(Note: The following write-up was provided to a group of people who
wanted to present some "traditional" knowledge in the hope that it
would be useful for modern encryption techniques.)
The purpose of encryption is that information be communicated from
one person to another without a third party being able to extract or
modify the transmission. Moreover, this transmission should be almost
as efficient as un-encrypted transmission.
The method of encryption chosen should be sufficiently flexible that
a re-design of the entire mechanism not be required each time
security is breached or alliances changed. Moreover, encryption of
messages may also be desired in multi-person interactions (such as
banks or financial transactions) where employing different methods
with each party would be impractical.
It is with the above considerations in mind that the existing paradigm,
which is broadly summarised below, has been arrived at.
Encryption is carried out using an algorithm that is well-known. There are
two parameters to the algorithm---the message itself and a key. (Usually
the algorithms are run on a digital computer). Decryption is also
carried out by an algorithm; this one takes the transmission and a key
as input and produces a message on its output. The broad division of
encryption and decryption is into the symmetric (both use the same key)
and asymmetric (they use different keys) types. In both cases any person
who has the encrypting key can generate transmissions and one who has
the decrypting key can convert the transmissions into messages.
The use of symmetric encryption alone is considered inherently weaker for
the following reasons. In the case of a security breach some method for
exchange of new keys must be found. In a multi-person situation each pair
of communicating individuals must exchange keys in a secure manner.
On the positive side, known methods of symmetric encryption are quite
quick as compared with the known methods of asymmetric encryption.
Asymmetric encryption is used in multi-person situations along with a
method known as public-key encryption. In this method the encrypting key
is made public and the decrypting key is kept private. Authentication is
achieved through the encrypter additionally "signing" the message using
the encrypter's decryption key. This can be done because the encryption
and decryption algorithms are the same.
However, all known methods of public-key encryption involve large numbers
(of the order of 300 or more digits) and are too slow for rapid exchange
of messages. Thus, public-key encryption is usually used as a base to
exchange keys for a symmetric key method. The latter method is employed
for a duration (which is too short for successful cryptanalysis) after
which a new exchange of keys takes place.
Common traps that need to be avoided in proposed methods of
encryption:
1. Security through obscurity. The security of the algorithm should
not depend on the algorithm being known only to the relevant parties
as the number of parties with access to the algorithm increases
exponentially with the importance of the activity.
2. Security through complexity. A complex method is not necessarily
secure. A simple method that is provably secure is always to be
preferred over one that is complex but not decidably secure or
insecure.
3. Security through intricacy. A method that involves a lot of
calculations to implement a symmetric encryption method is not of much
use since such methods have to be fast in order to be used within the
existing paradigm.
It is, in principle, possible to work outside the above paradigm if what
is proposed has sufficient promise. However, such a method will need
a lot of testing before it can be accepted for use. Even public-key
methods became commonly accepted almost thirty years after their
initial discovery. Moreover, there are a lot of efforts on to enhance
and improve the strength and usability of public-key systems. These
cannot be abandoned until an alternative paradigm is fully tested.
Finally, encryption is important enough that no considerations other
than mathematical analysis be used to determine the usefulness of the
methods employed. Thus, the question of origin, historical, oracular
or other authority, is of no interest in determining the validity of
the claims.