Securing a computer system is always a battle of wits: the adversary tries to locate holes to sneak in, whereas the protector tries to cl ose them. Transmitting messages through a publicly accessible medium whilst having the content concealed from the adversary’s eyes is traditionally accomplished using mathematical transformatio ns. These are practically irreversible, unless some additional information – called the key – is available, making the secret accessible for the legitimate holder(s) of the key. Ever since the concept of perfect secrecy has rigorously been formalized by Shannon (1949), it has been known that unbreakable security is bought at the cost of keys that equal the message in terms of length. In addition, the key is required to be random and must be discarded immediately after usage. This pushed the concept of unconditional security out of reach for implementation in computer networks (though diplomatic and military applications existed), until 1984, where the idea of quantum cryptography was born by Bennett & Brassard (1984). The unique feature of this novel type communication is its usage of information carriers other than electrical pulses. By encoding bits in the polarization plane of single photons, the information becomes essentially not cloneable, as Wootters & Zurek (1982) have shown, and any attempt can be detected. This rendered the one-time pad practical in real-life electronic networks and unconditional security no longer needed to remain a dream. Classical cryptography widely relies on unprov en conjectures regarding the difficulty of solving computational problems. The field of public key cryptography draws its power from the infeasibility of reverting simple algebraic operations within large finite groups, but no proof has yet been discovered that rules out the existence of efficient algorithms to solve those problems. The sole indicator of security is thus the absence of any publication proving the assumptions wrong. But there is yet no othe r indication than pure hope for this to be true. Symmetric techniques, although conceptually different, come with no better arguments to support their security. Although these may lack much of the structure that public key systems enjoy and are thus harder to analyze, a rigorous proof of security or mathematical framework for proving security is also not available. In this work, we attempt taking a step towards providing a rigorous and easy-to-use decision-theoretic framework for proving security. Results are formulated with applications to quantum networks, but we emphasize that the framework is in no way limited to these.
[1]
Stefan Rass.
On Information-Theoretic Security - Contemporary Problems and Solutions
,
2009
.
[2]
S. Jajodia,et al.
Chapter 5 TOPOLOGICAL ANALYSIS OF NETWORK ATTACK VULNERABILITY
,
2003
.
[3]
Peter Schartner,et al.
Game-Theoretic Security Analysis of Quantum Networks
,
2009,
2009 Third International Conference on Quantum, Nano and Micro Technologies.
[4]
Matthias Fitzi,et al.
Towards Optimal and Efficient Perfectly Secure Message Transmission
,
2007,
TCC.
[5]
Peter Schartner,et al.
Security in Quantum Networks as an Optimization Problem
,
2009,
2009 International Conference on Availability, Reliability and Security.
[6]
Hu Hanping,et al.
Network security transmission based on bimatrix game theory
,
2008,
Wuhan University Journal of Natural Sciences.
[7]
Ruth Breu,et al.
An Empirically Derived Loss Taxonomy Based on Publicly Known Security Incidents
,
2009,
2009 International Conference on Availability, Reliability and Security.
[8]
H. Weinfurter,et al.
Experimental Demonstration of Free-Space Decoy-State Quantum Key Distribution over 144 km
,
2007,
2007 European Conference on Lasers and Electro-Optics and the International Quantum Electronics Conference.
[9]
Volker Hammer.
Die 2. Dimension der IT-Sicherheit
,
1999
.
[10]
W. Wootters,et al.
A single quantum cannot be cloned
,
1982,
Nature.
[11]
Gary Chartrand,et al.
Introduction to Graph Theory
,
2004
.
[12]
Lo,et al.
Unconditional security of quantum key distribution over arbitrarily long distances
,
1999,
Science.
[13]
R. J. McEliece,et al.
On sharing secrets and Reed-Solomon codes
,
1981,
CACM.
[14]
K. Srinathan,et al.
On perfectly secure communication over arbitrary networks
,
2002,
PODC '02.
[15]
Siv Hilde Houmb,et al.
Estimating ToE Risk Level Using CVSS
,
2009,
2009 International Conference on Availability, Reliability and Security.
[16]
Claude E. Shannon,et al.
Communication theory of secrecy systems
,
1949,
Bell Syst. Tech. J..
[17]
Walter Schlee.
Einführung in die Spieltheorie
,
2004
.
[18]
Paul G. Spirakis,et al.
Internet and Network Economics, Second International Workshop, WINE 2006, Patras, Greece, December 15-17, 2006, Proceedings
,
2006,
WINE.
[19]
Yongge Wang,et al.
Perfectly Secure Message Transmission Revisited
,
2008,
IEEE Trans. Inf. Theory.