Cryptography

The use of cryptography underlies many of the mechanisms used to enforce security. The principle of cryptography is to use a special piece of information, called a key, in some carefully designed mathematical function such that it is impossible to reproduce the effect, or reverse the effect of applying the function to the data, with out the key. Keeping the key secret ensures that only those who are intended to reverse, or reproduce, the effect can actually do so. In some cases the algorithm for the mathematical function is well known so that it can be widely implemented and used for general communication; in other cases the algorithm is also kept secret which is more secure but not useful in a wide heterogeneous user environment. This is a compromise that has to be made in having widely available security which can be used by lots of people. Since the key is kept as a secret it can also be used as part of an authentication scheme; as explained below. A lot of effort by very clever mathematicians has been employed in devising the mathematical functions, and in finding ways of breaking them. A lot more effort is currently being put into this area as distributed systems become more widespread. This section will describe two basic cryptographic procedures without invoking any of the mathematics that underlie them. There are many texts for the interested reader[#denning##1#]. The point this section makes is that for any cryptographic mechanism, the difficult aspect of using cryptography is the appropriate distribution of the keys. To provide confidentiality, using cryptography, on a piece of data the data is translated by the cryptographic algorithm using the key as a special starting condition. All of the data is transformed in one go, using the key. The data in its original form is called the <#776#> plaintext<#776#>, when it has been enciphered (that is processed by the cryptographic algorithm) it is called ciphertext and is meant to be unintelligible. This simple translation can be described as:

#equation777#

Where #tex2html_wrap_inline3856# represents the encipherment function using key k, P is the plaintext and C is the cipher text. Obviously, to recover the plaintext from the cipher text a reverse transformation is required which is called decipherment:

#equation779#

To provide integrity it is not necessary to translate the plaintext into another form, instead some fixed size checksum is provided as a result of putting the data through the algorithm. The checksum can be thought of as the remainder from the function when all of the data has been processed. The checksum is then a function of the value of the data and the key. If the data is changed then a different checksum would be calculated - consequently any change to the data can be detected by recalculating the checksum. The integrity checksum is usually kept with the data in the storage system or when the data is sent over a communications link. The checksum is also known as a <#781#> seal<#781#>; a <#782#> certificate<#782#> is a combination of some data and the associated seal. Often the seal may include details of the algorithm used to calculate the checksum and a identifier of any key used. Data that is protected for confidentiality is automatically protected for integrity; if the encrypted data is changed then the original data will not be recovered after decryption by the receiver. To allow for this a known value is placed with the data so the receiver can tell if decryption has been successful. If the ciphertext is changed in any way then the original plaintext cannot be obtained, and the change will be detected. Most of the algorithms used for confidentiality protection would result in some completely unintelligible output if corrupted ciphertext was used. However, it is common to add in some well known information that can be easily checked when the decipherment has been completed. There are two classes of functions, or algorithms, used in cryptography: secret key (or symmetric) algorithms, and public key (or asymmetric) algorithms. These two classes have different uses due to the different characteristics of the algorithms.