Cryptography Reference
In-Depth Information
Table 1.3:
Basic properties and terminology for keys in the two types of cryptosystem
Relationship between keys
Encryption key Decryption key
Symmetric cryptosystems
same key
symmetric
symmetric
Public-key cryptosystems
different keys
public
private
in the box. However, the receiver does need a key to open it. This is almost
analogous to public-key cryptosystems. We say 'almost' analogous because,
to make this analogy strictly accurate, we have to assume that the ability of
anyone to lock the box without a key is 'equivalent' to having a key to lock the
box that is made available to anyone who wants it.
We note that the term
secret key
is rather ambiguous, since it is often applied to
both symmetric and private keys. We thus reserve the use of this term to situations
where we we refer to either (or both) symmetric and private keys (mainly in
Chapter 10). The relationship and terminology for encryption and decryption
keys in the two types of cryptosystem is summarised in Table 1.3.
The ability to make encryption keys public makes the concept of public-key
cryptography seem extremely attractive for a number of different applications.
However, public-key cryptography comes with its own set of problems and one
of the aims of this topic is to explain the various advantages and disadvantages of
using symmetric and public-key cryptosystems. As we will learn later, symmetric
and public-key cryptosystems are often both implemented and used together in
real information systems.
We now consider what resources it is reasonable to assume that an attacker
of a cryptosystem has access to. We begin by looking at standard assumptions
and attack models. We then have a short discussion about the extent to which
revealing the details of the encryption algorithm might affect the security of a
cryptosystem.
1.5.1
Standard assumptions
In order to assess the security of a cryptosystem we must first establish exactly
what assumptions we are making about potential attackers of the cryptosystem.
Identifying assumptions about the capabilities of attackers is standard practice
in all areas of information security and forms part of the larger process of
