as the sequel
is meant to make some of those arcane cryptographic schemes more palatable.
A conservative security design should avoid any method that has not yet been
subjected to many years of public scrutiny. Newfangled or proprietary schemes
are therefore not discussed; only middle-of-the-road and well-publicized cryptographic issues are discussed in this article. Many of these methods have been
standardized, usually after a lengthy period of public review. This is just one of
the reasons why compliance with the ‘standards’ can in general be recommended.
Other reasons include compatibility, off-the-shelf availability – the average company cannot be expected and should not attempt to write its own cryptography
or security related software and system integration – and rapid dissemination
of and recovery from security problems. Unfortunately, also the choice between
different standards-compliant vendors can be bewildering. This article should
provide some help to properly evaluate vendor proposals and to pose the right
questions while deciding what cryptography to use.
This article is organized as follows. Section 2 explains that modern cryptography combines two rather different techniques, namely symmetric and asymmetric
cryptographic methods, and lists the currently most popular methods for both.
Some of the recent developments regarding symmetric and asymmetric cryptography are further discussed in Sections 3 and 4, respectively. Background for
most material presented in this article and references can be found in [12, 15].
Modern Cryptography
Classical cryptography is mostly concerned with confidentiality of communications, achieved by so-called symmetric cryptosystems. In a symmetric cryptosystem each pair of communicating parties agrees in advance upon a particular
method of encryption and decryption. Often all participants use the same fast
textual transformation method. But each pair of participants shares a certain
unique and hard to guess ‘key’ that, when used in combination with the transformation method, results in encryptions that are inaccessible to anyone who does
not have the proper key, even if the transformation method itself is known. The
latter assumption is known as Kerkhoffs’ assumption: the strength of a system
should never be based on secrecy of the transformation method.
The requirement that each pair of communicating parties shares the same
symmetric secret key makes it impossible to directly apply classical cryptography to internet based communications: how is someone supposed to agree on
a shared secret key with any other party on the internet that one happens to
be communicating with? This problem is solved using public key cryptography
by means of so-called asymmetric cryptosystems, as briefly described below. Al-
2though much slower than symmetric cryptosystems, they can be used, among
others, to establish a shared symmetric secret key between any two parties. Next,
once the shared key is established, the parties may use a symmetric cryptosystem
to exchange their messages.