Subject | Computer and Network Security |
---|---|

NU Year | Set: 2.(d) Marks: 4 Year: 2017 |

Encryption provides a
method of storing data in a form which is unintelligible without the "key
variable" used in the encryption. Basically, encryption can be thought of
as a mathematical function E=F(D,K) where D is the data to be encoded, K is the
key variable, and E is the resulting enciphered text. For E to be a useful
function, there must exist an F', the inverse of F, D=F'(E,K) which has the
property that the original data can be recovered from the encrypted data if the
value of the key variable originally used is known. However, the use of F and
F' is valuable only if it is difficult to recover D from E without knowledge of
the corresponding key K. A great deal of research has been done to develop algorithms
which make it virtually impossible to do so, even given the availability of
powerful computer tools. The "strength" of an algorithm is
traditionally evaluated using the following assumptions. First, the algorithm
is known to all involved. Second, the analyst has available to him a
significant quantity of matched encrypted data and corresponding clear text. He
may even have been able ~o cause messages of his choice to have been encrypted.
HIS task is to deduce, given an additional, unmatched piece of encrypted text,
the corresponding clear text. All of the matched text can be assumed to be
encrypted through the use of the same key variable which was used to encrypt
the unmatched segment. In particular, therefore, the difficulty of deducing the
key used in the encoding is directly related to the strength of the algorithm.
Recently, Diffie and Hellman! proposed a variation of the conventional
encryption methods that may in some cases have certain advantages over standard
algorithms. In their class of algorithms, there exists E=F(D,K), as before, to
encode the data and D=F'(E,K') to recover the data. The major difference is
that the key K' used to decrypt the data is not equal to, and cannot be easily
derived from, the key K used to encode the data. Presumably there exists a pair
generator which based on some input information produces the matched keys K and
K' with high strength (i.e. resistance to the derivation of K' given K, D, and
matched E=F(D,K». The value of such a public key encryption algorithm lies in
some potential simplifications in initial key distribution, as well as for
"digital signatures." The key K used to encrypt the data is expected
to be publicly known, and is referred to as the public key. The key K' used to
decrypt the data would be kept secret and is referred to as the private key.