Secure channel
Encyclopedia
In cryptography
Cryptography
Cryptography is the practice and study of techniques for secure communication in the presence of third parties...

, a secure channel is a way of transferring data that is resistant to interception and tampering.
A confidential channel is a way of transferring data that is resistant to interception, but not necessarily resistant to tampering.
An authentic channel is a way of transferring data that is resistant to tampering but not necessarily resistant to interception.

Secure channels in the real world

There are no perfectly secure channels in the real world. There are, at best, only ways to make insecure channels (eg, couriers, homing pigeon
Homing pigeon
The homing pigeon is a variety of domestic pigeon derived from the Rock Pigeon selectively bred to find its way home over extremely long distances. The wild rock pigeon has an innate homing ability, meaning that it will generally return to its own nest and its own mate...

s, diplomatic bag
Diplomatic bag
A diplomatic bag, also known as a diplomatic pouch is a kind of receptacle used by diplomatic missions. The physical concept of a "diplomatic bag" is flexible and therefore can take many forms e.g. an envelope, parcel, large suitcase or shipping container, etc...

s, etc) less insecure: padlock
Padlock
Padlocks are portable locks used to protect against theft, vandalism, sabotage, unauthorized use, and harm. They are designed to protect against some degree of forced and surreptitious entry.- History :...

s (between courier wrists and a briefcase), loyalty tests, security investigations, and guns for courier personnel, diplomatic immunity
Diplomatic immunity
Diplomatic immunity is a form of legal immunity and a policy held between governments that ensures that diplomats are given safe passage and are considered not susceptible to lawsuit or prosecution under the host country's laws...

 for diplomatic bags, and so forth.

In 1976, two researchers proposed a key exchange technique (now named after them) — Diffie–Hellman key exchange (D-H). This protocol allows two parties to generate a key
Key (cryptography)
In cryptography, a key is a piece of information that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would produce no useful result. In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa...

 only known to them, under the assumption that a certain mathematical problem (eg, the Diffie–Hellman problem in their proposal) is computationally infeasible (ie, very very hard) to solve, and that the two parties have access to an authentic channel. In short, that an eavesdropper—conventionally termed 'Eve', who can listen to all messages exchanged by the two parties, but who can not modify the messages—will not learn the exchanged key. Such a key exchange was impossible with any previously known cryptographic schemes based on symmetric ciphers, because with these schemes it is necessary that the two parties exchange a secret key at some prior time, hence they require a confidential channel at that time which is just what we are attempting to build.

It is important to note that most cryptographic techniques are trivially breakable if keys are not exchanged securely or, if they actually were so exchanged, if those keys become known in some other way — burglary or extortion, for instance. An actually secure channel will not be required if an insecure channel can be used to securely exchange keys, and if burglary, bribery, or threat aren't used. The eternal problem has been and of course remains — even with modern key exchange protocols — how to know when an insecure channel worked securely (or alternatively, and perhaps more importantly, when it did not), and whether anyone has actually been bribed or threatened or simply lost a notebook (or a notebook computer) with key information in it. These are hard problems in the real world and no solutions are known — only expedients, jury rig
Jury rig
Jury rigging refers to makeshift repairs or temporary contrivances, made with only the tools and materials that happen to be on hand. Originally a nautical term, on sailing ships a jury rig is a replacement mast and yards improvised in case of damage or loss of the original mast.-Etymology:The...

s, and workaround
Workaround
A workaround is a bypass of a recognized problem in a system. A workaround is typically a temporary fix that implies that a genuine solution to the problem is needed...

s.

Future possibilities

Researchers have proposed, and actually demonstrated in real circumstances quantum cryptography
Quantum cryptography
Quantum key distribution uses quantum mechanics to guarantee secure communication. It enables two parties to produce a shared random secret key known only to them, which can then be used to encrypt and decrypt messages...

 in order to create a secure channel. There is at least one commercial company offering a product embodying it. One aspect of quantum cryptography is absolutely secure data exchange, that is guaranteed (if we understand the physics correctly, and most everyone thinks we do in this case) exchange of uneavesdroppable, non-interceptable, non-tamperable, data. The mechanism is related to quantum uncertainty (the uncertainty relation
Uncertainty principle
In quantum mechanics, the Heisenberg uncertainty principle states a fundamental limit on the accuracy with which certain pairs of physical properties of a particle, such as position and momentum, can be simultaneously known...

).

It is not now clear whether the special conditions under which it can be made to work are practical in the real world of noise, dirt, and imperfection in which most everything is required to function. Thus far, actual implementation of the technique is exquisitely finicky and expensive, limiting it to very special purpose applications indeed. It may also be vulnerable to attacks specific to particular implementations and imperfections in the optical components of which the quantum cryptographic equipment is built. While implementations of classical cryptographic algorithms have received worldwide scrutiny over the years, only a limited amount of public research has been done to assess security of the present-day implementations of quantum cryptosystems (mostly because they are not in widespread use now).

Modeling a secure channel

Security definition for a secure channel try to model its properties independently from its concrete instantiation. A good understanding of these properties is needed before designing a secure channel, and before being able to assess its appropriateness of employment in a cryptographic protocol. This is a topic of provable security
Provable security
In cryptography, a system has provable security if its security requirements can be stated formally in an adversarial model, as opposed to heuristically, with clear assumptions that the adversary has access to the system as well as enough computational resources...

. A definition of a secure channel that remains secure, even when used in arbitrary cryptographic protocols is an important building block for universally composable
Universal composability
The framework of Universal Composability is a general-purpose model for the analysis of cryptographic protocols. It guarantees very strong security properties. Protocols remain secure even if arbitrarily composed with other instances of the same or other protocols. Security is defined in the...

 cryptography.

A universally composable authenticated channel can be built using digital signatures and a public key infrastructure
Public key infrastructure
Public Key Infrastructure is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates. In cryptography, a PKI is an arrangement that binds public keys with respective user identities by means of a certificate...

.

Universally composable confidential channels are known to exist under computational hardness assumptions
Computational hardness assumptions
In cryptography, a major goal is to create cryptographic primitives with provable security. In some cases cryptographic protocols are found to have information theoretic security, the one-time pad is a common example. In many cases, information theoretic security cannot be achieved, and in such...

 based on hybrid encryption and a public key infrastructure
Public key infrastructure
Public Key Infrastructure is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates. In cryptography, a PKI is an arrangement that binds public keys with respective user identities by means of a certificate...

.
The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
 
x
OK