# Crypto U3, Theoretical vs. Practical Security

### Description

IYM002 (Unit 3 - Further basics of Crypto Design) Mind Map on Crypto U3, Theoretical vs. Practical Security, created by jjanesko on 31/03/2013.
Mind Map by jjanesko, updated more than 1 year ago
 Created by jjanesko over 11 years ago
113
12

## Resource summary

Crypto U3, Theoretical vs. Practical Security
1. perfect secrecy
1. Attacker gets no info about the plaintext by observing the ciphertext, other than what was was known before the ciphertext was cobserved.
1. Gordon's "flash math" version of perfect secrecy

Annotations:

2. in theory, there exists unbreakable cryptosystems
1. perfectly secret
1. one time pad
1. each letter of a plaintext is transformed with a randomly generated key that is the same length as the plaintext
1. practical problems
1. key establishment expensive (creating random sequences)
1. key distribution a challenge (key changes each time)
1. key length potentially very large
2. OTP
2. practical security
1. COVERAGE what is the covertimeneeded for the plaintext?
1. design system to protect against known attacks that would result in plaintext compromise in shorter than covertime
2. computational complexity
1. algorithm complexity
1. for each possible input to the algorithm, the amount of time it takes to run
1. length of input measured in bits
2. mathematical complexity - algorithms can be run in
1. polynomial time
1. a algorithm that can usually be run in real time with any sized input
1. "time taken to execute process for an input of size n is not greater than n^r for some number r"
1. example: multiplication, addition
2. expontential time
1. an algorithm that cannot be run in "real" time with most inputs
1. "if the time taken to execute the process for an input of size n is approximately a^n for some number a"
1. example: factorization
1. Just because an algorithm is exponentially hard, it does not mean that it is impossible to solve for all values.
2. computing exhaustive key search time
1. need
1. algorithm complexity
1. computer speed
2. example
1. general algorithm complexity forkey search is 2^n
1. our example key length is 30, so the complexity for this example is n^30
1. our example computer does 1,000,000 operations per second
1. So, 2^30 / 10^6 = roughly 1000 seconds
3. EVOLUTION when designing algorithms, take into consideration current and emerging state of processing power in computers
1. when designing cryptosystems, make sure that the implementation does not undermine the power of the algorithms used
1. practice good key management

### Similar

Crypto U4, Block Cipher, Cipher Feedback Mode (CFB)
Crypto U4, Block Cipher, Cipher Block Chaining Mode (CBC)
Crypto U1, Basic Principles
Crypto U4, Stream Cipher
Crypto U4, Block Cipher, Counter Mode
Crypto U4, Block Cipher, Electronic Codebook Mode (ECB)
Crypto U2, Crypto design principles
Crypto U10 (part 2), Key Management and Lifecycle
Crypto U9, Cryptographic Protocols
Crypto U10 (part 1), Key Management & Lifecycle
Crypto U8, example dynamic password scheme