• Adam Adler

Adam Adler: CyberSecurity & Cryptography are tricky areas

Adam Adler (Miami, Florida): CyberSecurity is a tricky area, where intuition may often mislead as attacks often exploit subtle vulnerabilities, which our intuition fails to consider.

This makes this area challenging, and interesting; in particular, in this area, intuition is a dangerous guide, and careful, adversarial thinking is crucial. Indeed, for

such an applied, systems area, precise definitions, and proofs are surprisingly

important. In particular, in many areas of engineering, designs are evaluated

under typical, expected scenarios and failures.

When this approach is adopted to evaluate security solutions, the designers often evaluate the system under what they consider as expected adversarial attacks.

However, this is a mistake: security systems should be evaluated against arbitrary adversarial strategies, as much as possible. Of course, this does not mean that we should assume an omnipotent adversary, against whom every reasonable defense would fail; but our defenses should be designed assuming only limitations on the capabilities of the adversary, not on the adversarial strategy.

Cybersecurity and cryptography are vast, fascinating fields. The first volume

of the foundations of cybersecurity is an applied introduction to cryptography, introducing cybersecurity principles and approaches. The goal is to make

the text self-contained and limited to reasonable scope, yet provide sufficient

background in cryptography for cybersecurity practitioners.

Modern cryptology is not limited to encryption and the goal of confidentiality; it covers other threats and goals related to information and communication. This includes goals such as authenticity and integrity, which deal with the detection of tampering with information by the attacker (integrity), or with detection of impersonation by the attacker (authentication).

In particular, one of the most important mechanisms of modern cryptography, crucial to many of its applications and much of its impact, is the design of digital signature schemes.

There are two basic ways of protecting against attackers, prevention and


Prevention is a proactive approach: we design and implement the system

so that the attacker cannot cause damage (or can only cause reduced damage). Encryption is an example of a cryptographic means to prevent attacks, as it is usually used to prevent an attacker from disclosing sensitive information.

Deterrence is a reactive approach: we design mechanisms that will cause

damages to the attacker if she causes harm, or even when we detect an

attempt to cause harm. Effective deterrence requires the ability to detect

the attack, to attribute the attack to the attacker, and to penalize the attacker sufficiently. Furthermore, deterrence can only be effective against

a rational adversary; no penalty is guaranteed to suffice to deter an irrational adversary, e.g., a terrorist.

The use of digital signatures is one important deterrence mechanism. Signatures are used to deter attacks in several ways; in particular, a signature verified using the attacker’s well-known public key, over a given message, provides evidence that the

attacker signed that message. Such evidence can be used to punish or

penalize the attacker in different ways - an important deterrent.

Signatures may also be provided by users, as in reviews - to deter bad services

or products, to motivate the provision of good services and products, and

to allow users to choose a good service/product based on evaluations by

peer users.

Note that deterrence is only effective if the adversary is rational, and would

refrain from attacking if her expected profit (from attack) would be less than

the expected penalty.

An obvious challenge in designing and evaluating security is that we must

‘expect the unexpected’; attackers are bound to behave in unexpected ways.

As a result, it is critical to properly define the system and to identify and

analyze any risks. In practice, deployment of security mechanisms has costs,

and risk analysis would consider these costs against the risks, taking into account probabilities and costs of different attacks and their potential damages;

however, we do not consider these aspects, and only focus on ensuring specific

security goals against specific, expected kinds of attackers.



CONTACT US FOR DETAILS AT: info@digitalbankvault.com

Note that integrity/authenticity and availability are separate from confidentiality, and often do not involve encryption; however, they often involve other cryptographic mechanisms, such as digital signatures, as we discussed above.

Furthermore, note that these three goals are very broad, as they apply to most cybersecurity systems; when we study the security of any given system, we should first define specific security goals for that particular system, which will usually elaborate on these three high-level goals.

One of the fundamentals of modern cryptology, which already appears

in, is an attempt to understand and define a clear model of the attacker's

capabilities and clear goals/requirements for the scheme/system. We believe

that not only in cryptology but in general insecurity, the articulation of the

attack model and of the security requirements is fundamental to the design and

analysis of security. Indeed, we consider this the first principle of cybersecurity.

This principle applies also in areas of cybersecurity where it may not be feasible to have completed rigorous models and proofs. Yet, precise articulation of

the attacker model and capabilities, as well as the security requirements, is very

important, and helps identify and avoid vulnerabilities.

A well-articulated description of the attacker model and capabilities, and of

the security requirements and assumptions, is necessary to evaluate and ensure

security for arbitrary interactions with the adversary. The adversary is limited

in its capabilities, not in its strategy.

Design and evaluation of system security should include a clear, well-defined model of the attacker capabilities (attack model) and of the exact criteria for a system, function or algorithm to be considered secure vs. vulnerable (security requirements).

Encryption deals with protecting the confidentiality of sensitive information,

which we refer to as plaintext message m, by encoding (encrypting) it into

ciphertext c. The ciphertext c should hide the contents of m from the adversary,

yet allow recovery of the original information by legitimate parties, using a

decoding process called decryption. Encryption is one of the oldest applied

sciences; some basic encryption techniques were already used thousands of

years ago.

One result of the longevity of encryption is the use of different terms. The

cryptographic encoding operation is referred to as either encryption or encipherment, and the decoding operation is referred to as decryption or decipherment. Encryption schemes are often referred to as cryptosystems or as ciphers;

in particular, we will discuss two specific types of cryptosystems referred to as

block ciphers1 and stream ciphers. We use the terms ‘encryption scheme’ and

‘cryptosystem’ interchangeably.

Cryptology is one of the most ancient sciences. We begin our discussion of

encryption schemes by discussing a few ancient ciphers, and some simple variants.

An important property that one has to keep in mind is that the design of these

ciphers have usually kept a secret; even when using a published design, users

typically kept their choice secret.

Indeed, it is harder to cryptanalysis a scheme which is not even known; where we present the Kerckhoffs’ principle, which essentially says that the security of a cipher should not depend on the secrecy of its design.

Since the ancient ciphers were considered secret, some of the ancient designs

did not use secret keys at all. Besides the historical perspective, discussing these simple, ancient ciphers helps us introduce some of the basic ideas and challenges of cryptography and cryptanalysis.

The very ancient ciphers were mono-alphabetic substitution ciphers. Monoalphabtic substitution ciphers use a fixed mapping from each plaintext character

to a corresponding ciphertext character (or some other symbol). Namely, these

ciphers are stateless and deterministic and defined by a permutation from the

plaintext alphabet to a set of ciphertext characters or symbols.