In this article we shall discuss about the two
fundamental principles that govern a cryptographic system.
1. Redundancy
- Some redundancy
must be there in all the encrypted messages.
- By redundancy here, we mean
the information that is not required for understanding the message
reducing the chances for a passive intruder to make attacks.
- Passive
intruder attacks involve putting the stolen information to misuse without
understanding it.
- This can be more easily understood by an example of a
credit card.
- The credit card number is not alone sent over the internet
rather it is accompanied by other side info such as the DOB of the card
holder, its validity date and so on.
- Including such info with the card
number cuts down on the changes for making up the number.
- Adding a good
amount of redundancy prevents the active intruders from sending garbage
values and then getting it verified as some valid message.
- The recipient
must be capable of determining whether the message is valid or not by doing some inspection and simple
calculation.
- Without redundancy the attackers would simply send junk
message and the recipient will decode it as a valid message.
- However, there
is a little concern also with this.
- N number of zeroes must not be put at
the beginning or the end of the message for redundancy because such
messages become easy to be predicted thus facilitating the crypt analysts work.
- Instead of zeroes, a CRC polynomial can be used because it proves to
be more work.
- Using cryptographic hash might be even better.
- Redundancy
has also got a role to play in quantum cryptography.
- Some redundancy is
required in the messages for the bob to determine if the message has been
tampered.
- Repetition of the message twice is a crude form of redundancy.
- If
the two copies are found to be identical, the bob states that somebody is
interfering with the transmission or there is a lot of noise.
- But such
repetition process to be expensive.
- Therefore, for error detection and
correction the methods used are reed Solomon and hamming codes.
2. Update
- Measures must be
compulsorily taken for the prevention of the attacks by active intruders
who might play back the old messages.
- The longer an encrypted message is
held by an active intruder, the more is the possibility that he can break
in to it.
- One good example of this is the UNIX password file.
- For anybody
who has an account on the host, the password is accessible.
- A copy of this
file can be obtained by the intruders and they can then easily de-crypt the
password.
- Also, the addition of the redundancy allows the simplification of
the messages’ decryption.
- It must be checked whether the message has been
sent recently or is an old one.
- One measure for doing so is including a
time stamp of few seconds in the message.
- This message then can be saved
by the recipient for that many seconds and can be used for comparing with
the incoming messages and filtering the duplicates.
- Messages which exceed
this time period will be rejected as being too old.
Apart from the above two principles the following
are some other principles of cryptography:
Ø Authentication: For ensuring that the message was generated by the sender itself and no one
else so that no outsider can claim as being the owner of the message.
Ø Integrity: In cryptography, the integrity of the messages must be preserved while sending
the message from one host to another. This involves ensuring that the message
is not altered on the way. Using cryptographic hash is a way to achieve this.
Ø Non-repudiation
No comments:
Post a Comment