Blurry Box Encryption Scheme and Why it Matters to Industrial IoT
standards while safeguarding digital intellectual property against counterfeiting and reverse engineering.
The impact on smart factories would be particularly dramatic. Sensitive data can include production data in many forms and sizes, such as 3D blueprints or punch schemes for embroidery machines, or the technology data or configurations used in manufacturing processes. This invaluable data needs to be protected against know-how theft, counterfeiting, and tampering, otherwise software-as-a-service will easily degrade into piracy-as-a-service. Applying Kerckhoffs’ Principle would provide encryption methods associated with hardware anchors of trust and ensure IP confidentiality and the integrity and authenticity of digital signatures.
2.2 MODERN CRYPTOGRAPHY
Today, cryptography is based on a systematic approach of defining and proving security properties of systems. Two steps are needed to define a system’ s security:
1. The security property has to be described precisely, and 2. There must be as few restrictions placed on the attacker as possible.
For example, it is not safe to assume that the attacker only has access to encrypted ciphertext. Instead, he might have pairs of ciphertext and plaintext. This is called a known-plaintext attack. Even less restrictive is the assumption that the attacker can choose either ciphertexts or plaintexts and learn the corresponding counterpart by, for example, interacting with its sender or receiver. A well-known example is the Enigma machine, which violated Kerckhoffs’ Principle. The internal wiring of the rotors was the secret. Only few rotors were used, and breaking Enigma became feasible after capturing one machine. Furthermore, the cryptanalysts at Bletchley Park broke Enigma with a known-plaintext attack because they were able to guess message parts correctly. This was not disclosed to the public until 1974. Throughout the war, the Germans were confident that Enigma had not been broken.
Today’ s cryptography is not only about keeping messages private. The field has broadened its purview. A major step in this direction was the introduction of public key cryptography. This is a different kind of message encryption, where different keys are used for encryption and decryption. Several other primitive approaches such as digital signatures, key exchanges, and commitment schemes have been designed and are used in more complex systems, such as voting schemes, online banking, crypto currencies or general secure multi-party computation.
2.3 PROVABLE SECURITY
For many schemes using algebraic structures, such as public key encryption and digital signatures, security is not mere conjecture, but proven mathematically. This is not absolute proof of security, but it is based on a problem that is considered hard to solve. Finding the prime factors of a large number is one such problem, used for example in the Rabin and the well-known, closely related
IIC Journal of Innovation- 7-