Written by 2.1 Technical requirements This chapter introduces basic definitions, design principles, and goals and therefore requires no specific software or hardware. 2.2 Preliminaries The fundamental objective of cryptography and computer security in general is to enable two persons, let’s call them Alice and Bob, to communicate over an insecure channel so that an opponent, commonly called […]
2.3 Confidentiality A fundamental need in secure communication is to ensure the privacy of the information transmitted between the communicating parties. In cryptography, this is referred to as confidentiality of data. More precisely, confidentiality is the ability to keep the content of information from all but those authorized to have it [117]. Confidentiality therefore guarantees […]
2.4 Integrity Integrity is the ability to detect data manipulation by unauthorized entities. By data manipulation, we mean unauthorized acts such as the insertion, deletion, or substitution of individual data chunks or entire messages. It is not required that manipulations as such are rendered impossible; given the multitude of possible communication channels, this would be […]
2.5.1 Message authentication Message authentication is the ability of the communicating party that receives a message to verify – through corroborative evidence – the identity of the party that originated the message [117]. This form of authentication is also referred to as data origin authentication. Message authentication can be achieved by providing additional information together […]
2.5.2 Entity authentication Entity authentication is the ability to assure one communicating party – using corroborative evidence – of both the identity of a second communicating party involved, and that the second party was actually active at the time the evidence was created or acquired [117]. This authentication type is also referred to as identification. […]
1.5 Example attacks The combination of these two trends – increase in complexity and increase in connectivity – results in an attack surface explosion. The following examples shall serve to illustrate this point. 1.5.1 The Mirai botnet In late 2016, the internet was hit by a series of massive Distributed Denial-of-Service (DDoS) attacks originating from […]
2.6 Secure channels and the CIA triad So far, we have discussed three important cryptographic goals: confidentiality, integrity, and authentication. For the purposes of this book, the term secure system can be defined as a system that provides a combination of those three goals. Taken together, confidentiality, integrity, and authentication are oftentimes referred to as […]