Cryptography Based Data Security

Publisher Summary The chapter discusses the types of data security problems. The categories where data protections are falling are physical security, communication security, and operational security (database security, operating security, computer viruses). Cryptography is the science of transforming data, using a key, so that the data becomes unintelligible to those who do not have the key (or more precisely, the inverse transformation). The chapter presents a detailed discussion of the different types of cryptosystems followed by the application of cryptography for solving many of the computer security problems. Classifications of cryptosystems are according to function, number of keys and method of application to the protection of data. A symmetric cryptosystem is one in which the encryption key and the decryption key are the same. An asymmetric cryptosystem is one in which the decryption key is different from the encryption key. Cryptosystems are subject to different types of attacks. The method of attacking cryptosystem is cryptanalysis.

[1]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[2]  Jean-Jacques Quisquater,et al.  A Practical Zero-Knowledge Protocol Fitted to Security Microprocessor Minimizing Both Transmission and Memory , 1988, EUROCRYPT.

[3]  Yvo Desmedt Protecting against Abuses of Cryptosystems in Particular in the Context of Verification of Peace Treaties (Extended Abstract) , 1990 .

[4]  R. R. Jueneman,et al.  Analysis of Certain Aspects of Output Feedback Mode , 1982, CRYPTO.

[5]  Richard J. Lipton,et al.  Even Data Bases That Lie Can Be Compromised , 1978, IEEE Transactions on Software Engineering.

[6]  A. Shamir A polynomial time algorithm for breaking the basic Merkle-Hellman cryptosystem , 1982, FOCS 1982.

[7]  Gustavus J. Simmons,et al.  Authentication Theory/Coding Theory , 1985, CRYPTO.

[8]  Leonard M. Adleman,et al.  On Breaking the Iterated Merkle-Hellman Public-Key Cryptosystem , 1982, CRYPTO.

[9]  F. MacWilliams,et al.  Codes which detect deception , 1974 .

[10]  James P. Titus,et al.  Security and Privacy , 1967, 2022 IEEE Future Networks World Forum (FNWF).

[11]  Gary L. Miller,et al.  Breaking the Ong-Schnorr-Shamir Signature Scheme for Quadratic Number Fields , 1986, CRYPTO.

[12]  George B. Purdy,et al.  A high security log-in procedure , 1974, Commun. ACM.

[13]  Albrecht Beutelspacher,et al.  Perfect and Essentially Perfect Authentication Schemes , 1987, EUROCRYPT.

[14]  Hugh C. Williams,et al.  A modification of the RSA public-key encryption procedure (Corresp.) , 1980, IEEE Trans. Inf. Theory.

[15]  M. D. Soete Some Constructions for Authentication-Secrecy Codes , 1988, EUROCRYPT.

[16]  Claude E. Shannon,et al.  A Mathematical Theory of Communications , 1948 .

[17]  G. R. BLAKLEY Safeguarding cryptographic keys , 1979, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[18]  Manuel Blum,et al.  How to generate cryptographically strong sequences of pseudo random bits , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[19]  J. Yip,et al.  Integrity mechanisms in a secure UNIX - Gould UTX/32S , 1986 .

[20]  Manuel Blum,et al.  An Efficient Probabilistic Public-Key Encryption Scheme Which Hides All Partial Information , 1985, CRYPTO.

[21]  David Chaum,et al.  Some Variations on RSA Signatures and Their Security , 1986, CRYPTO.

[22]  John B. Kam,et al.  Structured Design of Substitution-Permutation Encryption Networks , 1979, IEEE Transactions on Computers.

[23]  E. J. Lemer Military electronics: Electromagnetic pulses: Potential crippler: Three bombs, exploded in space over the U.S., could black out the nation, wipe out communications, and make computers useless , 1981, IEEE Spectrum.

[24]  Henk Meijer,et al.  Security-related comments regarding McEliece's public-key cryptosystem , 1987, IEEE Trans. Inf. Theory.

[25]  Andrew M. Odlyzko,et al.  Cryptanalytic attacks on the multiplicative knapsack cryptosystem and on Shamir's fast signature scheme , 1984, IEEE Trans. Inf. Theory.

[26]  Andrew Chi-Chih Yao,et al.  Theory and application of trapdoor functions , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[27]  J. H. Moore Protocol failures in cryptosystems , 1988, Proc. IEEE.

[28]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[29]  Tore Herlestam Critical remarks on some public-key cryptosystems , 1978 .

[30]  Yvo Desmedt,et al.  A Key Distribution System Based On Any One-Way Function (Extended Abstract) , 1989, EUROCRYPT.

[31]  Ralph Howard,et al.  Data encryption standard , 1987 .

[32]  Richard J. Lipton,et al.  A System Architecture to Support a Verifiably Secure Multilevel Security System , 1980, 1980 IEEE Symposium on Security and Privacy.

