保障网络安全：密码学入门指南

需积分: 10 98 浏览量更新于2024-07-17 收藏 2.58MB PDF 举报

《密码学入门》是一本由Sahadeo Padhye、Rajeev A. Sahu和Vishal Saraswat合著的专业书籍，针对日益增长的电子通信和金融交易中的安全需求，探讨了密码学这一关键领域。随着网络安全的重要性日益凸显，这本书旨在向读者介绍实现信息安全最有效的工具——密码学，它在保障数据隐私和交易安全方面扮演着核心角色。书中详细解释了加密技术的基础概念，包括对称加密、非对称加密（如RSA和ECC）、哈希函数、公钥基础设施（PKI）以及现代加密算法如AES（高级加密标准）等。作者通过丰富的实例解析，帮助读者理解这些复杂概念的实际应用，并强调了在当今数字化世界中的实际效用。作者们来自印度的Motilal Nehru National Institute of Technology（穆蒂拉尔·尼赫鲁国家技术学院）、比利时的Université Libre de Bruxelles（布鲁塞尔自由大学）和印度的R.C. Bose Center for Cryptology and Security（R.C. Bose密码学与安全中心），他们的专业知识背景为本书提供了深厚的技术底蕴。书中不仅涵盖了基础知识，还紧跟技术前沿，讨论了诸如量子密码学和未来研究的潜在趋势，这些都是为了满足不断发展的网络安全挑战。读者可以通过访问Taylor & Francis和CRC Press的官方网站获取更多资源和支持。《密码学入门》作为硬封面版本，适合于对网络安全有兴趣的IT专业人士、研究人员、学生以及任何希望理解现代通信如何被保护的人。该书不仅提供理论知识，还通过大量解决案例来加强实践理解，确保读者能够掌握这个至关重要的领域。这本著作是密码学领域的入门指南，对于提升网络安全意识，探索未来加密技术发展，以及理解信息时代中加密技术的战略地位具有重要意义。无论是在学术研究还是实际应用中，这本书都是一份不可或缺的参考资料。

Overview of Cryptography  3

Private/Secret Private/SecretPublic/Open

Encryption Decryption

Encryption Key Decryption Key

Buddha

Smiles

Again

Plaintext

%E4v9ur5

kW$4#3?j

f&8a*v;Q

Ciphertext

Buddha

Smiles

Again

Plaintext

Adversary(s)/Interceptor(s)

Figure 1.1: Cryptosystem

4. For each key k ∈ K, there is an encryption rule E

∈ E, E

: P → C and a

decryption rule D

∈ D, D

: C → P such that, for any plaintext x ∈ P, y =

(x) is the corresponding ciphertext and D

(x)) = x.

It appears from the above deﬁnition that in a valid cryptosystem the encryp-

tion must be invertible since the decryption function is the inverse of the encryp-

tion function.

1.2 Goals of Cryptography

There are four basic goals of cryptography. These goals are abbreviated as

‘PAIN’, where P stands for Privacy (also known as conﬁdentiality); A stands

for Authentication; I stands for Integrity, and N stands for Non-repudiation. In

addition to these basic goals, access control is now also considered to be one of

the goals. We deﬁne each goal assuming a communication between a sender S

and receiver R.



Privacy/Conﬁdentiality–No one except the authorized users S and R

should be able to see/detect the message communicated between them.

Secrecy is a term synonymous to privacy and conﬁdentiality. In general

we use the term privacy and conﬁdentiality as synonyms. In particular,

privacy refers to an individuals right to control access to their personal

information where conﬁdentiality refers to how private information pro-

vided by individuals will be protected from release.



Authentication–Authentication is a service related to identiﬁcation. The

receiver R should be able to validate the actual source or origin from

where the message has been transmitted. Two parties involved in a com-

munication should be able to identify each other. Also, the information

delivered over the channel should be authenticated in the sense that it

has been generated from an authorized source. Hence, authentication is

4  Introduction to Cryptography

required to be checked in two views: entity (or user) authentication and

data origin authentication. Authentication of data origin implicitly pro-

vides data integrity (altered message implies change of source/origin).



Integrity–During communication no one should be able to modify, alter,

change, or delete the message.



Non-repudiation–The actual participants S and R should not be able to

deny their involvement in the communication.



Access Control–Only the legitimate users are granted access to the re-

sources or information.

