Cryptography Reference
In-Depth Information
it on another system, I convinced myself to forget it at all cost in order not to
bring its vendor to the gallows. Hopefully, no slouch hat will be ringing at my
door for mentioning it here.
This unrealistic behavior was typical for NSA's security policies. We will come
across this issue at several places in this topic.
Nowadays, password security under UNIX and Linux is based on other algo-
rithms, such as Blowfish or hash functions.
2.6 The Only Safe Method: One-Time Pads
So far, we haven't discussed one single encryption algorithm without showing,
at least rudimentarily, how it can be broken. Though you are likely to come
across statements like 'provably secure method' in publications, don't buy
it: rather than proving that their method is secure, the authors normally just
attribute it to another one that hasn't been broken yet (and often to the problems
of factoring large numbers, or calculating the discrete logarithm; more about
these issues in Section 4.5).
'Is there such a thing as a secure encryption method?', you'll probably ask. Yes,
there is, and it's called a
one-time pad
. The method is very easy to describe.
It's a polyalphabetic cipher with infinite period. In other words, we select a
key which is at least as long as the plaintext:
ANEXTREMELYLONGANDCOMPLETELYRANDOMLYSELECTEDKEY
THEPLAINTEXTISSOMEWHATSHORTER
Superimposed characters are added (as in the Caesar cipher described earlier):
A corresponds to 0, B to 1, Z to 25, and if the sum grows larger than 25,
we deduct 25 to once more obtain a number that can be translated back into
a letter:
ANEXTREMELYLONGANDCOMPLETELYR
+ THEPLAINTEXTISSOMEWHATSHORTER
= TUIMERMZXPVEWFYOZHYVMIDLHVECI
The receiver is (hopefully!) the only one who also knows the key and subtracts
it from the ciphertext:
