Cryptography Reference
In-Depth Information
that are conjectured to be one way) in widespread use: the discrete exponen-
tiation function, the RSA function, and the modular square function. All of
these functions are overviewed and discussed in Section 7.2. The fact that it is
currently not known how to efficiently invert these functions gives us a good
feeling when we use these functions in higher level cryptographic systems and
applications. Unfortunately, we don't know how justified this feeling really
is. If somebody found an algorithm to efficiently invert a candidate one-way
function, then many deployed cryptographic systems and applications would
become totally useless.
•
In many cryptographic systems and applications, cryptographic hash functions
(i.e., hash functions that are one way and weak or strong collision resistant)
are used and play a fundamental role. This is particularly true for digital
signatures with appendix and corresponding DSSs. If one can make the
idealized assumption that a cryptographic hash function behaves like a random
function, then one is often able to prove security properties for cryptographic
systems that one is not able to prove without making this assumption (the
corresponding proofs are then valid in the so-called random oracle model). In
spite of their fundamental role in cryptography, there are not many practically
relevant cryptographic hash functions to choose from (see Section 8.3 for a
corresponding overview). In fact, most cryptographic hash functions in use
today follow the Merkle-Damgard construction (i.e., they iteratively apply
a compression function to the blocks of a message). There are only a few
alternative proposals to design cryptographic hash functions. One possibility
that is being looked into more seriously for message authentication is universal
hashing. It is possible and likely that more alternatives for the design of
cryptographic hash functions will be developed and proposed in the future.
•
Most cryptographic systems in use today employ random bits (or random
numbers, respectively) in one way or another. Consequently, random bit gen-
erators have many applications and play a fundamental role in contemporary
cryptography. There are various types of hardware-based and software-based
random bit generators that are used in practice (see Section 9.2 for a cor-
responding overview). In either case, it is important to test the statistical
randomness properties of the output of a random bit generator before it is
actually used. Many random bit generators have statistical deficiencies that
are surprisingly simple to find and exploit.
