Cryptosystem is a suite of algorithms that describe particular security service, in most cases used for achieving confidentiality. Typically this is set of three algorithms: key generation, encryption function and decryption function.
Mathematically it can be described as tuple
(P, C, K, E, D), where:
Pis a set called "plaintext space"
Cis a set called "ciphertext space"
Kis a set called "key space"
Eis a set of functions
e :: k -> p -> ccalled "encryption functions"
Dis a set of functions
d :: k -> c -> pcalled "decryption functions"
ke ∈ K there is
kd ∈ K such that
d(kd, e(ke, p)) = p. If
kd = ke then we call
that "symmetric cipher" otherwise we call it "asymmetric cipher".
In practise we use "asymmetric ciphers" for which computing
ke is computationally
hard or impossible.
A cryptosystem should be secure even if everything about the system, except the key, is public knowledge.
This is basic law for moder cryptography. Unfortunately many of people understand this as "keeping cryptosystem hidden is bad". That is big misunderstanding of what that principle states. It is nothing bad to keep cryptosystem in secret, it is yet another obstacle to overcome by eavesdropper, just don't rely on secrecy.
|Symmetric||Factoring Modulus||Discrete Logarithm||Elliptic Curves|
|Security Level||Security (bits)||Protection||Comment|
|1.||32||Attacks in "real-time" by individuals||Only acceptable for auth. tag size|
|2.||64||Very short-term protection against small organizations||Should not be used for confidentiality in new systems|
|3.||72||Short-term protection against medium organizations, mediumterm protection against small organizations|
|4.||80||Very short-term protection against agencies, long-term prot. against small organizations||Smallest general-purpose level, <= 4 years protection|
|5.||96||Legacy standard level||2-key 3DES restricted to ~10^6 plaintext/ciphertexts, ~10 years protection|
|6.||112||Medium-term protection||~20 years protection|
|7.||128||Long-term protection||Good, generic application-indep. recommendation, ~30 years protection|
|8.||256||"Foreseeable future"||Good protection against quantum computers unless Shor's algorithm applies|
We recommend at least 128-bit security for general purpose.