[33]  Maria M. Pozzo,et al.  A Model for the Containment of Computer Viruses , 1986 .

[34]  George I. Davida,et al.  Arbitration in Tamper Proof Systems , 1987, CRYPTO.

[35]  David Chaum,et al.  Attacks on Some RSA Signatures , 1985, CRYPTO.

[36]  Silvio Micali,et al.  How to sign given any trapdoor function , 1988, STOC '88.

[37]  Yvo Desmedt,et al.  SUBLIMINAL-FREE AUTHENTICATION AND SIGNATURE , 1988 .

[38]  Amos Fiat,et al.  Zero-knowledge proofs of identity , 1987, Journal of Cryptology.

[39]  Ernest F. Brickell,et al.  An Observation on the Security of McEliece's Public-Key Cryptosystem , 1988, EUROCRYPT.

[40]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[41]  Amos Fiat,et al.  Zero Knowledge Proofs of Identity , 1987, STOC.

[42]  Dorothy E. Denning,et al.  Programming Techniques and Data Structures Digital Signatures with Rsa and Other Public.key , 2022 .

[43]  Gustavus J. Simmons,et al.  A survey of information authentication , 1988, Proc. IEEE.

[44]  J.A. Adam Ways to verify the US-Soviet arms pact , 1988, IEEE Spectrum.

[45]  G. Blakley,et al.  Rivest-Shamir-Adleman public key cryptosystems do not always conceal messages , 1979 .

[46]  Dorothy E. Denning,et al.  Protecting Public Keys and Signature Keys , 1983, Computer.

[47]  Benjamin Arazi Implementation of digital signatures , 1982 .

[48]  Don Coppersmith,et al.  Another Birthday Attack , 1986, CRYPTO.

[49]  T. A. BERSON,et al.  KSOS—Development methodology for a secure operating system , 1979, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[50]  Birgit Pfitzmann,et al.  How to Break the Direct RSA-Implementation of Mixes , 1990, EUROCRYPT.

[51]  Gerald J. Popek,et al.  Encryption and Secure Computer Networks , 1979, CSUR.

[52]  James L. Massey,et al.  Fast Authentication in a Trapdoor - Knapsack Public Key Cryptosystem , 1982, EUROCRYPT.

[53]  Gustavus J. Simmons,et al.  Symmetric and Asymmetric Encryption , 1979, CSUR.

[54]  Yvo Desmedt,et al.  Public-Key Systems Based on the Difficulty of Tampering (Is There a Difference Between DES and RSA?) , 1986, CRYPTO.

[55]  Gilles Brassard,et al.  An Update on Quantum Cryptography , 1985, CRYPTO.

[56]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[57]  J. Horgan Thwarting the information thieves: Fear of spying through simple or sophisticated electronics has spawned an industry whose challenge is to block the illegal interception of intelligence , 1985, IEEE Spectrum.

[58]  Arjen K. Lenstra,et al.  Factoring by Electronic Mail , 1990, EUROCRYPT.

[59]  Richard J. Lipton,et al.  Protecting Shared Cryptographic Keys , 1980, 1980 IEEE Symposium on Security and Privacy.

[60]  Yvo Desmedt,et al.  Passports and Visas Versus IDS (Extended Abstract) , 1988, EUROCRYPT.

[61]  Gustavus J. Simmons,et al.  The Prisoners' Problem and the Subliminal Channel , 1983, CRYPTO.

[62]  R. Richardson The International Congress of Mathematicians , 1932, Science.

[63]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[64]  J. Levine,et al.  The Hill cryptographic system with unknown cipher alphabet but known plaintext , 1984 .

[65]  Gustavus J. Simmons,et al.  Verification of Treaty Compliance -- Revisited , 1983, 1983 IEEE Symposium on Security and Privacy.

[66]  Yvo Desmedt,et al.  Unconditionally Secure Authentication Schemes and Practical and Theoretical Consequences , 1985, CRYPTO.

[67]  M.E. Hellman,et al.  Privacy and authentication: An introduction to cryptography , 1979, Proceedings of the IEEE.

[68]  Adi Shamir,et al.  An efficient signature scheme based on quadratic equations , 1984, STOC '84.

[69]  Samy Bengio,et al.  Special Uses and Abuses of the Fiat-Shamir Passport Protocol , 1987, CRYPTO.

[70]  Oded Goldreich,et al.  Two Remarks Concerning the Goldwasser-Micali-Rivest Signature Scheme , 1986, CRYPTO.

[71]  Gilles Brassard,et al.  Modern cryptology , 2006 .

[72]  Claus-Peter Schnorr,et al.  An efficient solution of the congruence x2+ky2=mpmod{n} , 1987, IEEE Trans. Inf. Theory.

[73]  Robert B. Ash,et al.  Information Theory , 2020, The SAGE International Encyclopedia of Mass Media and Society.

[74]  Andrea Sgarro,et al.  Informational Divergence Bounds for Authentication Codes , 1990, EUROCRYPT.

