Military Communications and Information Technology: A Trusted ...
Military Communications and Information Technology: A Trusted ... Military Communications and Information Technology: A Trusted ...
482 Military Communications and Information Technology... the data preparation process can be long-term. Each to each method will be used just this one time only. First iteration During operation of the system, achieved connection are registered. For the next validity period, only those relations that have been registered are established. Additionally, one should prepare adequate number of spare data sets. Determining the adequate number is crucial to the success of the method. If the number of spare data sets is too small, the algorithm will fail and the data protection system will be unable to perform their tasks. Too large number of spare data sets has no meaning for the speed of progress, but it prolongs the time of data generation. Next iteration If it turns out that the device needs to realize the connection for which the key has not been prepared, the data loaded into the device will be replaced with spare data. One should then re-addressed the device and from this moment the device is identified by a number of spare data set. Information about the change of the number must be sent out to other devices. Set of relations is updated by adding the missing relation. Evaluation criterion If in a given iteration, all spare data sets are used, it means the negative result of the algorithm. If in subsequent iterations the number of used spare data sets is similar, it means that the method is not effective. If the number of used spare data sets becomes smaller and smaller, it means the positive result of the method. Probably the number of used spare data never reaches zero, but it is obvious, because unexpected situations occur always. VIII. Summary The proposed adaptive method of cryptographic relations planning combines advantages of two methods discussed earlier: each to each and according to needs. The first planning is realized with using each to each method. In subsequent iterations the set of relations is updated i.e. unnecessary relations are omitted and necessary ones are included. As the result, the final set of relations is established, which is realization of “according to needs” conception. The adaptive method enables to avoid main difficulties connected with previous methods i.e. manual planning of relations and/or too long time of key generation for all possible connections.
Chapter 4: Information Assurance & Cyber Defence 483 The proper selection of number of spare data sets for next iterations seems to be crucial for the success of the method. This is the drawback of the method that its result can be known just after several iterations. Here, the single iteration is one validity period (lasting from 3 to 6 months typically). That is why the time of expectation for the result is not acceptable. Therefore, it is necessary to apply simulation to evaluate the progress of the method as quickly as possible. The next stage of our work will be a choice of a simulating environment. It is very important to correctly specify the parameters of simulation, so the simulation task imitates the work of the real system faithfully. Particularly interesting is such feature of system which describe a size and a changeability of sets of users with whom the chosen user communicates in safe mode. According to such criterion we can distinguish a few types of systems. The simulation enables evaluation of usefulness of adaptive method for each of these types of systems. Alternatively, result of simulation will help to establish an optimum values of method’s parameters (such as: number of spare data sets, length of validity term). References [1] B. Schneier, “Applied cryptography”, John Wiley & Sons, 1994. [2] A. Menezes, P.C. van Oorschot, S.A. Vanstone, “Handbook of Applied Cryptography”, CRC Press LCC, 1997. [3] N. Ferguson, B. Schneier, “Practical Cryptogaphy”, John Wiley & Sons, 2003.
- Page 432 and 433: 432 Military Communications and Inf
- Page 434 and 435: 434 Military Communications and Inf
- Page 436 and 437: 436 Military Communications and Inf
- Page 439 and 440: On Multi-Level Secure Structured Co
- Page 441 and 442: Chapter 4: Information Assurance &
- Page 443 and 444: Chapter 4: Information Assurance &
- Page 445 and 446: Chapter 4: Information Assurance &
- Page 447 and 448: Chapter 4: Information Assurance &
- Page 449 and 450: Chapter 4: Information Assurance &
- Page 451 and 452: Chapter 4: Information Assurance &
- Page 453 and 454: Chapter 4: Information Assurance &
- Page 455 and 456: Generation of Nonlinear Feedback Sh
- Page 457 and 458: Chapter 4: Information Assurance &
- Page 459 and 460: Chapter 4: Information Assurance &
- Page 461 and 462: Chapter 4: Information Assurance &
- Page 463: Chapter 4: Information Assurance &
- Page 466 and 467: 466 Military Communications and Inf
- Page 468 and 469: 468 Military Communications and Inf
- Page 470 and 471: 470 Military Communications and Inf
- Page 472 and 473: 472 Military Communications and Inf
- Page 474 and 475: 474 Military Communications and Inf
- Page 476 and 477: 476 Military Communications and Inf
- Page 478 and 479: 478 Military Communications and Inf
- Page 480 and 481: 480 Military Communications and Inf
- Page 485 and 486: Modern Usage of “Old” One-Time
- Page 487 and 488: Chapter 4: Information Assurance &
- Page 489 and 490: Chapter 4: Information Assurance &
- Page 491 and 492: Chapter 4: Information Assurance &
- Page 493 and 494: Chapter 4: Information Assurance &
- Page 495: Chapter 4: Information Assurance &
- Page 498 and 499: 498 Military Communications and Inf
- Page 500 and 501: 500 Military Communications and Inf
- Page 502 and 503: 502 Military Communications and Inf
- Page 504 and 505: 504 Military Communications and Inf
- Page 506 and 507: 506 Military Communications and Inf
- Page 508 and 509: 508 Military Communications and Inf
- Page 511 and 512: A Abut Fatih 161 Akcaoglu Ismail 11
482 <strong>Military</strong> <strong>Communications</strong> <strong>and</strong> <strong>Information</strong> <strong>Technology</strong>...<br />
the data preparation process can be long-term. Each to each method will be used<br />
just this one time only.<br />
First iteration<br />
During operation of the system, achieved connection are registered. For<br />
the next validity period, only those relations that have been registered are established.<br />
Additionally, one should prepare adequate number of spare data sets. Determining<br />
the adequate number is crucial to the success of the method. If the number of spare<br />
data sets is too small, the algorithm will fail <strong>and</strong> the data protection system will be<br />
unable to perform their tasks. Too large number of spare data sets has no meaning<br />
for the speed of progress, but it prolongs the time of data generation.<br />
Next iteration<br />
If it turns out that the device needs to realize the connection for which<br />
the key has not been prepared, the data loaded into the device will be replaced<br />
with spare data. One should then re-addressed the device <strong>and</strong> from this moment<br />
the device is identified by a number of spare data set. <strong>Information</strong> about the change<br />
of the number must be sent out to other devices. Set of relations is updated by<br />
adding the missing relation.<br />
Evaluation criterion<br />
If in a given iteration, all spare data sets are used, it means the negative result<br />
of the algorithm. If in subsequent iterations the number of used spare data sets<br />
is similar, it means that the method is not effective. If the number of used spare<br />
data sets becomes smaller <strong>and</strong> smaller, it means the positive result of the method.<br />
Probably the number of used spare data never reaches zero, but it is obvious, because<br />
unexpected situations occur always.<br />
VIII. Summary<br />
The proposed adaptive method of cryptographic relations planning combines<br />
advantages of two methods discussed earlier: each to each <strong>and</strong> according<br />
to needs. The first planning is realized with using each to each method. In subsequent<br />
iterations the set of relations is updated i.e. unnecessary relations are<br />
omitted <strong>and</strong> necessary ones are included. As the result, the final set of relations<br />
is established, which is realization of “according to needs” conception. The adaptive<br />
method enables to avoid main difficulties connected with previous methods<br />
i.e. manual planning of relations <strong>and</strong>/or too long time of key generation for all<br />
possible connections.