Cryptography Reference
In-Depth Information
4.2.3
The impact of errors
One of the aspects that differs between stream and block ciphers is the impact of
errors. It is thus worth first discussing the different types of error that could occur
in a communication system:
Transmission errors
are errors that occur in the communication channel.
A 1-bit transmission error occurs if a 0 becomes a 1, or a 1 becomes a 0,
somewhere on the communication channel. This is sometimes referred to as a
bit-flip
.
Transmission losses
occur when bits get lost in the communication channel.
A 1-bit transmission loss occurs if one bit of data is lost in the communication
channel, but both the previous and the subsequent bits are correctly received.
Computational errors
are errors that occur somewhere during a (cryptographic)
computation. A 1-bit computational error occurs if the output of a crypto-
graphic computation results in an incorrect 1 instead of a correct 0, or an
incorrect 0 instead of a correct 1.
Transmission errors and losses are probably the most commonly encountered of
these errors. Indeed, in environments where data is sent over potentially noisy or
unreliable channels, both of these errors may be expected.
All of these types of error are potentially bad news for a cryptosystem. However,
cryptosystems differ in the extent to which these errors cause problems. We
say that
error propagation
has occurred if a number of errors in the ciphertext
(regardless of error type) result in a greater number of errors in the resulting
plaintext. In the simplest case of a 1-bit error in the ciphertext, error propagation
occurs if this has an impact of more than one erroneous bit in the resulting
plaintext.
In general, error propagation is regarded as a bad thing since it represents an
escalation of the number of errors when we convert the damaged ciphertext into
plaintext. However, there are situations where this impact could have positive
benefits. For example, suppose encryption is being used to protect some financial
data but no additional data integrity mechanisms are being used. If there is no
error propagation then a 1-bit error in the ciphertext will probably result in a
1-bit error in the plaintext. This might not be easily noticeable to the receiver but
it could have massive impact on the meaning of the plaintext (for example, some
crucial transaction figuremight be altered on a balance sheet). If error propagation
occurs then the plaintext errors are much more likely to be noticed (for example,
the number on the balance sheet is significantly out of expected range). Note,
however, that such reliance on error propagation in order to provide a very weak
notion of data integrity is extremely unadvisable. It would be much safer to use a
proper data integrity mechanism rather than rely on error propagation to provide
this very weak notion of data integrity. We will discuss suitable mechanisms in
Chapter 6.
