What is the function of key secrecy and algorithm secrecy in security? 

Algorithm Secrecy is explained as follows:

‘Algorithm secrecy’ is a method of keeping an algorithm secret from unauthorized users. A concept which is based on the secrecy of the algorithm is frequently referred to as secrecy through obscurity, which gives us security by hiding the data in the obscure location. But, the system using this concept might suffer from number of security vulnerabilities. The disadvantage of using algorithm secrecy is that it is not easy to maintain the secrecy of the system because when algorithms  are  known  by the  unauthorized  users,  an  totally  new  secret  algorithm  is  to  be developed for performing the encryption and decryption of cipher text. Additionally to algorithms, it would be essential to change keys as well.

Key Secrecy is explained below:

In cryptography, a key refers to a small piece of information with which the functional result of the cryptographic algorithm is recognized. When a key is not used, the algorithm will not create any result. In encryption, a key is used to transform the plaintext into cipher text or vice versa in case of decryption. Several cryptographic algorithms such as message authentication codes and digital signature schemes use key for purpose of security. “Key” security can be simply managed when compared to “encryption algorithm” protection. Though, the length of the key should be as long as possible so as to give us a strong security.

When the key is known by the unauthorized users, it can be simply changed. Therefore, the security of an encryption system mainly depends on a certain key, which is being kept secret.

`Practically, it is hard to provide key secrecy in cryptography. For example, when an attacker attains the key, the original message can be retrieved from encrypted data.

Encryption algorithms which make use a similar key for performing encryption and decryption both is referred to as symmetric key algorithms.  The other public key cryptographic algorithms which make use of two different keys for encryption and decryption are called as asymmetric key algorithms. In asymmetric key algorithms, one key is made public, and the other is kept private. Thus, it is extremely complicated for the unauthorized users to determine the private key even if the corresponding public key is known. A user of public key technology keeps the private key secret and discloses public key so that anybody can send them an encrypted message.

Posted Date: 7/20/2012 6:04:57 AM | Location : United States

Ask an Expert

Related Discussions:- Function of key secrecy and algorithm secrecy in security, Assignment Help, Ask Question on Function of key secrecy and algorithm secrecy in security, Get Answer, Expert's Help, Function of key secrecy and algorithm secrecy in security Discussions

Write discussion on Function of key secrecy and algorithm secrecy in security
Your posts are moderated

Write your message here..

Related Questions

Md Fayzul karim, How can I get help for Linux automotion configuration (... How can I get help for Linux automotion configuration (Network, virtualization, security and Firewal etc) with bash scrip. What is the charge for.

TCP/IP v OSI, What are the main differences between TCP/IP vs OSI? What are the main differences between TCP/IP vs OSI?

The Security Systems Development Life Cycle (SecSDLCtle.., #Under what circ... #Under what circumstances would the use of a SecSDLC be more appropriate than an SDLC?

Ucsf medical center case study-information security, Example : UCSF Medical... Example : UCSF Medical Center In the year 2002, the University of California, San Francisco (UCSF) Medical Center received an email message from someone who claimed to be a doct

TCP Congestion Control ., Explain TCP congestion control. Explain TCP congestion control.

Explain the schemes for distribution of public keys, (a) What is a pseudora... (a) What is a pseudorandom generator? Give an example describing how it works. (b) Explain the key components of a wireless network and their purpose. (c) Describe the authen

Social network development in java , Social Network development in Java: ... Social Network development in Java: Project Title: SUGGESTLOCAL (Nov 2006-April 2007) Role             : Developer Domain        : Social Network Client          :

Security clearances-information security, Security Clearances For a secu... Security Clearances For a security clearance in organizations each data user should be assigned a single level of authorization indicating classification level. Before approachi

Fragmentation, FRAGMENTATION One method is to limit datagram size to s... FRAGMENTATION One method is to limit datagram size to smallest MTU of any server. IP needs fragmentation i.e. datagrams can be divided into pieces to fit in network with small

Ipv6 datagram format, IPV6 DATAGRAM FORMAT It is given in the figure b... IPV6 DATAGRAM FORMAT It is given in the figure below: