Overview
Abasicfunctionofcryptographictechnologyistorealizesecurecommunication,theclassicsecurecommunicationmodel
Note:OnlyonesecretisusedThecommunicationmodeltocompletelydescribethecryptographicsystemmaynotbecomprehensiveandaccurate,becausethecryptographicsystemdoesnotonlyprovideinformationconfidentialityservices.
Confidentialcommunicationisabasicfunctionofcryptography.
Plaintext
Generally,youcansimplythinkthatplaintextisameaningfulcharacterorbitset,oramessagethatcanbeobtainedthroughacertainpublicencodingstandard.Plaintextisoftenrepresentedbymorp.
Ciphertext(Ciphertext)
Theoutputafterapplyingsomekindofcamouflageortransformationtotheplaintextcanalsoberegardedasacharacterorbitsetthatcannotbedirectlyunderstood.Ciphertextisusuallyrepresentedbyc.
Encryption
Theinformationtransformationprocessofconvertingtheoriginalinformation(plaintext)intociphertext.
Decrypt
Theprocessofrestoringtheencryptedinformation(ciphertext)totheplaintextoftheoriginalinformation,alsoknownasdecryption.
CryptographyAlgorithm,alsoreferredtoasCipher,usuallyreferstotheinformationtransformationrulesusedintheencryptionanddecryptionprocess,andisamathematicalfunctionusedforinformationencryptionanddecryption.
Therulesusedtoencrypttheplaintextarecalledencryptionalgorithms,andtherulesusedtodecryptciphertextsarecalleddecryptionalgorithms.Theoperationsoftheencryptionalgorithmandthedecryptionalgorithmareusuallycarriedoutunderthecontrolofasetofkeys.
SecretKey
Avariableparameterinacryptographicalgorithm,usuallyasetofrandomsequencesthatmeetcertainconditions.
Theoneusedfortheencryptionalgorithmiscalledtheencryptionkey,andtheoneusedforthedecryptionalgorithmiscalledthedecryptionkey.Theencryptionkeyandthedecryptionkeymaybethesameordifferent.
Keysareoftenexpressedask.Undertheactionofthekeyk,theencryptiontransformationisusuallydenotedasEk(·),andthedecryptiontransformationisdenotedasDk(·)orEk-1(·).
Passwordsystem
Systemcomposition
Itcanhavethefollowingparts:
–MessagespaceM(alsoknownasplaintextspace):Thesetofallpossibleplaintextm;
–ciphertextspaceC:thesetofallpossibleciphertextc;
–keyspaceK:thesetofallpossiblekeysk,whereEachkeykiscomposedofanencryptionkeykeandadecryptionkeykd,thatis,k=(ke,kd);
–EncryptionalgorithmE:aclusterofencryptionkeyscontrolledfromMtoEncryptiontransformationofC;
–DecryptionalgorithmD:AclusterofdecryptiontransformationsfromCtoMcontrolledbythedecryptionkey.
Five-tuple{M,C,K,E,D}
ForeachplaintextmintheplaintextspaceM,theencryptionalgorithmEisunderthecontroloftheencryptionkeykeEncrypttheplaintextmintociphertextc;andthedecryptionalgorithmDdecryptstheciphertextcintothesameplaintextmunderthecontrolofthekeykd,namely:
Form∈M,(ke,kd)∈K,thereare:Dkd(Eke(m))=m
Fromamathematicalpointofview,acryptographicsystemisafamilyofmappings,whichunderthecontrolofthekeyMaptoanelementintheciphertextspace.Thisfamilyofmappingsisdeterminedbythecryptographicscheme,andwhichmappingisusedisdeterminedbythekey.
Intheabovecommunicationmodel,thereisalsoaciphertextcthatcanbeinterceptedbyapasswordattackerordecipherfromacommonchannel.ThegoalofitsworkistotrytoTheplaintextmorkeykisrecoveredfromtheciphertextc.
Ifthecryptanalystcanderivetheplaintextorkeyfromonlytheciphertext,orcanderivethekeyfrombothplaintextandciphertext,thenthecryptographicsystemissaidtobedecipherable.Onthecontrary,thecryptographicsystemissaidtobeunbreakable.
Decodingmethod
Themainmethodsforcryptanalyststodecipherorattackpasswordsareexhaustiveattackmethod,statisticalanalysismethodandMathematicalanalysisattackmethod.
