Page 116 - DCAP309_INFORMATION_SECURITY_AND_PRIVACY
P. 116
Information Security and Privacy
Notes Most threshold systems depend on encryption with keys which are distributed in portions. The
most ordinary method for partitioning a key into parts is to form the key as the solution to N
equations in N unknowns. If N independent equations are recognized, the key can be determined
by solving the concurrent equations. If less than N equations are known, the key can be any
value as there is still a sovereign variable in the equations. Any number can be selected for N
and equations can be held by separate individuals. The same general concept can be used to form
arbitrary combinations of key requirements by producing ORs and ANDs of encryptions using
different sets of keys for different combinations of key holders. The major troubles with such a
system lie in the key distribution difficulty and the large number of keys needed to attain
arbitrary key holder combinations.
8.2.10 Systems using Changing Keys
It has been shown us that given sufficient reuse of a key, it can finally be determined. It is
therefore common practice to frequently change keys to limit the exposure because of successful
attack on any given key. A familiar misconception is that changing a key much more frequently
than the average time needed to break the cryptosystem, offers an increased margin of safety.
If we suppose the key is chosen at chance, and that the attacker can ensure a given percentage of
the keys before a key change is completed, it is only a matter of time before one of the keys
checked by the attacker appears to correspond to one of the casual keys. If the attacker selects
keys to attack at random without replacement over the phase of key usage, and begins again at
the commencement of each period, it is 50% likely that a at present valid key will be found by
the time required to try 50% of the total number of keys, regardless of key changes. So if a PC
could try all the DES keys in 10 years, it would be 50% likely that a victorious attack could be
launched in 5 years of effort. The real advantage of key changes is that the time over which a
broken key is useful is restricted to the time till the next key change. This is known as limiting
the exposure from a stolen key.
8.2.11 Hardware to Support Cryptography
Traditionally, cryptography has been executed through the use of cryptographic devices. The
use of these devices derives from the complexity in performing cryptographic transforms by
hand, the severe nature of errors that effect from the lack of redundancy in many cryptographic
systems, and the want to make the breaking of codes computationally complex.
In WWII, the ENIGMA machine was accessed by the Germans to encode messages, and one of the
first computers ever built was the BOMB, which was intended to break ENIGMA cryptograms.
Modern supercomputers are used mainly by the NSA to attain the computational advantage
essential to break many contemporary cryptosystems. The CRAY could be easily used to break
most password enciphering systems, RSA systems with keys of length under about 80 (circa
1986) are critically threatened by the CRAY, and even the DES can be attacked by using special
purpose computer hardware. Many devices have occurred in the marketplace for the use of
cryptography to encrypt transmissions, act as cryptographic keys for verification of identification,
protect so called debit cards and smart cards, and executing electronic cash money systems.
Self Assessment
Fill in the blanks:
3. With the arrival of public-key systems, ........................... can be preserved without a general
master-key or a large number of keys.
4. ........................... involves systems of locks and keys, guards, and other techniques of a
physical or logical nature.
110 LOVELY PROFESSIONAL UNIVERSITY