[75]  G. S. Vernam,et al.  Cipher Printing Telegraph Systems For Secret Wire and Radio Telegraphic Communications , 1926, Transactions of the American Institute of Electrical Engineers.

[76]  Michael J. Wiener,et al.  Cryptanalysis of Short RSA Secret Exponents (Abstract) , 1990, EUROCRYPT.

[77]  Yvo Desmedt,et al.  Defending systems against viruses through cryptographic authentication , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[78]  Peter J. Denning,et al.  Computer viruses , 1989 .

[79]  Yvo Desmedt,et al.  A Chosen Text Attack on the RSA Cryptosystem and Some Discrete Logarithm Schemes , 1986, CRYPTO.

[80]  Johan van Tilburg,et al.  On the McEliece Public-Key Cryptosystem , 1988, CRYPTO.

[81]  Manuel Blum,et al.  Non-interactive zero-knowledge and its applications , 1988, STOC '88.

[82]  S. T. Walker Network security: the parts of the sum , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[83]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1986, 1986 IEEE Symposium on Security and Privacy.

[84]  Wim van Eck,et al.  Electromagnetic radiation from video display units: An eavesdropping risk? , 1985, Comput. Secur..

[85]  Carl E. Landwehr,et al.  On Access Checking in Capability-Based Systems , 1987, IEEE Trans. Software Eng..

[86]  Ralph C. Merkle,et al.  Secure communications over insecure channels , 1978, CACM.

[87]  Leonard M. Adleman,et al.  An Abstract Theory of Computer Viruses , 1988, CRYPTO.

[88]  H. Feistel Cryptography and Computer Privacy , 1973 .

[89]  Silvio Micali,et al.  The Knowledge Complexity of Interactive Proof Systems , 1989, SIAM J. Comput..

[90]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[91]  Yvo Desmedt,et al.  Abuses in Cryptography and How to Fight Them , 1988, CRYPTO.

[92]  J. L. Massey,et al.  An introduction to contemporary cryptology , 1988, Proc. IEEE.

[93]  Butler W. Lampson,et al.  A note on the confinement problem , 1973, CACM.

[94]  Whitfield Diffie The Adolescence of Public-Key Cryptography (Abstract) , 1989, EUROCRYPT.

[95]  Jon A. Rochlis,et al.  With microscope and tweezers: an analysis of the Internet virus of November 1988 , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[96]  John B. Kam,et al.  A database encryption system with subkeys , 1981, TODS.

[97]  Adi Shamir,et al.  Efficient Signature Schemes Based on Polynomial Equations , 1984, CRYPTO.

[98]  Virgil D. Gligor,et al.  On the Design and the Implementation of Secure Xenix Workstations , 1986, 1986 IEEE Symposium on Security and Privacy.

[99]  Yvo Desmedt,et al.  What Happened with Knapsack Cryptographic Schemes , 1988 .

[100]  C. E. SHANNON,et al.  A mathematical theory of communication , 1948, MOCO.

[101]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[102]  Larry Carter,et al.  New Hash Functions and Their Use in Authentication and Set Equality , 1981, J. Comput. Syst. Sci..

[103]  F. Mayer,et al.  Access meditation in a message passing kernel , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[104]  SchlöerJan Security of statistical databases , 1980 .

[105]  Ernest F. Brickell,et al.  Breaking Iterated Knapsacks , 1985, CRYPTO.

[106]  Gustavus J. Simmons,et al.  How to insure that data acquired to verify treaty compliance are trustworthy , 1988, Proc. IEEE.

[107]  Silvio Micali,et al.  Strong signature schemes , 1983, STOC '83.

[108]  Elwyn R. Berlekamp,et al.  On the inherent intractability of certain coding problems (Corresp.) , 1978, IEEE Trans. Inf. Theory.

[109]  Martin E. Hellman,et al.  Hiding information and signatures in trapdoor knapsacks , 1978, IEEE Trans. Inf. Theory.

[110]  R. R. Jueneman,et al.  A High Speed Manipulation Detection Code , 1986, CRYPTO.

[111]  Donald W. Davies,et al.  The average Cycle size of the Key-Stream in Output Feedback Encipherment , 1982, EUROCRYPT.

[112]  Joos Vandewalle,et al.  A critical analysis of the security of knapsack public-key algorithms , 1984, IEEE Trans. Inf. Theory.

[113]  E. Brickell,et al.  Cryptanalysis: a survey of recent results , 1988, Proc. IEEE.

[114]  David L. Wells,et al.  Database Security , 1978, IEEE Transactions on Software Engineering.

[115]  M. Greenlee Requirements for key management protocols in the wholesale financial services industry , 1985, IEEE Communications Magazine.

[116]  Manuel Blum,et al.  A Simple Unpredictable Pseudo-Random Number Generator , 1986, SIAM J. Comput..