2 Ch. 1 Overview of Cryptography

for key exchange, the security of which is based on the intractability of the discrete loga-

rithm problem. Although the authors had no practical realization of a public-key encryp-

tion scheme at the time, the idea was clear and it generated extensive interest and activity

in the cryptographic community. In 1978 Rivest, Shamir, and Adleman discovered the ﬁrst

practical public-key encryption and signature scheme, now referred to as RSA. The RSA

scheme is based on another hard mathematical problem, the intractability of factoring large

integers. This application of a hard mathematical problem to cryptography revitalized ef-

forts to ﬁnd more efﬁcient methods to factor. The 1980s saw major advances in this area

but none which rendered the RSA system insecure. Another class of powerful and practical

public-key schemes was found by ElGamal in 1985. These are also based on the discrete

logarithm problem.

One of the most signiﬁcant contributions provided by public-key cryptography is the

digital signature. In 1991 the ﬁrst international standard for digital signatures (ISO/IEC

9796) was adopted. It is based on the RSA public-key scheme. In 1994 the U.S. Govern-

ment adopted the Digital Signature Standard, a mechanism based on the ElGamal public-

key scheme.

The search for new public-keyschemes, improvementsto existing cryptographicmec-

hanisms, and proofs of security continues at a rapid pace. Various standards and infrastruc-

tures involving cryptographyare being put in place. Security products are being developed

to address the security needs of an information intensive society.

The purpose of this book is to give an up-to-date treatise of the principles, techniques,

and algorithms of interest in cryptographic practice. Emphasis has been placed on those

aspects which are most practical and applied. The reader will be made aware of the basic

issues and pointed to speciﬁc related research in the literature where more indepth discus-

sions can be found. Due to the volume of material which is covered, most results will be

stated without proofs. This also serves the purpose of not obscuring the very applied nature

of the subject. This book is intended for both implementers and researchers. It describes

algorithms, systems, and their interactions.

Chapter 1 is a tutorial on the many and various aspects of cryptography. It does not

attempt to convey all of the details and subtleties inherent to the subject. Its purpose is to

introducethe basicissuesandprinciplesand topointthe reader toappropriatechaptersin the

book for more comprehensive treatments. Speciﬁc techniques are avoided in this chapter.

1.2 Information security and cryptography

The concept of information will be taken to be an understood quantity. To introduce cryp-

tography, an understandingof issues related to information security in general is necessary.

Information security manifests itself in many ways according to the situation and require-

ment. Regardless of who is involved, to one degree or another, all parties to a transaction

must have conﬁdencethat certain objectivesassociated with informationsecurity have been

met. Some of these objectives are listed in Table 1.1.

Over the centuries, an elaborate set of protocols and mechanisms has been created to

deal with information security issues when the information is conveyed by physical doc-

uments. Often the objectives of information security cannot solely be achieved through

mathematical algorithms and protocols alone, but require procedural techniques and abid-

ance of laws to achieve the desired result. For example, privacy of letters is provided by

sealed envelopes delivered by an accepted mail service. The physical security of the en-

velope is, for practical necessity, limited and so laws are enacted which make it a criminal

c

1997 by CRC Press, Inc. — See accompanying notice at front of chapter.

## 评论4