Protocols such as secret communication and digital signatures
Protocols such as secret communication and digital signatures
A protocol is a series of steps taken to accomplish a task. In fact, this is also the definition of an algorithm, but we use algorithm to refer to the attainment of internal, mathematical results such as encrypting a block, and protocol to refer to the attainment of user-visible results such as secret communication and digital signatures.
Communications
Obviously, most of the previous discussion of secret-key and public-key cryptosystems has been about their use in communications, but complete application of cryptography to communications also addresses some issues beyond the simple encryption and decryption of blocks.
Session keys
A session key is a cryptographic key adopted for use for a particular message or during a particular session of communications. Session keys are used for two reasons: to achieve greater performance and to limit the amount of data encrypted with a master key. Frequently a communications system will use a relatively low- performance public-key cryptosystem only to communicate a session key, which is then used for high-performance symmetric-key encryption of the bulk message data. The second reason for using session keys is to limit the amount of information available for cryptanalysis of the master key. Because only the random session keys are ever encrypted by the master key, the attacker cannot exploit any statistical properties of the actual messages to assist in the attack on the master key.
Message integrity
It may be possible for an attacker to alter or substitute different ciphertext somewhere along the communications channel between sender and intended recipient. It is therefore necessary to ensure that the message received is the same as the message sent. Sometimes an alteration would be obvious because the received message would decrypt to gibberish, but computers are much worse than people at detecting gibberish. To solve this problem, one may add a message digest to the plaintext before encrypting the message or include a MIC or digital signature as part of the ciphertext.
Protection against replay
It may be possible for an attacker to record an entire message and then replay it later. If duplicate messages are not detected and discarded, the attacker can cause considerable mischief. For example, if an encrypted order for widgets with instructions to charge a credit card can be replayed, then the attacker could run down the seller’s widget supply or cause the buyer an overdraft. Duplicate messages can also arise accidentally. For example, if the communications channel goes offline during a transmission, the sender may retransmit the most recent message. But was the message lost or just the acknowledgment that the message had been received?
Data compression
Data compression and encryption do not mix—or rather, they mix only when combined in the right way. Data compression refers to the problem of encoding a message in the minimum amount of space. In order to do this, data compression algorithms such as the familiar ZIP and COMPRESS algorithms exploit statistical properties of the source file to encode the same information with fewer bits. Good encryption destroys these statistical properties that compression algorithms exploit, so in general it is not possible to compress an encrypted message. It is, however, possible to encrypt a compressed message. This odd property has two readily apparent effects. First, a modem that depends on data compression for achieving a high bit rate will get a much lower bit rate on encrypted materials. Second, compressing file systems such as the popular Stacker and Doublespace systems for PCs will not achieve any space savings when used on encrypted files. Arguably, compressing a file before encrypting it may slightly improve security, because compression reduces the redundancy that may be exploited during cryptanalysis. The main point here is that encrypted files are essentially incompressible.
Possibly related posts: (automatically generated)
Protocols such as secret communication and digital signatures
- Public-key Digital Signatures
- SSL Server(Secure Sockets Layer)
- Cryptography (Public-Key) Standards and Protocols Notice
- Internet Key Exchange (IKE)
- Internet Security, Public Key Encryption and Digital Certificates
- Platforms and Convergence Digital Payment Systems (JEPI)
- Early Directory Technologies part 3
- Symmetric and Asymmetric Encryption
- Java Database, J2EE Framework
- What Are Bluetooth Profiles? part 1
- October 26th
It allows small and medium sized companies to focus their time and resources on running their businesses instead of struggling to keep up with the constantly evolving security threats. … Security Services
You must contact us within 60 days of receiving the statement on which the error or problem appeared. … Conference Equipments
Whether it s online fraud, spam, or other security risks, Symantec has been leading the conversation for while there s been a need to secure technology. … Symantec Security Response
Why instant online approval for your payday loan when searching for a cash advance, nothing can be more down heartening than having to wait at approval. … Approval Payday Loan
D digital amplifier produces 80% more power and consumes 40% less energy than most standard digital amplifiers! … Definition Video
In addition, you can apply access policies to other security features such as VPN, content filtering and application patrol. … Application Patrol