# Cryptology

### By Albrecht Beutelspacher

Catalog Code: CRYPT
Print ISBN: 978-0-88385-504-1
176 pp., Paperbound, 1994
List Price: $45.00 MAA Member:$36.00
Series: Spectrum

How can messages be transmitted secretly? How can one guarantee that the message arrives safely in the right hands exactly as it was transmitted?

Cryptology–the art and science of “secret writing”–provides ideal methods to solve these problems of data security.

The first half of the book studies and analyzes classical cryptosystems. The second half of the book looks at exciting new directions of public-key cryptology. The book is fun to read, and the author presents the material clearly and simply. Many exercises and references accompany each chapter.

Introduction
1. Caesar or The Beginning is Easy
2. Words and Worms or Why Do It in a Complicated Way?
3. Safety First or A Little Bit of Theory
4. MAC Data or A Watchdog Called Authentication
5. The Future Has Already Started or Public Key Cryptography
6. No One Knows, With Glee I Claim, That Rumplestiltskin is My Name or How Can We Stay Anonymous?
Postscript
Deciphering the Ciphertexts
Literature

### Excerpt: Chapter 4: MAC Data or a Watchdog Called Authentication (p. 73)

User Authenticity. The ability to reliably identify human beings has always been of great importance. Whereas this was formerly a process occurring between two people, today's needs have extended the process so that it must be conducted between a person and a computer. Of course, this has caused problems; however, we shall see that computers sometimes provide an effective means of user authentication. But first let us recall how this process takes places in a person-to-person communication. Identification can be based on three things:

• People can be identified by their attributes.
• People can be identified by their possessions.
• People can be identified by their knowledge.

The first mechanism is used repeatedly, and daily: a person can be recognized by looks, by voice, by stride, and so on. For more serious purposes fingerprints will distiguish him. The other two mechanisms are traditionally reserved for special occasions. To cash a check, identification papers are usually required—perhaps a driver's license will do; if one pays by credit card, identity is proved by the possession of the card; to cross the border into another country a passport comes in handy; and so forth. Identification by knowledge is less common—although the idea has been around from the earliest of times (see, for example, Judges 12:6). Soldiers must know the current password to gain access to a restricted area. As another example, if the police want to know whether a kidnapped person is still alive, they might ask questions that only that person could answer.

With computers the situation is quite different. Authentication by knowledge is the simplest method, and authentication by possessions is also possible; by contrast, authentication by the physical attributes of a user is quite complicated and is practical only for high-security applications. So we will deal primarily with methods of authentication based on knowledge or possession. In contrast with the third method, these methods are characterized by the fact that one participant has a secret that other participants want to be convinced he has.