Cryptography Reference
In-Depth Information
of argumentation may be a little bit exaggerated, but digital signatures and
DSSs certainly play a crucial role in the provision of nonrepudiation services.
Consequently, digital signatures, DSSs, and digital signature legislation are
very important and timely topics from a practical point of view.
•
Many cryptographic protocols have been developed, proposed, implemented,
and partly deployed. Among these protocols, the Diffie-Hellman key exchange
protocol is by far the most important protocol in use today. This is quite
astonishing if one considers the fact that the Diffie-Hellman key exchange
protocol (see Section 16.3) was actually the first public key cryptosystem
ever published in the open literature. In addition, many other cryptographic
protocols can be used for entity authentication, secure MPC, and many other
tasks and problems. In fact, several problems that seem to be impossible to
solve at first sight have quite elegant solutions if one considers the use of
public key cryptography. These solutions, in turn, are part of the fascination
many people have with cryptography.
20.4
FINAL REMARKS
In practice, unkeyed, secret key, and public key cryptosystems are often combined to
complement each other. For example, we saw that a random bit generator can be used
to seed a PRBG and that symmetric and asymmetric encryption can be combined
in hybrid encryption systems. In fact, public key cryptosystems are often used for
authentication and key distribution, whereas secret key cryptosystems are often used
for bulk data encryption and message authentication (if performance is a major
issue). Consequently, real applications often combine all types of cryptosystems
(including unkeyed cryptosystems) to come up with a mix that can be implemented
in an efficient and secure way.
Last but not least, we note that it is sometimes argued that public key cryp-
tography is inherently more secure than secret key cryptography. This argument is
fundamentally flawed, and there are secure and insecure public key and secret key
cryptosystems. If one has to decide what cryptosystem to use, then one has to look
at the requirements from an application point of view. If, for example, it is required
that data can be authenticated efficiently, then a MAC is usually a good choice. If,
however, it is required that the sender cannot later repudiate having sent a particular
message, then a DSS is usually more appropriate. Consequently, there is no single
best cryptosystem to be used for all applications. Instead, it is important to under-
stand the working principles, advantages, and disadvantages, as well as the short-
comings and limitations of all practically relevant and deployed cryptosystems, and
to design and implement a security architecture that is appropriate for the application
