Skip to main content

Re-dividing Complexity between Algorithms and Keys

(Key Scripts)

  • 531 Accesses

Part of the Lecture Notes in Computer Science book series (LNCS,volume 2247)

Abstract

For decades cryptography strived for its goals by packing complexity into the exposed program, all the while pressing down the size of the secret key. Alas, modern technology (1) makes small keys a secondary requirement, (2) allows for layering of program logic, and (3) offers privacy and security offenders clever eavesdropping tools; altogether warranting a re-examination of the relative roles of the “passive” key and the “active” algorithm. We describe a working system where the nominal key is merged with some JavaScript code to become the “effective key,” thereby conferring upon the JavaScript interpreter (standard part in modern browsers), the role of the exposed cryptographic algorithm. We show that such Key-Script offers equivocation, (deniability), and we provide a secure key-distribution scheme that is not based on one-way functions, rather on the attribute of equivocation. We examine this new setting, and argue that it formally defeats cryptanalysis, where in practice such robustness is somewhat qualified.

Keywords

  • Fast Software Encryption
  • Modern Browser
  • Security Risk Assessment
  • United States General Account
  • Browser Program

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/3-540-45311-3_31
  • Chapter length: 9 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   84.99
Price excludes VAT (USA)
  • ISBN: 978-3-540-45311-6
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   109.00
Price excludes VAT (USA)

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Rolf Oppliger, Security Technologies for the World Wide Web, ISBN 1-58053-045-1, 2000, 444 pp.

    Google Scholar 

  2. Vesna Hassler, Security Fundamentals for E-Commerce, ISBN 1-58053-108-3, 2001, 416 pp.

    Google Scholar 

  3. Rolf Oppliger, Secure Messaging with PGP and S/MIME, ISBN 1-58053-161-X, 2001, 332 pp.

    Google Scholar 

  4. United States General Accounting Office Accounting and Information Management Division Information: Security Risk Assessment GAO Practices of Leading Organizations; November 1999

    Google Scholar 

  5. Sheila Frankel, Demystifying the IPsec Puzzle, ISBN 1-58053-079-6, 2001, 296 pp.

    Google Scholar 

  6. James P. Anderson, Computer Security Technology Planning Study, ESD-TR-73-51, ESD/AFSC, Hanscom AFB, Bedford, MA 01731 (Oct. 1972) [NTIS AD-758 206]

    Google Scholar 

  7. Department of Defense, Trusted Computer System Evaluation Criteria (Orange Book), DoD 5200.28-STD (1983, 1985)

    Google Scholar 

  8. Philip Myers, Subversion: The Neglected Aspect of Computer Security, Master Thesis. Naval Postgraduate School, Monterey, CA93940 (June 1980)

    Google Scholar 

  9. Peter G. Neumann, L. Robinson, Karl N. Levitt, R. S. Boyer, and A. R. Saxena, A Provably Secure Operating System, M79-225, Stanford Research Institute, Menlo Park, CA94025 (June 1975)

    Google Scholar 

  10. Grace H. Nibaldi, Proposed Technical Evaluation Criteria for Trusted Computer Systems, M79-225, The Mitre Corporation, Bedford, MA01730 (Oct. 1979)

    Google Scholar 

  11. G. Vernam, “The Vernam Cipher” US Patent No 1,310,719

    Google Scholar 

  12. C. E. Shannon “A Mathematical Theory of Cryptography” Technical Report 45-110-92, Bell Laboratories, 1945.

    Google Scholar 

  13. C. E. Shannon “Communication Theory of Secrecy Systems”, Bell Systems Tech. Jr. Vol 28, pages 656–715, 1949

    MathSciNet  Google Scholar 

  14. R. Canetti, U. Feige, O. Goldreich and M. Naor “Adaptively Secure Computation”, 28th STOC, 1996

    Google Scholar 

  15. R. Canetti, R. Gennaro, “Incoercible Multiparty Computation”, FOCS’96

    Google Scholar 

  16. D. Beaver: “Plausible Deniability (extended abstract)”; Pragocrypt’ 96 Proceedings, 1996

    Google Scholar 

  17. G. Davida “Ciphertext Transformations and Deniability” 1997 Information Security Workshop Ishikawa High-Tech Conference Center Japan Advanced Institute of Science and Technology

    Google Scholar 

  18. M Roe “Cryptography and Evidence” Doctoral Dissertation, Univ of Cambridge, UK, 1997

    Google Scholar 

  19. Ran Canetti, Cynthia Dwork, Moni Naor, Rafail Ostrovsky “Deniable Encryption” Crypto’97

    Google Scholar 

  20. Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone “Handbook of Applied Cryptography” CRC Press 1997

    Google Scholar 

  21. J. Kelsey, B. Schneier, D. Wagner, and C. Hall, “Cryptanalytic attacks on pseudorandom number generators”, Fast Software Encryption, Fifth International Proceedings, pp. 168–188, Springer-Verlag, 1988.

    Google Scholar 

  22. D. Hoover, B. Kausik “Software Smart Cards via Cryptographic Camouflage” Proceedings of the 1999 IEEE Symposium on Security and Privacy

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2001 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Samid, G. (2001). Re-dividing Complexity between Algorithms and Keys. In: Rangan, C.P., Ding, C. (eds) Progress in Cryptology — INDOCRYPT 2001. INDOCRYPT 2001. Lecture Notes in Computer Science, vol 2247. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45311-3_31

Download citation

  • DOI: https://doi.org/10.1007/3-540-45311-3_31

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-43010-0

  • Online ISBN: 978-3-540-45311-6

  • eBook Packages: Springer Book Archive