Written by 1.1 Evolution of cryptography Over the past four decades or so, cryptography has evolved from an exotic field known to a select few into a fundamental skill for the design and operation of modern IT systems. Today, nearly every modern product, from the bank card in your pocket to the server farm running your favorite […]
1.5.3 The Jeep hack At the BlackHat 2015 conference, security researchers Charlie Miller and Chris Valasek demonstrated the first remote attack on an unaltered, factory passenger car [120]. In what later became known as the Jeep hack, the researchers demonstrated how the vehicle’s infotainment system, Uconnect, which has both remote connectivity as well as the […]
2.5.1 Message authentication Message authentication is the ability of the communicating party that receives a message to verify – through corroborative evidence – the identity of the party that originated the message [117]. This form of authentication is also referred to as data origin authentication. Message authentication can be achieved by providing additional information together […]
2.6 Secure channels and the CIA triad So far, we have discussed three important cryptographic goals: confidentiality, integrity, and authentication. For the purposes of this book, the term secure system can be defined as a system that provides a combination of those three goals. Taken together, confidentiality, integrity, and authentication are oftentimes referred to as […]
3.2 Cryptographic keys We saw in the last section that keys are extremely important because they are the only things that are supposed to be secret in a cryptosystem. But what exactly is a key? A cryptographic key K comes from a large (but finite) set 𝒦. This large set is called the key space. […]
3.2.1 One key for each task In addition to the three basic requirements, it is a good practice in cryptography to have a unique key for each unique task. As an example, if Alice and Bob first authenticate each other (entity authentication) and then use message authentication to ensure their communication is not being manipulated […]
3.5 Crypto-agility and information half-life Because fundamental advances in cryptanalysis cannot be reliably predicted, especially for prolonged periods of time, it is desirable to design security systems in such a way that the transition to longer keys (or stronger cryptographic mechanisms) is possible and, ideally, easy to do. This concept is called crypto-agility. It is […]
3.6.2 Key agreement From a security perspective, key transport has a fundamental downside compared to key agreement. If Alice generates the key and sends it to Bob (key transport), Bob can never be sure whether that key is sufficiently random. This might seem quite paranoid at first (which is true for the cryptography mindset, but […]
3.7 Randomness and entropy In cryptography, the security of most protocols and mechanisms depends on the generation of random sequences of bits or numbers. These sequences must have a sufficient length and be random in a very specific sense: we do not want an attacker to be able to guess part of or the whole […]
Frequently changing keys also limits the exposure time of a key compromised by Mallory. If the extracted key is used only for a single communication session, Mallory cannot decrypt previous sessions and needs to repeat the extraction (and hope that her malware won’t be detected by Alice’s virus scanners, firewalls, and intrusion detection systems) to […]