Abstract
For decades cryptography strived for its goals by packing complexity into the exposed program, all the while pressing down the size of the secret key. Alas, modern technology (1) makes small keys a secondary requirement, (2) allows for layering of program logic, and (3) offers privacy and security offenders clever eavesdropping tools; altogether warranting a re-examination of the relative roles of the “passive” key and the “active” algorithm. We describe a working system where the nominal key is merged with some JavaScript code to become the “effective key,” thereby conferring upon the JavaScript interpreter (standard part in modern browsers), the role of the exposed cryptographic algorithm. We show that such Key-Script offers equivocation, (deniability), and we provide a secure key-distribution scheme that is not based on one-way functions, rather on the attribute of equivocation. We examine this new setting, and argue that it formally defeats cryptanalysis, where in practice such robustness is somewhat qualified.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Rolf Oppliger, Security Technologies for the World Wide Web, ISBN 1-58053-045-1, 2000, 444 pp.
Vesna Hassler, Security Fundamentals for E-Commerce, ISBN 1-58053-108-3, 2001, 416 pp.
Rolf Oppliger, Secure Messaging with PGP and S/MIME, ISBN 1-58053-161-X, 2001, 332 pp.
United States General Accounting Office Accounting and Information Management Division Information: Security Risk Assessment GAO Practices of Leading Organizations; November 1999
Sheila Frankel, Demystifying the IPsec Puzzle, ISBN 1-58053-079-6, 2001, 296 pp.
James P. Anderson, Computer Security Technology Planning Study, ESD-TR-73-51, ESD/AFSC, Hanscom AFB, Bedford, MA 01731 (Oct. 1972) [NTIS AD-758 206]
Department of Defense, Trusted Computer System Evaluation Criteria (Orange Book), DoD 5200.28-STD (1983, 1985)
Philip Myers, Subversion: The Neglected Aspect of Computer Security, Master Thesis. Naval Postgraduate School, Monterey, CA93940 (June 1980)
Peter G. Neumann, L. Robinson, Karl N. Levitt, R. S. Boyer, and A. R. Saxena, A Provably Secure Operating System, M79-225, Stanford Research Institute, Menlo Park, CA94025 (June 1975)
Grace H. Nibaldi, Proposed Technical Evaluation Criteria for Trusted Computer Systems, M79-225, The Mitre Corporation, Bedford, MA01730 (Oct. 1979)
G. Vernam, “The Vernam Cipher” US Patent No 1,310,719
C. E. Shannon “A Mathematical Theory of Cryptography” Technical Report 45-110-92, Bell Laboratories, 1945.
C. E. Shannon “Communication Theory of Secrecy Systems”, Bell Systems Tech. Jr. Vol 28, pages 656–715, 1949
R. Canetti, U. Feige, O. Goldreich and M. Naor “Adaptively Secure Computation”, 28th STOC, 1996
R. Canetti, R. Gennaro, “Incoercible Multiparty Computation”, FOCS’96
D. Beaver: “Plausible Deniability (extended abstract)”; Pragocrypt’ 96 Proceedings, 1996
G. Davida “Ciphertext Transformations and Deniability” 1997 Information Security Workshop Ishikawa High-Tech Conference Center Japan Advanced Institute of Science and Technology
M Roe “Cryptography and Evidence” Doctoral Dissertation, Univ of Cambridge, UK, 1997
Ran Canetti, Cynthia Dwork, Moni Naor, Rafail Ostrovsky “Deniable Encryption” Crypto’97
Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone “Handbook of Applied Cryptography” CRC Press 1997
J. Kelsey, B. Schneier, D. Wagner, and C. Hall, “Cryptanalytic attacks on pseudorandom number generators”, Fast Software Encryption, Fifth International Proceedings, pp. 168–188, Springer-Verlag, 1988.
D. Hoover, B. Kausik “Software Smart Cards via Cryptographic Camouflage” Proceedings of the 1999 IEEE Symposium on Security and Privacy
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Samid, G. (2001). Re-dividing Complexity between Algorithms and Keys. In: Rangan, C.P., Ding, C. (eds) Progress in Cryptology — INDOCRYPT 2001. INDOCRYPT 2001. Lecture Notes in Computer Science, vol 2247. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45311-3_31
Download citation
DOI: https://doi.org/10.1007/3-540-45311-3_31
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-43010-0
Online ISBN: 978-3-540-45311-6
eBook Packages: Springer Book Archive