Английская Википедия:Horton principle

Материал из Онлайн справочника
Перейти к навигацииПерейти к поиску

Шаблон:Short description The Horton principle is a design rule for cryptographic systems and can be expressed as "Authenticate what is being meant, not what is being said"[1] or "mean what you sign and sign what you mean" not merely the encrypted version of what was meant.[2] The principle is named after the title character in the Dr. Seuss children's book Horton Hatches the Egg.[1][3]

Utility

The Horton principle becomes important when using message authentication codes (or MACs) in a cryptographic system. Suppose Alice wants to send a message to Bob, and she uses a MAC to authenticate a message m that was made by concatenating three data fields, where m := a || b || c. Bob needs to know what rules Alice used to create the message in order to split m back into its components, but if he uses the wrong rules then he will get the wrong values from an authenticated message. When applied in this case, the Horton principle works by authenticating the meaning instead of the message.[4] For instance, MAC clears not only the communication but also the information that Bob used in parsing such message into its meaning.[4] The meaning, however, also depends on the decryption key used and that the authentication must be applied to the plaintext instead of the ciphertext.[5]

Problems

The problem is that the MAC is only authenticating a string of bytes, while Alice and Bob need to authenticate the way the message was constructed as well. If not, then it may be possible for an attacker to substitute a message with a valid MAC but a different meaning.

Systems can manage this problem by adding metadata such as a protocol number or by formatting messages with an explicit structure, such as XML.

References

Шаблон:Reflist

Шаблон:Crypto-stub

  1. 1,0 1,1 Ferguson, N., Schneier, B. (2003). Practical Cryptography, p. 109, Indianapolis, Indiana: Wiley Publishing, Inc.
  2. Шаблон:Cite book
  3. Wagner, David; Schneier, Bruce (April 15, 1997). "Analysis of the SSL 3.0 Protocol". schneier.com.
  4. 4,0 4,1 Шаблон:Cite book
  5. Шаблон:Cite book