Cryptography Reference
In-Depth Information
12
. Consider the following three possible strategies for designing modern encryp-
tion algorithms. These are to base the security of the algorithm on:
(a) a well-studied computational problem that is not believed to be possible to
solve based on computation that can be conducted in polynomial time;
(b) a known, but poorly studied, computational problem that is not believed
to be possible to solve based on computation that can be conducted in
polynomial time;
(c) making the description of the encryption algorithm so complex that it is not
clear what problem it is necessary to solve in order to break it.
Discuss the advantages and disadvantages of each of the above approaches,
keeping in mind that most modern encryption algorithms are designed using
the first strategy.
13
. A much-quoted indicator of improvements in computer capability over time is
Moore's Law.
(a) After whom is this law named?
(b) Precisely what did Moore originally 'predict'?
(c) What other aspects of computer performance should be taken into account
when attempting to predict future computer capability?
(d) How do people regard Moore's Law as having stood the test of time and
what is its own predicted future?
14
. Suppose that you have been asked at work to recommend the strength of
encryption needed to protect the contents of a database. Draw up a list of
some of the questions that you think you will need to answer before you
can meaningfully attempt to establish a notion of practical security for this
application.
15
.
It is impossible to secure a cryptosystem against attacks that we do not know
about. However, unforeseen attacks may well materialise, for example, through
new improvements in cryptanalysis. What strategy might you adopt for trying
to minimise your exposure to the risks of unforeseen attacks in terms of things
you might do or procedures you might put in place?
