《Modern Cryptogrophy:Theory and practice》学习笔记之第二章 part I

第二章 Wrestling Between Safeguard and Attack

一些术语：

    encryption, encipherment, decription, decipherment, cryptographic algorithms, symmetric(shared-key) cryptosystem, asymmetric(public-key) cryptosystem, principal(entity, agent, user), bad guys(attacker, adversary, enemy, intruder, eavesdropper, impostor), active attacker, insider, threat model, Malice.

    entity authentication( the liveness of an identified pricipal who is intended object of the communication ),

    key-encryption key, long-term key,  session key, short-term key.

Perfect Encryption with Notation {M}_K   一种理想的加密算法

i)Without the key K, the ciphertext {M}_K doesn't provide any cryptanalysis means for finding the plaintext msg M.

ii){M}_K and maybe together with some known information about the plaintext msg M donot provide any cryptanalysis means for finding the key K.

iii)Without the key K, even with the knowledge of the plaintext M, it is impossible for sb to alter {M}_K without being detected by the recipient during the time of decryption.

Dolev-Yao Threat Model

   In this model, Malice has the following characteristics:

• He can obtain any message passing through the network
• He is a legitimate user of the network, and thus in particular can initiate a conversation with any other user
• He will have the opportunity to become a receiver to any pricipal
• He can send messages to any principal by impersonating any other pricipal

    因此在此模型中可以认为所有在网络上的消息都是被Malice处理过的。

    但是，依然有一些事情是Malice所不能做到的：

• Malice cannot guess a random number which is chosen from a sufficiently large space.
• Without the correct secret(or private) key,Malice cannot retrive plaintext from given ciphertext, and cannot create valid ciphertext from given plaintext with respect to the perfect encryption algorithm.
• Malice cannot find the private component, ie., the key K.
• While Malice have control of a larget public part of our computing and communication environment, in general, he is not in control of many private areas of the computing environment, such as accessing the memory of a principal's offline computing device.

Security Properties for Authenticated Key Establishment

After the end of the protocol run:

• Only Alice and Bob (or perhaps a principal who is trusted by them ) should know K. 保密性
• Alice and Bob should know that the other principal knows K. “当场性”
• Alice and Bob should know that K is newly generated. 新鲜性