Introduction: Investigation of Cryptography. Primary aims.
Narrative
The modern world of technology-mediated communication presents a wide range of threats for a safety of personal data within the Internet. Millions of people associate through the help of web services. Therefore, the information that is regularly thrown into the Internet space needs to be protected from an unauthorized usage.
Cryptography represents an efficient method of data securing. It establishes the rules of writing in secret codes, which serves as a solution for web interferences. Thus, in this paper I investigate the basics of cryptographic writing as well as evaluate the advantages and disadvantages of three working tools that are used by the experts in order to secure the information.
As an active Internet user, I am interested in my personal data being hidden from the outside intruders. It especially treats the financial operations that are regularly conducted by me through the web space. According to my personal experience, the financial transactions that are sustained through the Internet may be exposed to certain dangers.
For instance, some web services require its users to provide the confidential data like credit card passwords so that to accomplish transactions. Quite often, such techniques can be the subjects for Internet frauds. That is why, it is crucial to use cryptographic tools so that not to get into a trap of deceitful web systems.
Secondly, the matter is of special interest for millenials who spend much time spreading the information through social media. As a representative of Generation Y, I am involved into virtual interactions. Consequently, it is important for me to be aware of the safety of my personal messages. Therefore, a study of cryptographic tools contributes to the enhancement of Internet security standards.
Bridge
In this paper, I investigate three up-to-date cryptographic tools that assist the Internet users to secure their web communication. These are a blind coupon mechanism, a pseudo-random permutation and fuzzy commitment schemes. Such combination of security tools provides the users with an opportunity not only to guard the content of their messages, but to ensure that the information gets to a receiving side in its full and undamaged form.
Thus, a blind coupon mechanism allows the communicants to keep even the fact of a certain message transmission in secret. The second cryptographic tool that is reviewed in this work serves as a core method of encryption and decryption of messages by the communicators who own a common key. Finally, a study of commitment schemes helps me to show the way in which personal data becomes a binding element that ensures secure communication between two sides.
Therefore, a foundation of the Internet-mediated communication is predetermined by three elements: secure encoding, transmission and decoding of the message. The cryptographic tools that are reviewed in this qualitative research paper contribute to the establishment of such association.
The research is conducted through the creation of working communication models that are based upon the usage of three tools. As a result, I intend to reveal the advantages of the tools’ appliance as well as open up the perspectives of cryptography usage.
Major Findings: Evaluation of Cryptographic Models
Process Description
Since the aim of the research is to verify the cryptographic tools according to their initial prescriptions, I use the general grounded theory on the principles of the tools’ work so that to check their functioning.
Thus, a blind coupon mechanism is meant to hide the fact of message creation as well as transmit undetectable alerts about the possible intrusions to the communicants. Accordingly, the cryptographic tool has some peculiar features that determine its efficiency. Due to Aspnes, Diamadi, Gjosteen, Peralta, and Yampolskiy (2005), the tool provides security only if it ensures indistinguishability, unforgeability and blinding. Consequently, my primary aim in this paper is to prove that the tool complies with the characteristics and, thus, performs its main purpose.
According to Blundo, Masucci, Stinson, and Wei (2007), the major requirements that have to be satisfied by a fuzzy commitment scheme are binding and privacy. Therefore, I target the aforementioned qualities of the tool in this paper so that to test it and point out whether this model provides a full privacy for the communicators as well as stabilizes the content of a message.
Finally, the cryptographic tool of pseudo-random permutation possesses such parameters as sharing, multiplication and inferring. In this work, I present a model of communication that embraces definite steps and is based upon the mentioned peculiarities.
In the aftermath, I outline the reasons of successful functioning of three cryptographic tools as well as major principles of their work and emphasize the roles of these tools in the modern data security domain.
Major Findings
Every message that is generated within a virtual space is exposed to certain threats since the moment of its creation. Thus, a blind coupon mechanism is used to secure the data on the initial stages of its spreading.
To prove the compliance of blind coupon mechanisms with their defining attributes, I employed the working algorithm that was provided by a professor of Yale University, A. Yampolskiy, in his work (2006). Due to it, I built up a model of communication in which one can view the communicators who handle two types of coupons: dummy and signal coupons. In a sum, these coupons constitute a meaningful message that becomes a subject of a communication procedure.
Besides, in such a model, there should be an attacker who aims to intercept certain data. Thus, I found out that, according to the algorithm of the cryptographic tool, it will generate a number of abstract alerts that will be spread through the Internet in order to distract the potential attackers. The alerts are meant to resemble the actual messages so that to perplex the raiders. The advantage of the tool consists in a fact that the sources of the alerts are impossible to identify.
Therefore, on the basis of this model, I deduced that it corresponds to the initial parameters, since it provides indistinguishability (dummy and signal coupons can not be recognized), unforgeability (a message exists only in one variant, for the other variants serve as distractions) and blinding (an attacker can not distinguish a genuine message from the one imitated by a coupon).
