RSA Labs FAQ 4.0

Citation preview

Copyright © 1996, 1998 RSA Data Security, Inc. All rights reserved. RSA BSAFE Crypto-C, RSA BSAFE Crypto-J, PKCS, S/WAN, RC2, RC4, RC5, MD2, MD4, and MD5 are trademarks or registered trademarks of RSA Data Security, Inc. Other products and names are trademarks or registered trademarks of their respective owners. For permission to reprint or redistribute in part or in whole, send e-mail to [email protected] or contact your RSA representative.

RSA Laboratories’ Frequently Asked Questions About Today’s Cryptography, v4.0

2

Table of Contents Table of Contents............................................................................................ 3 Foreword......................................................................................................... 8 Section 1: Introduction .................................................................................... 9 Question 1.1. What is the RSA Laboratories’ Frequently Asked Questions About Today’s Cryptography? ................................................................................................................ 9 Question 1.2. What is cryptography? ............................................................................................ 10 Question 1.3. What are some of the more popular techniques in cryptography? ................... 11 Question 1.4. How is cryptography applied? ............................................................................... 12 Question 1.5. What are cryptography standards? ....................................................................... 14 Question 1.6. What is the role of the United States government in cryptography? ............... 15 Question 1.7. Why is cryptography important? ........................................................................... 16

Section 2: Cryptography................................................................................ 18 Section 2.1: Cryptographic Tools ..................................................................................................... 18 Question 2.1.1. What is public-key cryptography?...................................................................... 18 Question 2.1.2. What is secret-key cryptography? ....................................................................... 19 Question 2.1.3. What are the advantages and disadvantages of public-key cryptography compared with secret-key cryptography? ...................................................... 20 Question 2.1.4. What is a block cipher? ......................................................................................... 21 Question 2.1.5. What is a stream cipher? ...................................................................................... 25 Question 2.1.6. What is a hash function? ...................................................................................... 27 Question 2.1.7. What are Message Authentication Codes (MACs)? ......................................... 28 Question 2.1.8. What are interactive proofs and zero-knowledge proofs? .............................. 29 Question 2.1.9. What are secret sharing schemes? ....................................................................... 30

Section 2.2: Simple Applications of Cryptography ........................................................................... 31 Question 2.2.1. Question 2.2.2. Question 2.2.3. Question 2.2.4. Question 2.2.5.

What is privacy? .................................................................................................... 31 What is a digital signature and what is authentication? ................................. 32 What is a key agreement protocol? ..................................................................... 33 What is a digital envelope? .................................................................................. 34 What is identification? .......................................................................................... 35

Section 2.3: Hard Problems ............................................................................................................. 36 Question 2.3.1. What is a hard problem? ...................................................................................... 36 Question 2.3.2. What is a one-way function? ............................................................................... 37 Question 2.3.3. What is the factoring problem? ........................................................................... 38 Question 2.3.4. What are the best factoring methods in use today? ......................................... 39 Question 2.3.5. What improvements are likely in factoring capability?................................... 40 Question 2.3.7. What is the discrete logarithm problem? ........................................................... 42 Question 2.3.8. What are the best discrete logarithm methods in use today? ......................... 43 Question 2.3.9. What are the prospects for a theoretical breakthrough in the discrete log problem? ................................................................................................................. 44 Question 2.3.10. What are elliptic curves? .................................................................................... 45 Question 2.3.11. What are lattice-based cryptosystems? ............................................................ 46 Question 2.3.12. What are some other hard problems?............................................................... 47

RSA Laboratories’ Frequently Asked Questions About Today’s Cryptography, v4.0

3

Section 2.4: Cryptanalysis .............................................................................................................. 48 Question 2.4.1. Question 2.4.2. Question 2.4.3. Question 2.4.4. Question 2.4.5. Question 2.4.7. Question 2.4.8. Question 2.4.9.

What is cryptanalysis? .......................................................................................... 48 What are some of the basic types of cryptanalytic attack? .............................. 49 What is exhaustive key search? ........................................................................... 50 What is the RSA Secret Key Challenge? ............................................................. 51 What are the most important attacks on symmetric block ciphers? .............. 52 What are the most important attacks on stream ciphers? ............................... 54 What are the most important attacks on MACs? .............................................. 55 At what point does an attack become practical? ............................................... 56

Section 2.5: Supporting Tools in Cryptography ............................................................................... 57 Question 2.5.1. What is primality testing? ................................................................................... 57 Question 2.5.2. What is random number generation? ................................................................. 58

Section 3.1: RSA ............................................................................................................................ 59 Question 3.1.1. What is RSA? .......................................................................................................... 59

Section 3: Techniques in Cryptography.......................................................... 60 Question 3.1.2. How fast is RSA? .................................................................................................... 60 Question 3.1.3. What would it take to break RSA? ...................................................................... 61 Question 3.1.4. What are strong primes and are they necessary for RSA?............................... 62 Question 3.1.5. How large a key should be used in RSA? .......................................................... 63 Question 3.1.6. Could users of RSA run out of distinct primes? ............................................... 64 Question 3.1.7. How is RSA used for privacy in practice? ......................................................... 65 Question 3.1.8. How is RSA used for authentication and digital signatures in practice? ...... 66 Question 3.1.9. Is RSA currently in use? ........................................................................................ 67 Question 3.1.10. Is RSA an official standard today? .................................................................... 68 Question 3.1.11. Is RSA a de facto standard? ................................................................................ 69

Section 3.2: DES ............................................................................................................................ 70 Question 3.2.1. Question 3.2.2. Question 3.2.3. Question 3.2.4. Question 3.2.5. Question 3.2.6. Question 3.2.7. Question 3.2.8.

