Optical Cryptosystems. Naveen K. NishchalЧитать онлайн книгу.
1.1. Example of character substitution based on Caesar’s algorithm.
Figure 1.2 shows the schematic of the modern encryption-decryption process. A plaintext is converted into a ciphertext through the encryption process, which upon use of correct keys returns the decrypted plaintext [4].
Figure 1.2. Encryption-decryption process.
A basic cryptosystem has the following components [5]:
Plaintext
Encryption algorithm
Ciphertext
Decryption algorithm
Encryption key
Decryption key.
A plaintext is converted into a ciphertext by applying the encryption algorithm and encryption key. The key space is a string of different keys that can be used to break the algorithm. It is generally accepted that a secure algorithm should use a key with length greater than 100 bits, because the number of bit permutation operations required to try 2100 keys is considered to be computationally infeasible for a conventional digital computing technique. A secure encryption algorithm is extremely sensitive to its keys. Various encryption algorithms have been developed and are being practiced. A ciphertext returns the plaintext only after use of the appropriate decryption algorithm and correct decryption key. A slight change to the keys would result in different ciphers. Thus for the successful retrieval of the plaintext, use of the correct decryption key and appropriate decryption algorithm is a must. In different types of cryptosystems, different encryption and decryption algorithms are used and correspondingly different encryption and decryption keys are generated.
While cryptography is the science of securing data, cryptanalysis is the science of analyzing and breaking a secure communication. The professionals involved in the process are called cryptanalysts. They are also called attackers. Attackers always wish to get the access of the encryption-decryption key so that plaintext can be retrieved. In classical cryptanalysis, several things are involved in the process, such as the interesting combination of analytical reasoning, the application of mathematical tools, pattern finding, patience, determination, and luck. With the passage of time, newer and reliable cryptosystems have been developed. On the other hand, attackers have also been creating improved logic to analyze the process to access the data. The pace of the development of information security technology is characterized by the creation of new methods and means of protection in the context of the storage, processing, and transmission of information. To date, much attention has been paid to the development of newer methods of intellectualization of various automated systems.
The cryptology embraces both cryptography and cryptanalysis. The cryptography can provide the following services [6].
Confidentiality (secrecy): it ensures that no one can read the concealed message except the authentic receiver. The data is kept secret from those who do not have proper credentials, even if that the data travels through an insecure medium.
Integrity (anti-tampering): it is assured that the authentic receiver has received message and it has not been altered in any way from the original.
Authentication: it helps establish identity for authentication purposes. Actually, the process proves one’s identity.
Non-repudiation: it is a mechanism to prove that the sender really sent this message. Neither the sender nor the receiver can deny the transmission of the message.
Access control: it requires that the access to information resources may be controlled by or for the authentic system.
Availability: it requires that the system assets be available to authorized personnel, as and when needed.
1.2 Types of cryptography
Depending on the common uses, cryptography can be classified into two categories; symmetric key cryptography and asymmetric key cryptography. Symmetric key cryptography is a classical encryption method. It is referred to as a situation in which the key used for encryption is as used for decryption. In this case, key distribution must be performed prior to data transfer. Therefore, the security key plays a highly significant role because security directly depends on the nature of the key. Asymmetric key cryptography is an advanced encryption method. It is referred to as a situation in which the key used for encryption is different than the key used for decryption. In this case, a pair of keys, public and private keys, are used. The security is very high compared to the classical method of encryption.
Of late, hash functions are also considered as a type of cryptography, which establishes the authenticity of the user [7].
1.2.1 Symmetric key cryptography
Symmetric key cryptography, also known as secret key cryptography or conventional cryptography, refers to an encryption system in which the sender and receiver share a single common key that is used to encrypt and decrypt the message. The process is shown in figure 1.3. The used algorithm is known as the symmetric algorithm or secret key algorithm. The key is defined as a piece of information (a parameter) that determines the functional output of a cryptographic algorithm or cipher. The key used for encrypting and decrypting a message has to be known to all the authentic recipients or else the message could not be decrypted by conventional means [6]. The examples of symmetric key cryptography are discussed below.
Data encryption standard (DES): the DES was published in 1977 by the US National Bureau of Standards. It uses a 56-bit key and maps a 64-bit input block of plaintext onto a 64-bit output block of ciphertext. 56 bits is a rather small key for today’s computing power.
Triple DES: it is an improved version created after overcoming the shortcomings of DES. Since it is based on the DES algorithm, it is very easy to modify existing software to use Triple DES. It has the advantage of proven reliability and a longer key length that eliminates many of the shortcut attacks that can be used to reduce the amount of time it takes to break the DES.
Advanced encryption standard (AES): the AES is an encryption standard adopted by the US Government. The standard comprises three block ciphers, AES-128, AES-192, and AES-256. Each AES cipher has a 128-bit block size with key sizes of 128, 192, and 256 bits, respectively. The AES ciphers have been analyzed extensively and are now used worldwide.
International data encryption algorithm (IDEA): the IDEA was developed in 1991. It uses a 128-bit key to encrypt a 64-bit block of plaintext into a 64-bit block of ciphertext. IDEA’s general structure is very similar to DES. It performs 17 rounds, each round taking 64 bits of input to produce a 64-bit output, using per-round keys generated from the 128-bit key.
Figure 1.3. Symmetric key cryptography.
Key management in symmetric key systems
The symmetric key systems are simpler and faster but their main drawback is that the two parties must somehow exchange the key in a secure way and keep it secure after that. The key management caused a nightmare for the parties using the symmetric key cryptography. The worry was about how to get the keys safely and securely across all users so that the decryption of the message would be possible. This gave the chance for third parties to intercept the keys in transit to decode the secret messages. Thus, if the key was compromised, the entire coding