Adam Adler: CyberSecurity & Cryptography are tricky areas
Adam Adler (Miami, Florida): CyberSecurity is a tricky area, where intuition may often mislead as attacks often exploit subtle vulnerabilities, which our intuition fails to consider.
This makes this area challenging, and interesting; in particular, in this area, intuition is a dangerous guide, and careful, adversarial thinking is crucial. Indeed, for
such an applied, systems area, precise definitions, and proofs are surprisingly
important. In particular, in many areas of engineering, designs are evaluated
under typical, expected scenarios and failures.
When this approach is adopted to evaluate security solutions, the designers often evaluate the system under what they consider as expected adversarial attacks.
However, this is a mistake: security systems should be evaluated against arbitrary adversarial strategies, as much as possible. Of course, this does not mean that we should assume an omnipotent adversary, against whom every reasonable defense would fail; but our defenses should be designed assuming only limitations on the capabilities of the adversary, not on the adversarial strategy.
Cybersecurity and cryptography are vast, fascinating fields. The first volume
of the foundations of cybersecurity is an applied introduction to cryptography, introducing cybersecurity principles and approaches. The goal is to make
the text self-contained and limited to reasonable scope, yet provide sufficient
background in cryptography for cybersecurity practitioners.
Modern cryptology is not limited to encryption and the goal of confidentiality; it covers other threats and goals related to information and communication. This includes goals such as authenticity and integrity, which deal with the detection of tampering with information by the attacker (integrity), or with detection of impersonation by the attacker (authentication).
In particular, one of the most important mechanisms of modern cryptography, crucial to many of its applications and much of its impact, is the design of digital signature schemes.
There are two basic ways of protecting against attackers, prevention and
Prevention is a proactive approach: we design and implement the system
so that the attacker cannot cause damage (or can only cause reduced damage). Encryption is an example of a cryptographic means to prevent attacks, as it is usually used to prevent an attacker from disclosing sensitive information.
Deterrence is a reactive approach: we design mechanisms that will cause
damages to the attacker if she causes harm, or even when we detect an
attempt to cause harm. Effective deterrence requires the ability to detect
the attack, to attribute the attack to the attacker, and to penalize the attacker sufficiently. Furthermore, deterrence can only be effective against
a rational adversary; no penalty is guaranteed to suffice to deter an irrational adversary, e.g., a terrorist.
The use of digital signatures is one important deterrence mechanism. Signatures are used to deter attacks in several ways; in particular, a signature verified using the attacker’s well-known public key, over a given message, provides evidence that the
attacker signed that message. Such evidence can be used to punish or
penalize the attacker in different ways - an important deterrent.
Signatures may also be provided by users, as in reviews - to deter bad services
or products, to motivate the provision of good services and products, and
to allow users to choose a good service/product based on evaluations by
Note that deterrence is only effective if the adversary is rational, and would
refrain from attacking if her expected profit (from attack) would be less than
the expected penalty.
An obvious challenge in designing and evaluating security is that we must
‘expect the unexpected’; attackers are bound to behave in unexpected ways.
As a result, it is critical to properly define the system and to identify and
analyze any risks. In practice, deployment of security mechanisms has costs,
and risk analysis would consider these costs against the risks, taking into account probabilities and costs of different attacks and their potential damages;
however, we do not consider these aspects, and only focus on ensuring specific
security goals against specific, expected kinds of attackers.
CONTACT US FOR DETAILS AT: firstname.lastname@example.org
Note that integrity/authenticity and availability are separate from confidentiality, and often do not involve encryption; however, they often involve other cryptographic mechanisms, such as digital signatures, as we discussed above.
Furthermore, note that these three goals are very broad, as they apply to most cybersecurity systems; when we study the security of any given system, we should first define specific security goals for that particular system, which will usually elaborate on these three high-level goals.
One of the fundamentals of modern cryptology, which already appears
in, is an attempt to understand and define a clear model of the attacker's
capabilities and clear goals/requirements for the scheme/system. We believe
that not only in cryptology but in general insecurity, the articulation of the
attack model and of the security requirements is fundamental to the design and
analysis of security. Indeed, we consider this the first principle of cybersecurity.
This principle applies also in areas of cybersecurity where it may not be feasible to have completed rigorous models and proofs. Yet, precise articulation of
the attacker model and capabilities, as well as the security requirements, is very
important, and helps identify and avoid vulnerabilities.
A well-articulated description of the attacker model and capabilities, and of
the security requirements and assumptions, is necessary to evaluate and ensure
security for arbitrary interactions with the adversary. The adversary is limited
in its capabilities, not in its strategy.
Design and evaluation of system security should include a clear, well-defined model of the attacker capabilities (attack model) and of the exact criteria for a system, function or algorithm to be considered secure vs. vulnerable (security requirements).
Encryption deals with protecting the confidentiality of sensitive information,
which we refer to as plaintext message m, by encoding (encrypting) it into
ciphertext c. The ciphertext c should hide the contents of m from the adversary,
yet allow recovery of the original information by legitimate parties, using a
decoding process called decryption. Encryption is one of the oldest applied
sciences; some basic encryption techniques were already used thousands of
One result of the longevity of encryption is the use of different terms. The
cryptographic encoding operation is referred to as either encryption or encipherment, and the decoding operation is referred to as decryption or decipherment. Encryption schemes are often referred to as cryptosystems or as ciphers;
in particular, we will discuss two specific types of cryptosystems referred to as
block ciphers1 and stream ciphers. We use the terms ‘encryption scheme’ and
Cryptology is one of the most ancient sciences. We begin our discussion of
encryption schemes by discussing a few ancient ciphers, and some simple variants.
An important property that one has to keep in mind is that the design of these
ciphers have usually kept a secret; even when using a published design, users
typically kept their choice secret.
Indeed, it is harder to cryptanalysis a scheme which is not even known; where we present the Kerckhoffs’ principle, which essentially says that the security of a cipher should not depend on the secrecy of its design.
Since the ancient ciphers were considered secret, some of the ancient designs
did not use secret keys at all. Besides the historical perspective, discussing these simple, ancient ciphers helps us introduce some of the basic ideas and challenges of cryptography and cryptanalysis.
The very ancient ciphers were mono-alphabetic substitution ciphers. Monoalphabtic substitution ciphers use a fixed mapping from each plaintext character
to a corresponding ciphertext character (or some other symbol). Namely, these
ciphers are stateless and deterministic and defined by a permutation from the
plaintext alphabet to a set of ciphertext characters or symbols.