Cryptography Reference
In-Depth Information
hidden information. This is quite unlike cryptography, where an interceptor is
normally fully aware that data is being communicated because they can see the
ciphertext. Their problem in this case is that they cannot determine what data the
ciphertext represents.
Cryptography and steganography are used in quite different applications. They
can also be used together. In this case, steganography can be used to hide a
ciphertext. This creates two layers of security:
1. The first layer, steganography, tries to hide the fact that a ciphertext exists in
the first place.
2. In the event that this use of steganography is detected and the ciphertext
is found, the second layer, cryptography, prevents the plaintext from being
known.
We will not discuss steganography any further in this topic. While it does
potentially have niche applications, and might in some cases be regarded as a
potential threat to an information system, steganography is rarely employed to
secure information systems.
1.4.6
Access control
It is worth observing that there are in fact three different approaches that can be
taken to providing data confidentiality. The one that we are most interested in is
encryption, since this provides protection independently of the location where the
data resides. As we have just seen, steganography relies on 'hiding' the data. A third
approach is to control access to the (unencrypted) data.
Access control
is a major
topic in its own right. Indeed, much of our data is not protected through the use
of encryption, but rather through access control mechanisms on computers that
use a combination of software and hardware techniques to prevent unauthorised
users from accessing data.
Encryption can be regarded as a means of implementing a type of access
control, where only those with access to the appropriate decryption key can access
protected data. However, they are normally separate mechanisms. Indeed, just
as we saw for steganography, they can be used together to provide two separate
layers of security. Access control can be used to restrict access to data, which is
itself encrypted. Thus an attacker who manages to get around the access control
mechanism only manages to retrieve encrypted data.
1.4.7
Two types of cryptosystem
There are two different types of cryptosystem and understanding the differences
between them is crucial. The difference hinges on the relationship between the
encryption and the decryption key. In any cryptosystem these two values must
obviously be closely related since we cannot expect to be able to encrypt a plaintext
