Cryptography Reference
In-Depth Information
The organisation is also able, through the TKC, to check the contents of secure
email sent from their employees, which is sometimes a requirement (for example,
for checking for malware or other undesirable content).
In this chapter we examined a number of cryptographic applications. Each of
these applications varied in terms of the cryptographic services that it required
and the constraints within which it operated. For each of these applications we
identified the cryptographic requirements, detailed the cryptography deployed and
discussed the appropriate key management. We examined these applications in a
fairly consistent manner, with the intention that this same methodology could be
used to analyse the cryptographic design of other applications that we have not
covered in this chapter.
Hopefully this examination of some important applications of cryptography has
provided a good illustration of the fundamental principles that were outlined in the
earlier chapters. Of particular importance are the following general issues that should
have been made clear during our analysis:
• Applications tend to aim for 'sufficient' security rather than 'best' security. The
use of cryptography often represents both a computational and/or usability
overhead, hence it should not be needlessly deployed in order to provide
security services that are not required.
• As we have seen throughout our discussions, security and efficiency often
have to be traded off against one another. Getting the right balance is not
always easy. The development of several of the applications that we have
examined show that designers are often forced to readjust this balance over
time. Naturally enough, the tendency is (to err) towards efficiency in early
versions of cryptographic applications.
• Application constraints play an important role in cryptographic design. They
often dictate both the cryptography deployed and the ways in which keys are
managed.
• The use of proprietary cryptographic algorithms comes with a degree of risk.
While many applications initially adopted proprietary cryptographic algorithms
for legitimate reasons, in a number of high-profile cases the underlying
primitives were reverse-engineered and found to contain flaws. In most cases
these early versions have been replaced by systems using publicly known
algorithms.
• Despite the wide variety of cryptographic algorithms that have been designed
and made publicly available, only a very select few are deployed in real
applications.
• Symmetric cryptography remains the preferred choice for most applica-
tions. Public-key cryptography is selectively deployed only when the key