Bruteforceattackmethod
Bruteforceattackmethodisalsocalledbruteforceattack.Thisattackmethodistotrytotraverseallpossiblekeysontheinterceptedciphertext,untilanunderstandableconversionfromciphertexttoplaintextisobtained;ortoencryptallpossibleplaintextwithaconstantkeyuntilitisobtainedItisconsistentwiththeinterceptedciphertext.
Statisticalanalysismethod
Statisticalanalysisattackreferstoamethodusedbyacryptanalysttodecipherthepasswordaccordingtothestatisticallawofplaintext,ciphertextandkey.
Mathematicalanalysismethod
Mathematicalanalysisattackreferstoacryptanalystattackingthemathematicalfoundationofencryptionanddecryptionalgorithmsandcertaincryptographiccharacteristics,usingmathematicalsolutionstodecipherthepassword.Mathematicalanalysisattacksarethemainthreattovariouscryptographicalgorithmsbasedonmathematicalpuzzles.
Attacktype
Assumingthatthecryptanalystknowsalltheencryptionalgorithmsused,accordingtothecryptanalyst’smasteryofplaintext,ciphertextandotherdataresources,theThetypesofcryptanalysisattacksagainstencryptionsystemsaredividedintothefollowingfourtypes:
①Ciphertext-onlyattack
(Ciphtext-onlyattack)
Inaciphertextonlyattack,thecryptanalystdoesnotknowthecryptographicalgorithm,butcanonlyanalyzetheinterceptedciphertexttogettheplaintextorkey.Sincethedataresourceavailabletothecryptanalystisonlyciphertext,thisisthemostunfavorablesituationforthecryptanalyst.
②Theknownplaintextattack
(Plaintext-knownattack)
Theknownplaintextattackmeansthatinadditiontointerceptedciphertext,thecryptanalystalsoTherearesomeknown"plaintext-ciphertextpairs"todecipherthepassword.Thegoalofthecryptanalystistoderivetheencryptionkeyoranalgorithmthatcandecryptanynewmessageencryptedwiththekey.
③Chosen-plaintextattack
(Chosen-plaintextattack)
Chosen-plaintextattackmeansthatthecryptanalystcannotonlygetsome"plaintext-ciphertextpairs",Youcanalsoselecttheencryptedplaintextandgetthecorrespondingciphertext.Atthistime,thecryptanalystcanselectaspecificplaintextdatablocktoencrypt,andcomparetheplaintextwiththecorrespondingciphertext,andhasanalyzedandfoundmorekey-relatedinformation.
Themissiongoalofthecryptanalystisalsotointroduceakeyforencryptionoranalgorithmthatcandecryptanynewmessageencryptedwiththekey.
④Chooseciphertextattack
(Chosen—ciphenextattack)
Chosen-ciphenextattackmeansthatthecryptanalystcanchoosesomeciphertextandgetthecorrespondingTheplaintext.Thegoalofthecryptanalystistoderivethekey.Thiskindofcryptanalysisismostlyusedtoattackpublickeycryptosystems.
Attackevaluation
Tomeasurethecomplexityofacryptographicsystemattack,threefactorsaremainlyconsidered:
Datacomplexity
(DataComplexity)
Theamountofdatarequiredtoenterapasswordattack;
ProcessingComplexity
(ProcessingComplexity)
CompletetheattackThetimeittakes;
StorageRequirement
(StorageRequirement)
Theamountofdatastoragespacerequiredfortheattack.
Thecomplexityoftheattackdependsontheminimumcomplexityoftheabovethreefactors.Intheactualimplementationoftheattack,thecompromiseofthesethreecomplexityisoftenconsidered.Forexample,thegreaterthestoragerequirement,thefastertheattackmaybe.
Security
SecurityFactors
Thesecurityofacryptographicsystemismainlyrelatedtotwofactors.
(1)Oneisthesecuritystrengthofthecryptographicalgorithmused.Thesecuritystrengthofacryptographicalgorithmdependsonthelevelofcryptographicdesign,decipheringtechnology,etc.Itcanbesaidthatthesecuritystrengthofthecryptographicalgorithmusedbyacryptographicsystemisthetechnicalguaranteeforthesecurityofthesystem.
(2)Anotheraspectisinsecurefactorsoutsidethecryptographicalgorithm.
Therefore,theconfidentialitystrengthofthecryptographicalgorithmisnotequivalenttotheoverallsecurityofthecryptographicsystem.-Acryptographicsystemmustimprovethetechnicalandmanagementrequirementsatthesametimetoensurethesecurityoftheentirecryptographicsystem.Thistextbookonlydiscussesthetechnicalfactorsthataffectthesecurityofacryptographicsystem,thatis,thecryptographicalgorithmitself.
