INVITATION TO CYBERSECURITY 182 this happens, the cryptosystem should not have to be abandoned. Rather, it should be assumed up front that this is going to happen, and if and when it does, since the security of the cryptosystem does not depend on the secrecy of the cryptosystem, communications can proceed as usual. It is much more difficult to create a secure cryptosystem that the enemy has access to, but this is exactly what Kerckhoffs’s principle requires. In the examples above it is assumed the adversary not only has access to the encrypted messages, but also to the cryptosystem being used. The adversary can examine the cryptosystem to try and find weaknesses that could aid in the cryptanalysis of messages. The only thing the adversary does not have is the secret key. But because he has access to the decryption algorithm, he can attempt a brute-force key search attack to find the key. This is the reason why the keyspace must be large enough to make success improbable. In the case of public key cryptography, the adversary also has the key that was used to encrypt the message and can generate ciphertexts of his own with the key. This is known as a chosen-plaintext attack. Being able to encrypt plaintexts with the same algorithm and key that is used by the communicating parties makes forward search attacks possible. For this reason, the RSA cryptosystem adds random values to plaintexts as padding to make short messages secure against forward search attacks. 7.4.2 Schneier’s Law “Anyone, from the most clueless amateur to the best cryptographer, can create an algorithm that he himself can’t break. It’s not even hard. What is hard is creating an algorithm that no one else can break, even after years of analysis. And the only way to prove that is to subject the algorithm to years of analysis by the best cryptographers around.” - Bruce Schneier History demonstrates that it is difficult to create a secure cryptosystem. It seems inevitable that every cryptosystem, outside of the one-time pad, will eventually be broken. In fact, most will be broken quickly. Schneier’s law, proposed by cryptographer Bruce Schneier, states that anybody can create a cryptosystem that he himself cannot break. The trick of course is to create a cryptosystem that nobody else can break! Intellectual pride is the cryptographer’s downfall. Tempting both Kerckhoffs’s principle and Schneier’s law, many cryptographic algorithms have been designed and implemented in secret, hoping that the underlying algorithms would not be revealed. History has shown they are dissected and broken due to weaknesses soon discovered in their designs. Therefore, the best practice in modern cryptography is to publish the full details of a proposed cryptosystem before it is implemented so that it can be peer reviewed. Only after a lengthy and thorough review process, assuming no cracks in the design are found, should the system be considered secure enough to implement for real-world purposes. The most secure cryptosystems are the tried and true
RkJQdWJsaXNoZXIy MTM4ODY=