Different cryptographic primitives have been devised to achieve these goals.

The privacy can be achieved by applying an encryption scheme. Entity authen-

tication can be achieved by digital signature. Integrity can be achieved by hash

function and the goal of non-repudiation can be achieved by advanced electronic

signature or digital signature with some additional functionality (e.g. undeniable

signature). We will precisely discuss each of these crypto-primitives in further

chapters.

1.3 Classiﬁcation of Cryptosystem

For a classiﬁed study, the cryptosystems can be categorized in the following

classes:



Classical vs Modern–This classiﬁcation is in the view of pre and post

computer era. Classical cryptosystems are the ones which have been used

during the pre-computer era and the modern cryptosystems are those be-

ing used in the post-computer era. Broadly, they can also be analyzed

on the basis of time period i.e. those belonging to early twentieth cen-

tury and those belonging to late twentieth century. Examples of classical

cryptosystems are: Caesar Cipher, Vigen

ere Cipher, Afﬁne Cipher, Hill

Cipher, Auto-key cipher etc. and the examples of modern cryptosystems

are DES, AES, RSA, ElGamal etc.



Symmetric Cryptosystem vs Asymmetric Cryptosystem or Secret Key

Cryptosystem (SKC) vs Public Key Cryptosystem (PKC)–This classiﬁca-

tion is on the basis of encryption key e

and decryption key d

. If e

= d

then the cryptosystem is called symmetric cryptosystem (or secret key

crytosystem) and if e

6= d

then the cryptosystem is called asymmet-

ric cryptosystem (or public key cryptosystem). Examples of symmetric

cryptosystems are all classical cryptosystems, Block cipher, Stream ci-

pher etc. Asymmetric cryptosystems are RSA, ElGamal, Knapsack, Ra-

bin, XTR, NTRU etc.

Overview of Cryptography  5



Block Cipher vs Stream Cipher–This classiﬁcation is on the basis of en-

cryption process. In block cipher, the message is encrypted after being

divided into ﬁxed size of blocks. Examples of block ciphers are DES,

AES, Triple DES, Serpent, Blowﬁsh, Twoﬁsh, IDEA, RC5, Cleﬁa etc.

In stream cipher, the entire message is encrypted at a time using a key

stream. RC4, ChaCha, SOSEMANUK, SEAL, SNOW, Grain, MICKEY,

Trivium, Linear Feed Back Shift Registrar (LFSR) are some popular

stream ciphers.



Deterministic vs Randomized–This classiﬁcation is also based on the na-

ture of encryption process. If the encryption formula always outputs the

same ciphertext for a ﬁxed plaintext then the cryptosystem is called deter-

ministic cryptosystem. However, if the output of the encryption algorithm

depends on some random number i.e. if encryption of the same message

yields different ciphertext everytime depending upon the random number

used in the encryption formula, then the cryptosystem is called random-

ized cryptosystem. Randomized cryptosystems are assumed to be more

secure than deterministic cryptosystems. DES, AES, RSA, Rabin, XTR

and others are deterministic cryptosystems and RSA-OAEP, ElGamal,

NTRU etc. are randomized.



Pre-quantum vs Post-quantum–This classiﬁcation is on the basis of the

strength of the cryptosystem against quantum computer. The cryptosys-

tems which are secure against quantum computer (quantum algorithm)

are called post-quantum cryptosystems otherwise they are referred as pre-

quantum cryptosystems. Examples of pre-quantum cryptosystems are all

classical cryptosystems, RSA, ElGamal, Rabin etc. and the examples

of post-quantum cryptosystems are Lattice-based cryptosystems (Ring-

LWE, NTRU, GGH), Code-based cryptosystems (McEliece cryptosys-

tem), Multivariate cryptography (Rainbow), Hash-based cryptography

(Merkle signature scheme), Isogeny-based cryptosystem etc.

1.4 Practically Useful Cryptosystem

Following are two desired properties for a practically useful cryptosystem-

1. Each encryption function e

and decryption function d

should be easily

computable.

2. An opponent, upon seeing a ciphertext string y, should be unable to deter-

mine the key k (that was used), or the plaintext string x.

6  Introduction to Cryptography

The process of attempt to recover the key k or the message x given a string of

ciphertext y is called cryptanalysis. If the attacker can determine the secret key,

then the cryptosystem is totally broken and there is no security at all. Thus deter-

mining the key k is at least as difﬁcult as determining the plaintext string x, given

the ciphertext string y.

