Cryptography Reference
In-Depth Information
3.1.4
Theoretical security summary
We end this discussion of
theoretical security by summarising the main
points:
• Perfect secrecy captures the notion of an 'unbreakable' cryptosystem.
• A one-time pad provides perfect secrecy.
• There are many different ways of describing a one-time pad but the underlying
cryptosystem is essentially the same.
• A one-time pad always has the three properties described in Section 3.1.3.
• A cryptosystem with the three properties described in Section 3.1.3 is not
necessarily a one-time pad, since it must also have perfect secrecy. One of the
activities for this chapter encourages the design of such a cryptosystem.
In Section 3.1 we introduced the idea of perfect secrecy and noted that it provides
an ideal notion of confidentiality in the sense that no cryptosystem can do better
than perfect secrecy. We went on to exhibit various one-time pads, which are
cryptosystems that provide perfect secrecy. Should our study of cryptography, at
least for providing confidentiality, stop here?
It all sounds too good to be true, and it is. In this section we begin by explaining
why a one-time pad is not the answer to all our problems. This section, as a whole,
discusses the following conundrum:
a theoretically secure cryptosystem might not
be secure in practice, while a theoretically breakable cryptosystem might be secure
in practice
.
We start the justification of this statement by looking at the security of a
one-time pad in practice.
3.2.1
One-time pad in practice
There are a number of practical problems with using a one-time pad to encrypt
data. These are largely to do with key management. This makes them significant
problems, since one of the biggest challenges in making cryptography work in
real systems is providing the right key management support, as we will discuss in
much greater detail in Chapters 10 and 11.
KEY MANAGEMENT ISSUES WITH A ONE-TIME PAD
There are three key management issues that make a one-time pad a very
impractical cryptosystem to employ in real applications. These directly arise from
each of the three fundamental properties of a one-time pad (see Section 3.1.3):
