Public-key Cryptography - Practical Considerations - Weaknesses


Of course, there is a possibility that someone could "pick" Bob's or Alice's lock. Among symmetric key encryption algorithms, only the one-time pad can be proven to be secure against any adversary - no matter how much computing power is available. However, there is no public-key scheme with this property, since all public-key schemes are susceptible to a "brute-force key search attack". Such attacks are impractical if the amount of computation needed to succeed - termed the "work factor" by Claude Shannon - is out of reach of all potential attackers. In many cases, the work factor can be increased by simply choosing a longer key. But other algorithms may have much lower work factors, making resistance to a brute-force attack irrelevant. Some special and specific algorithms have been developed to aid in attacking some public key encryption algorithms - both RSA and ElGamal encryption have known attacks that are much faster than the brute-force approach. These factors have changed dramatically in recent decades, both with the decreasing cost of computing power and with new mathematical discoveries.

In practice, these insecurities can be generally avoided by choosing key sizes large enough that the best-known attack algorithm would take so long to have a reasonable chance at successfully "breaking the code" that it is not worth any adversary's time and money to proceed with the attack. For example, if an estimate of how long it takes to break an encryption scheme is one thousand years, and it were used to encrypt details which are obsolete a few weeks after being sent, then this could be deemed a reasonable risk and trade-off.

Aside from the resistance to attack of a particular key pair, the security of the certification hierarchy must be considered when deploying public key systems. Some certificate authority - usually a purpose-built program running on a server computer - vouches for the identities assigned to specific private keys by producing a digital certificate. Public key digital certificates are typically valid for several years at a time, so the associated private keys must be held securely over that time. When a private key used for certificate creation higher in the PKI server hierarchy is compromised, or accidentally disclosed, then a "man-in-the-middle attack" is possible, making any subordinate certificate wholly insecure.

Major weaknesses have been found for several formerly promising asymmetric key algorithms. The 'knapsack packing' algorithm was recently found to be insecure after the development of new attack. Recently, some attacks based on careful measurements of the exact amount of time it takes known hardware to encrypt plain text have been used to simplify the search for likely decryption keys (see "side channel attack"). Thus, mere use of asymmetric key algorithms does not ensure security. A great deal of active research is currently underway to both discover, and to protect against, new attack algorithms.

Another potential security vulnerability in using asymmetric keys is the possibility of a "man-in-the-middle" attack, in which the communication of public keys is intercepted by a third party (the "man in the middle") and then modified to provide different public keys instead. Encrypted messages and responses must also be intercepted, decrypted, and re-encrypted by the attacker using the correct public keys for different communication segments, in all instances, so as to avoid suspicion. This attack may seem to be difficult to implement in practice, but it is not impossible when using insecure media (e.g. public networks, such as the Internet or wireless forms of communications) - for example, a malicious staff member at Alice or Bob's Internet Service Provider (ISP) might find it quite easy to carry out. In the earlier postal analogy, Alice would have to have a way to make sure that the lock on the returned packet really belongs to Bob before she removes her lock and sends the packet back. Otherwise, the lock could have been put on the packet by a corrupt postal worker pretending to be Bob, so as to fool Alice.

One approach to prevent such attacks involves the use of a certificate authority, a trusted third party responsible for verifying the identity of a user of the system. This authority issues a tamper-resistant, non-spoofable digital certificate for the participants. Such certificates are signed data blocks stating that this public key belongs to that person, company, or other entity. This approach also has its weaknesses - for example, the certificate authority issuing the certificate must be trusted to have properly checked the identity of the key-holder, must ensure the correctness of the public key when it issues a certificate, and must have made arrangements with all participants to check all their certificates before protected communications can begin. Web browsers, for instance, are supplied with a long list of "self-signed identity certificates" from PKI providers - these are used to check the bona fides of the certificate authority and then, in a second step, the certificates of potential communicators. An attacker who could subvert any single one of those certificate authorities into issuing a certificate for a bogus public key could then mount a "man-in-the-middle" attack as easily as if the certificate scheme were not used at all. Despite its theoretical and potential problems, this approach is widely used. Examples include SSL and its successor, TLS, which are commonly used to provide security for web browsers, for example, so that they might be used to securely send credit card details to an online store.

Read more about this topic:  Public-key Cryptography, Practical Considerations

Other articles related to "weaknesses":

Mk F3 155mm - Weaknesses
... Weaknesses to the Mk F3 design included a lack of nuclear-biological-chemical (NBC) protection for its crew ...
Strengths And Weaknesses Of Evolution - Educational and Scientific Value
... in public education While anti-evolution members of the Texas SBOE have claimed their "weaknesses" campaign has nothing to do with faith, that "We're not putting religion in books", scientists have ... in November 2008 that evolution is a scientific theory, not a hypothesis and thus does not have weaknesses ... are concerned that the mention of "weaknesses" in the curriculum standards has had a chilling effect on science teachers ...

Famous quotes containing the word weaknesses:

    A doctor, like anyone else who has to deal with human beings, each of them unique, cannot be a scientist; he is either, like the surgeon, a craftsman, or, like the physician and the psychologist, an artist.... This means that in order to be a good doctor a man must also have a good character, that is to say, whatever weaknesses and foibles he may have, he must love his fellow human beings in the concrete and desire their good before his own.
    —W.H. (Wystan Hugh)

    Delicious essence! how refreshing art thou to nature! how strongly are all its powers and all its weaknesses on thy side! how sweetly dost thou mix with the blood, and help it through the most difficult and tortuous passages to the heart!
    Laurence Sterne (1713–1768)

    One of the baffling things about life is that the purposes of institutions may be ideal, while their administration, dependent upon the faults and weaknesses of human beings, may be bad.
    Mary Barnett Gilson (1877–?)