Jump to content

Horton principle

From Wikipedia, the free encyclopedia

The Horton principle is a design rule for cryptographic systems and can be expressed as "Authenticate what is being meant, not what is being said"[1] or "mean what you sign and sign what you mean" not merely the encrypted version of what was meant.[2] The principle is named after the title character in the Dr. Seuss children's book Horton Hatches the Egg.[1][3]

Utility

[edit]

The Horton principle becomes important when using message authentication codes (or MACs) in a cryptographic system. Suppose Alice wants to send a message to Bob, and she uses a MAC to authenticate a message m that was made by concatenating three data fields, where m := a || b || c. Bob needs to know what rules Alice used to create the message in order to split m back into its components, but if he uses the wrong rules then he will get the wrong values from an authenticated message. When applied in this case, the Horton principle works by authenticating the meaning instead of the message.[4] For instance, MAC clears not only the communication but also the information that Bob used in parsing such message into its meaning.[4] The meaning, however, also depends on the decryption key used and that the authentication must be applied to the plaintext instead of the ciphertext.[5]

Problems

[edit]

The problem is that the MAC is only authenticating a string of bytes, while Alice and Bob need to authenticate the way the message was constructed as well. If not, then it may be possible for an attacker to substitute a message with a valid MAC but a different meaning.

Systems can manage this problem by adding metadata such as a protocol number or by formatting messages with an explicit structure, such as XML.

References

[edit]
  1. ^ a b Ferguson, N., Schneier, B. (2003). Practical Cryptography, p. 109, Indianapolis, Indiana: Wiley Publishing, Inc.
  2. ^ Holden, Joshua (2018-10-02). The Mathematics of Secrets: Cryptography from Caesar Ciphers to Digital Encryption. Princeton and Oxford: Princeton University Press. p. 352. ISBN 9780691141756.
  3. ^ Wagner, David; Schneier, Bruce (April 15, 1997). "Analysis of the SSL 3.0 Protocol" Archived 2008-09-03 at the Wayback Machine. schneier.com.
  4. ^ a b Ferguson, Niels; Schneier, Bruce; Kohno, Tadayoshi (2011-02-02). Cryptography Engineering: Design Principles and Practical Applications. John Wiley & Sons. ISBN 9781118080917.
  5. ^ Tiller, James (2017). A Technical Guide to IPSec Virtual Private Networks. Boca Raton, FL: Auerbach. pp. 314. ISBN 978-0849308765.