The second tool that was investigated by me in this work is a threshold pseudo-random permutation tool. My aim in constructing the model on the basis of this tool was to prove that this cryptographic method ensures such security standards as multiplication, sharing and inferring.
Thus, I incorporated the pseudo-random system into the process of association between a sender and a receiver. The role of this tool in a procedure was to create a common key for the communicators as well as prescribe the rules of encoding and decoding to the participants. As a result, I found out that such model of communication creates a certain cryptographic scheme that keeps the private messages within certain limits.
Thus, it is impossible for the outside intruders to intercept the messages, since no one except for the creators of such messages can decipher them. Moreover, I concluded that the tool has an undeniable advantage, for it creates communication rounds that constitute a single protocol. Due to the principle of functioning of this protocol, the communicators have an opportunity to generate a wide range of messages with the help of a single encryption rule.
Consequently, in this work, I deduced that a pseudo-random permutation tool promotes sharing, since it generates a common key for the communicators, which precludes any external interference with the private data. Besides, the tool multiplies the messages that are created according to a common cryptographic system of encoding and decoding. Finally, a pseudo-random permutation tool ensures effective inferring, since it provides the guidelines, due to which the participants of a communication process can derive a content of a message.
A final step in this research was the construction of a communication model that was based upon a fuzzy commitment scheme. To satisfy the initial assumption about the parameters of this cryptographic tool, I needed to prove that it could guarantee correctness, binding and privacy.
While constructing a communication model, it was crucial to take into consideration the peculiarities of the cryptographic tool, especially the ones that contrast with the characteristics of traditional commitment schemes.
In their article, Juels and Wattenberg (2013) describe a fuzzy commitment scheme by comparing it to its counterpart: “in a conventional scheme, a commitment must be opened using a unique witness, which acts, essentially, as a decryption key. By contrast, our scheme is fuzzy in the sense that it accepts a witness that is close to the original encrypting witness in a suitable metric, but not necessarily identical” (p. 28).
Therefore, the communication model that was constructed by me included three participants: two communicators and a witness who served as a key. The act of communication that was sustained under such circumstances resembled a process of flipping a coin into a locked box.
The communicants could not change a message after they had committed to it. That is why the tool may be described as binding. Since, a fuzzy commitment scheme allows the usage of suppositional witnesses, the participants are not supposed to transmit the key, because they both own it. Thus, the message is private, for a key, which can decipher it, is not allocated into the outside space.
The tool may be primarily applied in the biometric authentication, in which the messages are usually exposed to external noises.
Conclusion: Cryptography as a Guarantee of Data Protection
In this work I investigated the modern cryptographic tools that were designed with an aim of data protection. According to my primary assumption, a message can be considered secure when it is not attacked at the stages of encryption, transmission and decryption.
Therefore, the cryptographic tools were verified against this requirement. With a purpose of clear illustration of the tools’ efficiency, I outlined a number of characteristics that are often prescribed to these tools by scientists and experts. Thus, it was my initial task to deduce whether all the tools preserve their parameters and comply with the principles of secure Internet communication.
In this work, I chose a construction of communication models as a primary method of research, since it illustrates a message transmission on the real-life basis.
In the aftermath of this study, I received the data that reiterated the initial theories that were used to describe the cryptographic tools. Thus, a blind coupon mechanism was proved to ensure unforgeability, blinding and indistinguishability, due to its unique system of multiple coupons that send false signals into the space so that to distract outside users. A pseudo-random permutation tool was confirmed to be the one promoting sharing, multiplication and inferring, since it possesses a faculty of creating the numerous rounds of message circulations without damaging the content.
Finally, the analysis of a fuzzy commitment scheme that was assumed to provide privacy and binding, revealed some absolute advantages of this tool. Due to the results of the research, this tool can create multiple witnesses that do not interfere with a content of private messages, but secure the processes of encryption and decryption from any possible outside intrusions.
Due to the consistent outcomes of the study, it has a wide range of perspectives and may be further elaborated. The conducted research, for instance, does not disclose the principles of the tools’ construction, which could serve as a material for future improvements of the communication systems. Besides, while investigating a fuzzy commitment scheme, I deduced that some experts consider this tool to be damaging for a correctness of transmitted data. That is why, in this work, I suggest the future research that can target a content of messages and analyze their completeness.
References
Aspnes, J., Diamadi, Z., Gjosteen, K., Peralta, R., & Yampolskiy, A. (2005). Spreading alerts quietly and the subgroup escape problem. Web.
Blundo, C., Masucci, B., Stinson, D., & Wei, R. (2007). Constructions and bounds for unconditionally secure non-interactive commitment schemes. Designs, Codes and Cryptography, 26(1), 97-110.
Juels, A., & Wattenberg, M. (2013). A fuzzy commitment scheme. ACM, 13(1), 28-36.
Yampolskiy, A. (2006). Efficient cryptographic tools for secure distributed computing (Doctoral thesis, Yale University, New Heaven, Connecticut).