Cryptography Reference
In-Depth Information
algorithms whose security we know little or nothing about. 'Security' means
almost always: we haven't found a vulnerability so far, but who knows whether
somebody found one long ago and just didn't tell us about it. Security that is
both theoretically provable and practically usable is still the pipe-dream of
all cryptologists today, even though we may quite reasonably trust modern,
thoroughly studied algorithms.
In contrast, interested outsiders encounter problems with the large choice of
algorithms, theoretical findings from analyses, and difficult cryptographic pro-
tocols. The significance of good methods cannot be appreciated enough. The
'information society' needs to have a totally new security awareness; the risks
are different and sometimes even much greater than in the physical world. One
thing is for sure: not knowing about cryptology can only make things worse.
You will find plenty of hair-raising examples in this topic.
All the mystery-mongering, the imponderabilities and their particular signifi-
cance make cryptology very different from other fields of knowledge. Cryptol-
ogy is an adventure we will try to unlock in this topic.
1.1 Should You Read This Topic?
This is not a textbook. It is by no means complete, and it isn't particularly math-
ematical either (at least not more than absolutely necessary). If you have some
background knowledge and want to delve deeper into cryptology, I recommend
the seminal work of Schneier [SchnCr], but this is a hefty tome of more than
800 pages. Nevertheless, the author refers to the literature frequently enough
when it comes to the details (more than 1653 quotations!). Or perhaps you are
looking for an easier way to first get to grips with the basics in cryptology:
What does it actually research? What is known so far? What is it good for?
How can I benefit from it? If you are intrigued by these questions, you may
want to have a go at this topic. If you make it to the very end, you will hope-
fully have found answers to these questions. And you should have a rough idea
of how the security of methods and protocols is evaluated, and what to think of
the findings. You will know how many fields belong to cryptology (and which
don't), how much inventiveness cryptanalysts put into their work, and how little
we know in spite of it all; many statements in this topic are only suppositions.
Cryptological knowledge can prove very useful in practice. With basic knowl-
edge, if somebody tries to talk you into buying a product by simply stating that
'nobody will reveal the data because they are encrypted', you will not buy it.
Modern ciphering devices and ciphering programs should have freely usable
