Provable security and other problems in modern cryptography
Step 3: Implement the Functions Using Generic Procedures
This step refers to the basic cryptographic building blocks, such as private key encryption, message authentication codes, hash functions, or signature schemas. Defining generic procedures helps you understand which security property of the underlying building block is used to achieve a certain security property of the new system.
The design has to work independently of specific procedures, since it is always possible for individual procedures to be broken. For example, researchers recently found the first attacks on the SHA-1 hash function. Developing a completely new system because individual components have been broken is simply too expensive. Moreover, the insecurity of individual instances does not alter the fact that the concept as such is secure. To illustrate this point, just briefly think about the example of fire protection. Just because the material of an individual door proved not to be fireproof does not mean that the entire strategy, which envisaged a fireproof door at a particular location, is wrong.
Step 4: Formal Mathematical Proof of Security
After the formal specification of the security properties and the design, formal mathematical proof of security follows in the fourth step. This step confirms that the design satisfies the desired safety properties. Formal proof provides a one-to-one mapping between the security properties of the underlying cryptographic building blocks and the security properties that the system is intended to achieve. Formally verifying the security uncovers design flaws. If the security properties of the underlying cryptographic building are not applied, there is a flaw in the design, and there is most likely a more efficient solution.
Step 5: Instantiate the Implementation
Once the formal security of the system has been established, it is necessary to instantiate the generic cryptographic building blocks with specific cryptographic procedures. For example, a generic encryption schema with a private key is introduced, and this building block is implemented in practice using AES. Since generic building blocks work with abstract objects (such as "a private key" or "a ciphertext"), you need to translate these objects into concrete instances. For example, the object "public key encryption scheme" is instantiated with an ElGamal encryption scheme [2].
« Previous 1 2 3 4 Next »
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Direct Download
Read full article as PDF:
Price $2.95
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
News
-
An All-Snap Version of Ubuntu is In The Works
Along with the standard deb version of the open-source operating system, Canonical will release an-all snap version.
-
Mageia 9 Beta 2 Ready for Testing
The latest beta of the popular Mageia distribution now includes the latest kernel and plenty of updated applications.
-
KDE Plasma 6 Looks to Bring Basic HDR Support
The KWin piece of KDE Plasma now has HDR support and color management geared for the 6.0 release.
-
Bodhi Linux 7.0 Beta Ready for Testing
The latest iteration of the Bohdi Linux distribution is now available for those who want to experience what's in store and for testing purposes.
-
Changes Coming to Ubuntu PPA Usage
The way you manage Personal Package Archives will be changing with the release of Ubuntu 23.10.
-
AlmaLinux 9.2 Now Available for Download
AlmaLinux has been released and provides a free alternative to upstream Red Hat Enterprise Linux.
-
An Immutable Version of Fedora Is Under Consideration
For anyone who's a fan of using immutable versions of Linux, the Fedora team is currently considering adding a new spin called Fedora Onyx.
-
New Release of Br OS Includes ChatGPT Integration
Br OS 23.04 is now available and is geared specifically toward web content creation.
-
Command-Line Only Peropesis 2.1 Available Now
The latest iteration of Peropesis has been released with plenty of updates and introduces new software development tools.
-
TUXEDO Computers Announces InfinityBook Pro 14
With the new generation of their popular InfinityBook Pro 14, TUXEDO upgrades its ultra-mobile, powerful business laptop with some impressive specs.