|Subject||Computer and Network Security|
|NU Year||Set: 2.(d) Marks: 4 Year: 2017|
Encryption provides a method of storing data in a form which is unintelligible without the "key variable" used in the encryption. Basically, encryption can be thought of as a mathematical function E=F(D,K) where D is the data to be encoded, K is the key variable, and E is the resulting enciphered text. For E to be a useful function, there must exist an F', the inverse of F, D=F'(E,K) which has the property that the original data can be recovered from the encrypted data if the value of the key variable originally used is known. However, the use of F and F' is valuable only if it is difficult to recover D from E without knowledge of the corresponding key K. A great deal of research has been done to develop algorithms which make it virtually impossible to do so, even given the availability of powerful computer tools. The "strength" of an algorithm is traditionally evaluated using the following assumptions. First, the algorithm is known to all involved. Second, the analyst has available to him a significant quantity of matched encrypted data and corresponding clear text. He may even have been able ~o cause messages of his choice to have been encrypted. HIS task is to deduce, given an additional, unmatched piece of encrypted text, the corresponding clear text. All of the matched text can be assumed to be encrypted through the use of the same key variable which was used to encrypt the unmatched segment. In particular, therefore, the difficulty of deducing the key used in the encoding is directly related to the strength of the algorithm. Recently, Diffie and Hellman! proposed a variation of the conventional encryption methods that may in some cases have certain advantages over standard algorithms. In their class of algorithms, there exists E=F(D,K), as before, to encode the data and D=F'(E,K') to recover the data. The major difference is that the key K' used to decrypt the data is not equal to, and cannot be easily derived from, the key K used to encode the data. Presumably there exists a pair generator which based on some input information produces the matched keys K and K' with high strength (i.e. resistance to the derivation of K' given K, D, and matched E=F(D,K». The value of such a public key encryption algorithm lies in some potential simplifications in initial key distribution, as well as for "digital signatures." The key K used to encrypt the data is expected to be publicly known, and is referred to as the public key. The key K' used to decrypt the data would be kept secret and is referred to as the private key.