Secret Key Assurances
Good cryptographic methods assure us that we can keep our secrets from others. That is, Alice and Bob's encrypted files remain private between them as long as their secret key stays secret.
Modern-day cryptographers use the term confidentiality to mean that your encrypted secrets aren't available to unauthorized users.1 Let's review that concept briefly and examine three other necessary electronic data assurances-authentication, integrity, and nonrepudiation-defined in Figure 7-1.
Figure 7-1 Terms of assurance.
In this chapter we explain how secret key cryptography implements these assurances. Later chapters examine how modern cryptography uses public keys more than secret keys for this purpose. The concepts are the same, although more involved, when public key methods are used. So we look first at the simpler case.
Confidentiality
Why you want authentication, integrity, nonrepudiation. |
Suppose Alice and Bob have a West Coast real estate business. While Bob is on the road, Alice and Bob exchange financial and love notes encrypted with their secret key. Strong cryptography helps Alice and Bob feel assured their confidentiality (privacy) is being maintained because only someone who has their secret key can make sense of their shared electronic messages (see Figure 7-2).
Strong cryptography also ensures the confidentiality of encrypted files stored on computer disks; only those with whom we've shared the secret encrypting key can decrypt and understand the content.
But confidentiality (privacy) is not enough assurance to give you the warm fuzzies you crave about the security of your communications (see Figure 7-3). Even before you send or receive encrypted data to or from another computer, you need to know that the person on the other end of the line is the person he or she claims to be (authentication). You also need to know that the software you downloaded hasn't been tampered with during its journey to you (integrity). And you'd probably also like to be assured that your stockbroker brother-in-law can't deny that he received your sell order before the bottom dropped out of the market. Similarly, he wants the same assurance if you deny that you instructed him to buy a falling-star dot-com (nonrepudiation).
Figure 7-2 Confidentiality is like sending your secret in a safe; only the owner of the shared secret key can decrypt the message (open the safe).
Figure 7-3 Cryptography offers a way to detect masquerading impostors and ensure the identity of the person on the other end of the line.
1. In Chapters 7 and 8 we represent confidentiality with an image of a safe with an encrypted plaintext symbol. We're using a safe to reinforce the concept that encrypted text ensures privacy. After Chapter 8, confidentiality will be shown using only the encrypted plaintext symbol (without the safe).