The Biggest Challenge of Modern Cryptography Does not Get Any Press
Our modern advanced civilization is based on a credible assessment of integrity: be it the strength of elevator cables, the safety of drugs, or the air-worthiness of planes. And as cryptography evolves into becoming the new important pillar of modern cyber civilization, so does the requirement for its products to be credibly appraised for the purpose for which they are built.
The prevailing layman’s view is that “Of course, all those fanciful math products come with some mathematical proof that mathematicians understand”. And there is no corrective message coming from the experts to refute this erroneous assumption. It is conflation of interests that keeps this important issue out of the news.
Here is a summary of the problem: “Those that live by the math, die by the math”. Modern cryptography is based on mathematical constructs that erect a wall of complexity to keep out unintended readers of confidential information. And it works perfectly well against any data thief who is limited by the mathematical knowledge of the wall builder. Alas, further mathematical insight may render this purported complexity to embarrassing simplicity. If you read the small print in cryptographic texts, you find this caveat that whispers: “All bets are off, if the attacker is mathematically smarter.”
Dah! Cryptographic products that work only against dumb attackers, are not very interesting, are they?
Much as the Brits cracked the Zimmerman cable, and much as Alan Turing cracked the Enigma, so it goes on today. Well funded cryptanalytic labs defeat the mathematical complexity of working ciphers, keeping this feat out of the news, of course. In fact much as Churchill allowed hundreds of citizens to be killed by Nazi attacks just to hide from the Germans the fact that their code was cracked, so today, you will get no admission by anyone who spent a fortune cracking a cipher, to acknowledge that that cipher is cracked.
If you follow cryptographic news you read that routinely the National Institute of Science and Technology, (NIST), removes its recommendation from some cryptographic alogirhtms, and recommends new ones. Why is that? Does math go out of fashion, gets rusty? No — gets cracked. Alas, only if the academic community cracks a cipher does it get replaced. While the reality is that the lion share of cracking efforts happens behind closed curtains — no press, no replacement.
So that’s the way it is, isn’t it? We have to accept it — crypto is not credibly appraisable for its utility.
The good news is that there is a viable path to align cryptography with elevator cables, medical drugs, and aviation — all based on credible assessment of integrity.
Take for example the most basic and oldest cipher: replacing any letter of a given alphabet with a unique string of bits. Any plaintext can then be written as a long string of bits where the intended reader will replace the bit strings with the letters for which they stand. Nobody uses this simple cipher anymore. Why? Because every cryptographic textbook will show that for a sufficiently long text this cipher can be clearly and unequivocally cracked. This is indeed the case. But what is overlooked and of great importance here is that the chance to crack this basic substitution cipher is readily calculated based only on three parameters: the number of letters in the alphabet, the number of bits that represent each letter, and the number of letters in the plaintext. Using these three parameters both the user and his attacker can apply common combinatorics, to arrive at a very credible appraisal of the chance to crack that cipher. Because its security is based on robust probability — there is no risk for some fanciful math knowledge known only to the attacker — the appraised security comes with solid credibility — no caveats!
But what good is that credible appraisal if the security is poor? Good question. We asked it too, and we answered: let’s take this credibly appraised substitution cipher and evolve it to a more robust — still credibly appraised — cipher. That’s exactly what we did. We can share it with you, just ask: [gideon@BitMint.com].
The point of this blog is one: we, cryptographers, need to share with the public the truth about the lack of credible assessment of efficacy for any and all our common ciphers (when we consider, as we must, a sufficiently smart adversary). But this is a fixable problem. And fix it we will.