Cryptography Reference
In-Depth Information
3.8 Bottom Line
If you've made it through this chapter, you learned a thing or two about crypt-
analysis. You have seen that there are no limits to imagination in cryptanalysis
(and you will learn more and unusual methods later on). In contrast to the
subliminally suggested opinion that cryptanalysis depends only on the method,
you know at least since Section 3.6.4 that the plaintext to be expected can also
play a role.
There is no such thing as a general 'theory of cryptanalysis'. The cryptanalyst's
principle is to exploit available vulnerabilities. This is somewhat chaotic from
the outset. The vigcrack program discussed in Section 3.6.3, which includes
the expected-plaintext spectrum in its considerations, has the only touch of
universality in this chapter.
You can surely guess how to give an attacker a hard time: you'd have to
combine or modify methods in unusual ways, use exotic plaintext (for example,
one you created with your own compression method), and similar things. I
intentionally write this in the subjunctive for two reasons:
First, it could backfire — 'improving' a good method almost always means
correcting mistakes into it.
Second, algorithms are used in mass-market products nowadays. There
is no longer such a thing as 'individual variation', and attacking an algo-
rithm is always rewarding. Something you could call 'new' would be a
user-specific variation and combination of methods, but these methods
would then have to be as secure as the original algorithm. And this is
the very aspect in which the theoretical background is problematic.
But all complications a cryptanalyst has to deal with are gray theory, because
practice still helps him often enough. For example, the radio communications
of some US cell phones are encrypted using a 160-bit Vigenere key at the
NSA's request. Do you have any idea how it is cracked? More about this sort
of 'practice' in Section 6.7.
Search WWH ::




Custom Search