Introduction to Practical Issues in Cryptography


Click here to start

Table of Contents

Introduction to Practical Issues in Cryptography


The history of cryptography*

A classification scheme for ciphers* Gary Knight - Cryptanalysts Corner, Cryptologia 1 (January 1978):68--74.

Ancient cryptosystems

More Ancient Cryptography

More Ancient Cryptography

More History

More Cryptography

Other Codes

Effectiveness over time

Techniques for breaking most of the ancient ciphers

Information theory and cryptography*

Shannon's papers


Some comments on Shannon48

Fundamentals of information theoretic cryptography

Unicity Distance for English

Special Cases

Pseudo-random != Random

The Concept of Workload

Things to increase workload

Shannon’s Model of Cryptography

A Spatial Model of Cryptosystems

Attacks on Cryptosystems

More Attacks on Cryptosystems

Still more attacks on cryptosystems?

Cryptosystem Subtypes

Methods used to break WWII cryptosystems.

Many ciphers, common flaws

Human Flaws in WWII

Human Flaws in WWII

Technical breakthroughs in WWII

Other aspects of theory

N-key systems

An n-key cryptosystem

Some interesting questions*

More questions*

How much does the attacker learn from watching the system operate?

If the attacker guesses some things, and if they are right, how does that affect the result?

What can an attacker reasonably guess?

Does keeping Te and Td secret increase workload and to what extent?

Can we count on secret transforms? When?

Can we use Ke or Kd forever? How long then? How do we determine it?

Can you trust cryptography to keep secrets for a long time? How long? Why?

Can cryptography be used to assure integrity?

Can cryptography be used to assure identity?


The key distribution problem

The key maintenance problem

The cryptographic protocol problem

The key scheduling problem

The key generation/selection problem

Passwords are crypto-based


Modern cryptosystem types and functions*







Hands-on cryptography today*

Install and learn to operate modern systems

Use of cryptosystems day-to-day

More systems in use

Infrastructure Encryption

Embedded encryption

Attacking modern cryptosystems

Rule 0: The people are weak links

Rule 1: Attack live systems

Rule 2: They have a way to use it

Rule 3: Exhaustive search fails

Rule 4: Cryptanalysis is expensive

Rule 5: OSs are weaker than cryptosystems

Rule 6: Protocols are weaker than transforms

50 Ways

Stegonography today*

Classic Steganography

Steganographic classics

Making Digital Steganography

Detecting digital steganography

Breaking steganography

Combining steganography and cryptography

Thank You

Author: Fred Cohen & Associates