Sunday, October 13, 2013
In this article we shall discuss about the two fundamental principles that govern a cryptographic system.
- Some redundancy must be there in all the encrypted messages.
- By redundancy here, we mean the information that is not required for understanding the message reducing the chances for a passive intruder to make attacks.
- Passive intruder attacks involve putting the stolen information to misuse without understanding it.
- This can be more easily understood by an example of a credit card.
- The credit card number is not alone sent over the internet rather it is accompanied by other side info such as the DOB of the card holder, its validity date and so on.
- Including such info with the card number cuts down on the changes for making up the number.
- Adding a good amount of redundancy prevents the active intruders from sending garbage values and then getting it verified as some valid message.
- The recipient must be capable of determining whether the message is valid or not by doing some inspection and simple calculation.
- Without redundancy the attackers would simply send junk message and the recipient will decode it as a valid message.
- However, there is a little concern also with this.
- N number of zeroes must not be put at the beginning or the end of the message for redundancy because such messages become easy to be predicted thus facilitating the crypt analysts work.
- Instead of zeroes, a CRC polynomial can be used because it proves to be more work.
- Using cryptographic hash might be even better.
- Redundancy has also got a role to play in quantum cryptography.
- Some redundancy is required in the messages for the bob to determine if the message has been tampered.
- Repetition of the message twice is a crude form of redundancy.
- If the two copies are found to be identical, the bob states that somebody is interfering with the transmission or there is a lot of noise.
- But such repetition process to be expensive.
- Therefore, for error detection and correction the methods used are reed Solomon and hamming codes.
- Measures must be compulsorily taken for the prevention of the attacks by active intruders who might play back the old messages.
- The longer an encrypted message is held by an active intruder, the more is the possibility that he can break in to it.
- One good example of this is the UNIX password file.
- For anybody who has an account on the host, the password is accessible.
- A copy of this file can be obtained by the intruders and they can then easily de-crypt the password.
- Also, the addition of the redundancy allows the simplification of the messages’ decryption.
- It must be checked whether the message has been sent recently or is an old one.
- One measure for doing so is including a time stamp of few seconds in the message.
- This message then can be saved by the recipient for that many seconds and can be used for comparing with the incoming messages and filtering the duplicates.
- Messages which exceed this time period will be rejected as being too old.
Apart from the above two principles the following are some other principles of cryptography:
Ø Authentication: For ensuring that the message was generated by the sender itself and no one else so that no outsider can claim as being the owner of the message.
Ø Integrity: In cryptography, the integrity of the messages must be preserved while sending the message from one host to another. This involves ensuring that the message is not altered on the way. Using cryptographic hash is a way to achieve this.