Evaluationmethod
Therearethreemainmethodsforevaluatingthesecurityofacryptographicsystem:
(1)Unconditionalsecurity
ThisevaluationmethodTheconsiderationistoassumethattheattackerhasunlimitedcomputingresources,butstillcannotdecipherthecryptographicsystem.
(2)Computingsecurity
Thismethodreferstotheuseofthebestmethodtobreakit.Thecalculationrequiredfarexceedstheattacker'scomputingresourcelevel,youcandefinethisThecryptosystemissafe.
(3)Demonstrablesecurity
Thismethodistoreducethesecurityofthecryptographicsystemtosomein-depthresearchedmathematicalproblem(suchaslargeintegerprimefactorization,calculationDiscretelogarithm,etc.),mathematicalproblemsprovedtobedifficulttosolve.Theproblemwiththisevaluationmethodisthatitonlyshowsthatthesecurityofthiscryptographicmethodisrelatedtoadifficultproblem,anddoesnotfullyprovethesecurityoftheproblemitself,andgivesaproofoftheirequivalence.
Forcryptographicsystemsinpracticalapplications,becausethereisatleastonedecipheringmethod,thatis,bruteforceattack,itcannotsatisfyunconditionalsecurityandonlyprovidescomputationalsecurity.Toachieveactualsecurityinacryptographicsystem,thefollowingcriteriamustbemet:
(1)Theactualamountofcalculation(includingcalculationtimeorcost)todecipherthecryptographicsystemissohugethatYuZaiisactuallyimpossibletoachieve.
(2)Thecalculationtimerequiredtodecipherthecryptographicsystemexceedstheusefullifecycleoftheencryptedinformation.Forexample,thecombatorderforacombatattackinawaronlyneedstobekeptsecretbeforethebattlebegins;thetimeforimportantnewsinformationtobekeptsecretbeforeitispubliclyreportedisoftenonlyafewhours.
(3)Thecostofdecipheringthecryptographicsystemexceedsthevalueoftheencryptedinformationitself.
Ifapasswordsystemcanmeetoneoftheabovecriteria,itcanbeconsideredtomeetactualsecurity.
Furtherreading
Kerckhoffsprinciple
EvenifthealgorithminthecryptosystemisdeterminedbythecryptanalystKnowing,itisalsodifficulttoderivetheplaintextorkeyfromtheinterceptedciphertext.
Inotherwords,thesecurityofthecryptosystemshouldonlydependonthesecrecyofthekey,notonthesecrecyofthealgorithm.
Onlyiftheattackerhassufficientresearchonthecryptographicalgorithmandhassufficientcomputingresources,asecurepasswordisasecurecryptographicsystem.
Onesentence:"Allsecretsareinthekey"
Forcommercialcryptographicsystems,theadvantagesofpubliccryptographicalgorithmsinclude:
①Conducivetopublictestingandevaluationofthesecurityofcryptographicalgorithms;
②Preventingcryptographicalgorithmdesignersfromhidingbackdoorsinthealgorithm;
③EasytoimplementcryptographicalgorithmsStandardization;
④Itisconducivetothelarge-scaleproductionofcryptographicalgorithmproductstoachievelowcostandhighperformance.
Butitmustbepointedoutthattheopenprincipleofpassworddesigndoesnotmeanthatallpasswordsmustdisclosethecryptographicalgorithmwhentheyareapplied.Forexample,themilitaryandpoliticalcoreciphersofallcountriesintheworlddonotdisclosetheirencryptionalgorithms.
Tosumup,acryptographicsystemthatprovidesconfidentialityservicesisactuallyusableandmustBasicrequirementstobemet:
①Theconfidentialityofthesystemdoesnotdependontheconfidentialityoftheencryptionsystemoralgorithm,butonlyonthesecurityofthekey."Allsecretsresideinthekey"isanimportantprincipleinthedesignofcryptographicsystems.
②Tomeettheactualsecurity,itiscomputationallyinfeasibletodeterminethekeyorthecorrespondingplaintextwithintheeffectivetimeandcostrangeafterthedecipherobtainstheciphertext.
③Theencryptionanddecryptionalgorithmsshouldbeapplicabletoallelementsintheplaintextspaceandthekeyspace.
④Theencryptionanddecryptionalgorithmscanbecalculatedefficiently,andthecryptographicsystemiseasytoimplementanduse.