@@ -9,17 +9,18 @@ cryptography. So we begin our study of technical approaches to network
99security with an overview of cryptography.
1010
1111We introduce the concepts of cryptography-based security step by step.
12- The first step is the cryptographic algorithms—ciphers and cryptographic
13- hashes—that are introduced in this chapter. Such algorithms are not a solution in
14- themselves, but provide building blocks from which a solution can be
15- built. Cryptographic algorithms are parameterized by * keys *. The
16- distribution of keys is in itself a challenge which we tackle in a later
17- chapter.
12+ The first step is the cryptographic algorithms—ciphers and
13+ cryptographic hashes—that are introduced in this chapter. Such
14+ algorithms are not a solution in themselves, but provide building
15+ blocks from which a solution can be built. For example, cryptographic
16+ algorithms are parameterized by * keys *, with the distribution of keys
17+ a challenge that we tackle in the next chapter.
1818
1919Once we have a set of cryptographic algorithms and a way to distribute
2020keys, we are in a position to build protocols that enable secure
21- communication between participants. The final chapter describes several
22- complete security protocols and systems in current use.
21+ communication between participants. Later chapters describes several
22+ such security protocols, culminating in a description of complete
23+ systems that use these protocols.
2324
24253.1 Principles of Ciphers
2526---------------------------
@@ -80,12 +81,12 @@ there are plenty of people who will try to break ciphers and who will
8081let it be widely known when they have succeeded.
8182
8283Parameterizing a cipher with keys provides us with what is in effect a
83- very large family of ciphers; by switching keys, we are
84- switching to another cipher in the family. It is common to limit the amount
85- of data that a *cryptanalyst * (code-breaker) can access before the key
86- changes. This provides the attacker with less ability to break the cipher
87- ( for reasons discussed below) and limits the damage done if the code is
88- broken.
84+ very large family of ciphers; by switching keys, we are switching to
85+ another cipher in the family. It is common to limit the amount of data
86+ that a *cryptanalyst * (code-breaker) can access before the key
87+ changes. This provides the attacker with less ability to break the
88+ cipher, for reasons discussed below. It also limits the damage done if
89+ the code is broken.
8990
9091The basic requirement for an encryption algorithm is that it turns
9192plaintext into ciphertext in such a way that only the intended
@@ -102,10 +103,10 @@ plaintext was written in English, which means that the letter *e*
102103occurs more often in the plaintext that any other letter; the
103104frequency of many other letters and common letter combinations can
104105also be predicted. With simple ciphers, this information could greatly
105- simplify the task of finding the key. Similarly, the attacker may know
106- something about the likely contents of the message; for example, the
106+ simplify the task of determining the key. Similarly, the attacker may know
107+ something about the likely contents of the message. For example, the
107108word “login” is likely to occur at the start of a remote login
108- session. Common headers appear at the start of HTTP messages. This may
109+ session, and common headers appear at the start of HTTP messages. This may
109110enable a *known plaintext * attack, which has a much higher chance of
110111success than a *ciphertext only * attack. Even better is a *chosen
111112plaintext * attack, which may be enabled by feeding some information to
@@ -207,18 +208,11 @@ overly large blocks. For this reason most ciphers today have settled
207208on 128-bit blocks. Some details on how the birthday attacks were shown
208209to be an issue is available at the "Sweet32" website.
209210
210-
211-
212211.. admonition :: Further Reading
213212
214213 Sweet32. `Birthday attacks on 64-bit block ciphers in TLS and OpenVPN
215214 <https://sweet32.info> `__.
216215
217-
218-
219-
220-
221-
2222163.2 Secret-Key Ciphers
223217------------------------
224218
@@ -233,10 +227,15 @@ at the alternative, public-key ciphers, shortly. (Public-key ciphers
233227are known as also asymmetric-key ciphers, since as we’ll soon see, the
234228two participants use different keys.)
235229
236- .. [# ] We use the term *participant * for the parties involved in a
237- secure communication since that is a common networking term to
238- identify the two endpoints of a communication channel. In the
239- security world, the parties are often called *principals *.
230+ .. [# ] We use *participants * as a generic term for the endpoints of a
231+ communication channel. Depending on the layer of the network
232+ stack, a participant might correspond to a server, a process, a
233+ mailbox, or some other system abstraction. In the context of
234+ security, the communicating parties are often called
235+ *principals *, which in turn implies *identify *, and ultimately,
236+ an association with a human that can be held accountable. We
237+ use the term principal in place of participant when this full
238+ meaning is central to the discussion.
240239
241240
242241issued standards for a series of secret-key ciphers. *Data Encryption
@@ -478,7 +477,7 @@ knows a secret that is known only to the alleged sender
478477of the message; for example, the secret could be a key, and the proof
479478could be some value encrypted using the key. There is a mutual
480479dependency between the way the code is generated and how it is used as
481- proof of secret knowledge. We will discuss several workable
480+ proof of secret knowledge. The following discusses several workable
482481combinations.
483482
484483For simplicity, let's assume initially that the original message need
@@ -487,7 +486,7 @@ plaintext of the original message plus some additional code to support
487486authentication. Later we will consider the case where confidentiality
488487is also desired.
489488
490- One common build block of message authentication is a
489+ One common building block of message authentication is a
491490*cryptographic hash function *. Cryptographic hash algorithms are
492491treated as public knowledge, as with cipher algorithms. A
493492cryptographic hash function is a function that outputs sufficient
@@ -579,8 +578,7 @@ public-key ciphers, one based on RSA, another based on elliptic
579578curves, and a third called the *Edwards-Curve Digital Signature
580579Algorithm *.
581580
582-
583- An widely used alternative approach to encrypting a hash is to use a
581+ A widely used alternative approach to encrypting a hash is to use a
584582hash function that takes a secret value (a key known only to the
585583sender and the receiver) as an input parameter in addition to the
586584message text. Such a function outputs a message authentication code
@@ -592,7 +590,7 @@ compares that recomputed code to the code received in the message. The
592590most common approaches to generating these codes are called HMACs or
593591keyed-hash message authentication codes.
594592
595- HMACs can use any hash function of the sort described above, but the
593+ HMACs can use any hash function of the sort described above, but
596594also include the key as part of the material to be hashed, so that a
597595HMAC is a function of both the key and the input text. An approach to
598596calculating HMACs has been standardized by NIST and takes the
@@ -657,9 +655,6 @@ and hash functions, among other cryptographic concepts, we recommend the followi
657655 A. Menezes, P. van Oorschot, and S. Vanstone. `Handbook of Applied
658656 Cryptography <https://cacr.uwaterloo.ca/hac/> `__. CRC Press, 1996.
659657
660-
661-
662-
663658Now that we have seen some of the building blocks for encryption and
664659authentication, we have the foundations for building some complete security
665660solutions. Before we get to those, however, we address the issue of how participants
0 commit comments