Cryptography Reference
In-Depth Information
(but mostly unusable). To my knowledge, there are still no reliable estimates
of the minimum effort a cryptanalyst has to invest to break a certain algo-
rithm. (This is the subject of so-called
complexity theory
.) Consequently,
the cryptographer has to test a new algorithm against all current cryptanalytic
methods and ideally guess the unconventional thoughts of an attacker. Since the
security of an algorithm is in the foreground, its cryptanalysis is the measure of
all things. Of secondary importance are criteria like fastness, easy implemen-
tation in hardware, etc.
This means that cryptography grows out of extensive
knowledge of cryptanalysis
. You have seen enough examples that confirm this
statement in Chapter 2. Just like theorem number One in cryptanalysis, '
the
adversary always knows your method
', there are two important theorems in
cryptography:
1. It is virtually useless to want to develop a good encryption algorithm if
you don't have a clue about cryptanalysis.
2. You will never make it on your own to exhaustively analyze an encryp-
tion algorithm. An algorithm should first be disclosed and then be dis-
cussed worldwide.
So a cryptographer always has to also be a cryptologist, i.e., to master crypt-
analysis.
Being more particular, the second point above holds true only for the part
of the world that's accessible to us, i.e., public cryptological research. One
example is the National Security Agency (NSA), for example.
NSA
is the
biggest employer of mathematicians in the world (unconfirmed estimates range
between 30 000 and 40 000 employees), and it is totally sealed off against the
outside. It goes without saying that the NSA employs the best cryptologists in
the world, who mutually review their developments. However, their algorithms
normally remain secret. The only exception might be the
Skipjack
algorithm of
the Clipper chip (see Section 5.7.5). We have no idea what level the knowledge
accumulated there has reached, but it's likely to be an unexpectedly high level.
3.2 Cryptanalytic Approaches
Suppose we have received a ciphertext and know the encryption method, as
agreed. How could we proceed?
•
We first need information on the plaintext, i.e., the goal to be achieved:
what language is the plaintext in (German, English, Chinese?); is it a file
