Choosing Algorithms

Digital envelopes are more convenient when the contact between nodes is not interactive, such as email. One node can send a message to another without waiting for the other node to respond.

To thwart man-in-the-middle attacks, authentication by digital signatures should be built into any communication system.

Secret Sharing and Key Escrow

Also known as emergency access, secret sharing and key escrow both allow for recovery of keys by parties other than the owner. Without some form of emergency access, data that is encrypted using a session key that is itself protected by password- based encryption is inaccessible or even lost if the owner forgets the password or is unavailable.

To enable recovery using key escrow, you can encrypt all session keys with a security officer’s RSA public key. Any time access is required, the officer can decrypt the session key with the appropriate RSA private key. This method is the easiest to implement and execute. However, it requires trust in the security officer not to abuse this power, and it requires that a single individual be available.

With secret sharing, access can be split among several individuals, with reconstruction requiring a threshold number of shares. In this way, if one or more of the individuals are not available, it is still possible to recover the data. In addition, secret sharing contains some level of checks and balances: no one can recover data without at least one other individual knowing about it.

Elliptic Curve Algorithms

Elliptic curve cryptosystems have recently come into strong consideration, particularly by standards developers, as alternatives to established standard cryptosystems such as the RSA cryptosystem, Diffie-Hellman, and DSS. Elliptic curve cryptosystems have a number of interesting properties, which may make them appropriate tools for meeting security requirements in some cases, and not in others.

From a cryptographic perspective, the primary motivation for development of elliptic curve cryptosystems is that they are based on a different hard mathematical problem than established systems, and appear to have a reasonable expectation of security, without significant additional cost. In particular, in certain applications, elliptic curve cryptosystems can provide security where other systems currently do not fit. However, the range of applications where they make a significant difference is

C h a p t e r 3 C r y p t o g r a p h y

8 9

Page 111
Image 111
RSA Security 5.2.2 manual Secret Sharing and Key Escrow, Elliptic Curve Algorithms