So the Diffie-Hellman step from unlimited to limited computational powers has not been extended into a step from unlimited to limited logical or programming powers. The ongoing hackers' successes seem to justify this view. The attacker is not viewed as an omnipotent computer any more, but he is still construed as an omnipotent programmer. In fact, modern cryptography goes even further than Shannon or Kerckhoffs in tacitly assuming that if there is an algorithm that can break the system, then the attacker will surely find that algorithm.
The popular formulation, going back to Kerckhoffs, is that "there is no security by obscurity", meaning that the algorithms cannot be kept obscured from the attacker, and that security should only rely upon the secret keys. This view is still endorsed in cryptography. Shannon also sought security against the attacker with unlimited logical and observational powers, expressed through the maxim that "the enemy knows the system". This idea became one of the greatest new paradigms in computer science, and led to modern cryptography. Diffie and Hellman refined Shannon's attacker model by taking into account the fact that the real attackers are computationally limited. Shannon sought security against the attacker with unlimited computational powers: if an information source conveys some information, then Shannon's attacker will surely extract that information.
0 kommentar(er)
