Network security problems can be divided into four closely intertwined areas:
- Secrecy: keeping information out of the hands of unauthorized users.
- Authentication: Determining whom you are talking to before revealing sensitive information or entering into a business deal.
- Nonrepudiation: Deals with signatures. How do you prove that someone really did what he claimed to do.
- Integrity control: How can you be sure that a message you received was really the one sent and not a malicious one.
Security is in all layers of the protocol stack.
A cipher is a character-for-character or bit-for-bit transformation, without regard to the linguistic structure of the message. In contrast, a code replaces one word with another word or symbol.Codes are not used any more.
The messages to be encrypted, known as the plaintext, are transformed by a function that is parameterized by a key. The output of the encryption process, known as the ciphertext, is then transmitted, often by messenger or radio. We assume that the enemy, or intruder, hears and accurately copies down the complete ciphertext. However, unlike the intended recipient, he does not know what the decryption key is and so cannot decrypt the ciphertext easily. Sometimes the intruder can not only listen to the communication channel (passive intruder) but can also record messages and play them back later, inject his own messages, or modify legitimate messages before they get to the receiver (active intruder). The art of breaking ciphers, called cryptanalysis, and the art devising them (cryptography) is collectively known as cryptology.
The key consists of a (relatively) short string that selects one of many potential encryptions. In contrast to the general method, which may only be changed every few years, the key can be changed as often as required. Thus, our basic model is a stable and publicly-known general method parameterized by a secret and easily changed key. The idea that the cryptanalyst knows the algorithms and that the secrecy lies exclusively in the keys is called Kerckhoff's principle.
Since the real secrecy is in the key, its length is a major design issue. The longer the key, the higher the work factor the cryptanalyst has to deal with.
Two Fundamental Cryptographic Principles
The first principle is that all encrypted messages must contain some redundancy, that is, information not needed to understand the message.
Cryptographic principle 1: Messages must contain some redundancy
The second cryptographic principle is that some measures must be taken to ensure that each message received can be verified as being fresh, that is, sent very recently. This measure is needed to prevent active intruders from playing back old messages.
Cryptographic principle 2: Some method is needed to foil replay attacks