Sir Francis R. Bacon (1561–1626) had proposed the following properties for a

“good” cryptosystem-

1. Given encryption key e

and a plaintext x, it should be easy to compute

ciphertext y = e

(x).

2. Given decryption key d

and a ciphertext y, it should be easy to compute

plaintext x = d

(y).

3. A ciphertext e

(x) should not be much longer than the plaintext x.

4. It should be infeasible to determine x from e

(x) without knowing d

5. The avalanche effect should hold in the cryptosystem. Avalanche effect is

an effect by which small changes in the plaintext or in the key lead to a big

change in the ciphertext (i.e. a change of one bit in the plaintext usually

results into changes in all bits of the ciphertext, each with the probability

close to 0.5).

6. The cryptosystem should not be closed under composition, i.e. for any two

keys k

there should not exist a key k such that e

(w) = e

(w)).

7. The set of keys should be very large.

1.4.1 Confusion and Diffusion

In 1949, Claude Shannon in one of his fundamental papers Communication The-

ory of Secrecy Systems explained two properties, confusion and diffusion, that a

“good” cryptosystem should satisfy in order to hinder statistical analysis.



Confusion: Confusion implies that the key is not related in a simple or di-

rect way to the ciphertext. If the confusion is high, then an attacker cannot

extract information on plaintexts from the distribution of ciphertexts. The

idea of confusion is to hide the relationship between the plaintext and the

key. In particular, each character of ciphertext should depend on several

parts of the key. Therefore, confusion is high if each bit of key has an

inﬂuence on many bits of ciphertext.



Diffusion: When change on a character of the plaintext yields change in

all characters of ciphertext and vice versa then it is called diffusion. The

Overview of Cryptography  7

idea of diffusion is to hide the relationship between the ciphertext and

the plaintext. So, the diffusion is high if each bit of a plaintext has an

inﬂuence on many bits of ciphertext.

The concepts of confusion and diffusion play an important role in block

cipher. A disadvantage of confusion and diffusion is error propagation which

means a small error in the ciphertext reﬂects a major error in the decrypted ci-

phertext i.e. the original message. Hence, the message becomes unreadable.

1.5 Cryptanalysis

Cryptanalysis deals with the study, observations, and analysis of cryptosystem

in order to attack on it. There are standard assumptions for cryptanalysis which

relate its practicality in the real world. Dutch cryptographer Auguste Kerckhoffs

has formalized standard guidelines to consider the attacker’s privilege in design

of a “good” cryptosystem. The assumption is popularly known as Kerckhoff’s

principle in cryptography. The principle says “A cryptosystem should be secure

even if everything about the system, except the key, is publicly known”. Thus,

we test the security of a cryptosystem under the assumption that the security of

the cryptosystem should depend on the secret key and not on the algorithm. In

fact, the algorithm should be assumed to be publicly available.

1.5.1 Types of Attackers

When a sender Alice sends an encrypted message to Bob over a channel, then an

attacker, Eve (eavesdropper), has the following privilege or access in the com-

munication:



Eve can read (and try to decrypt) the message.



Eve can try to get the key that was used and then decrypt all encrypted

messages with the same key. This is called total break.



Eve can change the message sent by Alice into another message in such a

way that Bob considers the message as if it was actually sent from Alice.

This is called modiﬁcation or attack on data integrity.



Eve can pretend to be Alice and communicate with Bob in such a way that

Bob thinks he is communicating with Alice. This is called masquerading

or man-in-the-middle attack.

An eavesdropper/attacker can therefore be passive or active. A passive at-

tacker can only read the message. Attacks that threaten conﬁdentiality are passive

剩余257页未读，继续阅读

THESUMMERE

粉丝: 23
资源: 328

保障网络安全：密码学入门指南

An Introduction to Cryptography

密码学介绍 An Introduction to Cryptography

An Introduction To Cryptography

An Introduction to Cryptography 2nd Edition

Introduction to Cryptography Principles and Applications

A Classical Introduction to Cryptography Exercise Book

Privacy and Authentication An introduction to cryptography

Introduction to Cryptography Principles and Applications 3rd Ed

Java - Introduction To Cryptography With Java Applets

An Introduction to Cryptography - 2nd Edition - 2007

最新资源