No system of cryptography, called a cryptosystem, can be considered absolutely unbreakable or beyond compromise. However improbable a successful attack might seem, there is always some facet of the cryptosystem that can be attacked and the history of cryptography is full of examples of cryptosystems that were once considered invincible, and yet people were able to break the security and compromise them.
Cryptographers are not omniscient
- They cannot design cryptosystems that are guaranteed to have no weaknesses or that are impervious to unforeseeable methods of attack.
- Cryptosystems must be implemented in the real world, so they are subject to real-world limitations and constraints.
Then
What are the objective of Modern Cryptosystems?
- The objective of modern cryptosystems is not to provide perfect or risk-free security but to protect information resources by making unauthorized acquisition of the information or tampering with the information more costly than the potential value that might be gained.
- Why????
- Because the value of information usually decreases over time
- good cryptography-based security protects information until its value is significantly less than the cost of illicit attempts to obtain or tamper with the information.
- Good cryptography, when properly implemented and used, makes attempts to violate security cost-prohibitive.
Many modern cryptosystems make it very difficult but not impossible for an attacker to determine the decoding key.
Even though the key might be eventually determined by a skilled decoder, given enough time and effort, cryptosystems can still provide ample security to protect valuable information.
By the time an attacker can feasibly determine the right decoding key, the cost of the attack would be much higher than the value of the information that is being protected by the key.
No comments:
Post a Comment