What is DES? .......................................................................................................... 70 Has DES been broken? .......................................................................................... 71 How does one use DES securely? ....................................................................... 72 Should one test for weak keys in DES? .............................................................. 73 Is DES a group? ...................................................................................................... 74 What is triple-DES? ............................................................................................... 75 What is DES-X? ...................................................................................................... 76 What are some other DES variants? ................................................................... 77

Section 3.3: AES ............................................................................................................................. 78 Question 3.3.1. What is the AES? .................................................................................................... 78 Question 3.3.2. What are some candidates for the AES? ............................................................ 79 Question 3.3.3. What is the schedule for the AES? ...................................................................... 80

Section 3.4: DSA ............................................................................................................................ 81 Question 3.4.1. What are DSA and DSS? ....................................................................................... 81 Question 3.4.2. Is DSA secure? ........................................................................................................ 82

Section 3.5: Elliptic Curve Cryptosystems ....................................................................................... 83 Question 3.5.1. Question 3.5.2. Question 3.5.3. Question 3.5.4.

What are elliptic curve cryptosystems? ............................................................. 83 Are elliptic curve cryptosystems secure? ........................................................... 84 Are elliptic curve cryptosystems widely used? ................................................ 85 How do elliptic curve cryptosystems compare with other cryptosystems? . 86

Section 3.6: Other Cryptographic Techniques ................................................................................. 87 Question 3.6.1. What is Diffie-Hellman? ....................................................................................... 87

RSA Laboratories’ Frequently Asked Questions About Today’s Cryptography, v4.0

4

Question 3.6.2. What is RC2? .......................................................................................................... 88 Question 3.6.3. What is RC4? .......................................................................................................... 89 Question 3.6.4. What is RC5? .......................................................................................................... 90 Question 3.6.5. What are SHA and SHA-1? .................................................................................. 91 Question 3.6.6. What are MD2, MD4, and MD5? ......................................................................... 92 Question 3.6.7. What are some other block ciphers? ................................................................... 93 Question 3.6.8. What are some other public-key cryptosystems? ............................................. 95 Question 3.6.9. What are some other signature schemes? .......................................................... 97 Question 3.6.10. What are some other stream ciphers? ............................................................... 98 Question 3.6.11. What other hash functions are there? ............................................................... 99 Question 3.6.12. What are some secret sharing schemes? ........................................................ 100

Section 4: Applications of Cryptography...................................................... 102 Section 4.1: Key Management ...................................................................................................... 102 Question 4.1.1. What is key management? ................................................................................. 102

Section 4.1.2: General .................................................................................................................. 103 Question 4.1.2.1. What key size should be used? ...................................................................... 103 Question 4.1.2.2. How does one find random numbers for keys?........................................... 104 Question 4.1.2.3. What is the life cycle of a key? ........................................................................ 105

Section 4.1.3: Public Key Issues ................................................................................................... 106 Question 4.1.3.1. What is a PKI? ................................................................................................... 106 Question 4.1.3.2. Who needs a key pair? ..................................................................................... 107 Question 4.1.3.3. How does one get a key pair? ......................................................................... 108 Question 4.1.3.4. Should a key pair be shared among users? .................................................. 109 Question 4.1.3.5. What happens when a key expires? .............................................................. 110 Question 4.1.3.6. What happens if my key is lost? .................................................................... 111 Question 4.1.3.7. What happens if my private key is compromised? ..................................... 112 Question 4.1.3.8. How should I store my private key? ............................................................. 113 Question 4.1.3.9. How do I find someone else’s public key? ................................................... 114 Question 4.1.3.10. What are certificates? ..................................................................................... 115 Question 4.1.3.11. How are certificates used? ............................................................................. 116 Question 4.1.3.12. Who issues certificates and how? ................................................................ 117 Question 4.1.3.13. How do certifying authorities store their private keys? ........................... 118 Question 4.1.3.14. How are certifying authorities susceptible to attack? ............................... 119 Question 4.1.3.15. What if a certifying authority’s key is lost or compromised? .................. 120 Question 4.1.3.16. What are Certificate Revocation Lists (CRLs)? .......................................... 121

Section 4.2: Electronic Commerce ................................................................................................ 122 Question 4.2.1. What is electronic money? .................................................................................. 122 Question 4.2.2. What is iKP? ......................................................................................................... 123 Question 4.2.3. What is SET? ......................................................................................................... 124 Question 4.2.4. What is Mondex? ................................................................................................. 125 Question 4.2.5. What are micropayments? ................................................................................. 126

Section 5: Cryptography in the Real World .................................................. 127 Section 5.1: Security on the Internet ............................................................................................ 127 Question 5.1.1. Question 5.1.2. Question 5.1.3. Question 5.1.4. Question 5.1.5.

What is S/MIME? ................................................................................................ 127 What is SSL? ......................................................................................................... 128 What is S/WAN? ................................................................................................. 129 What is IPSec? ...................................................................................................... 130 What is SSH? ........................................................................................................ 131

RSA Laboratories’ Frequently Asked Questions About Today’s Cryptography, v4.0

5

Question 5.1.6. What is Kerberos? ................................................................................................ 132

Section 5.2: Development Security Products................................................................................. 133 Question 5.2.1. Question 5.2.2. Question 5.2.3. Question 5.2.4. Question 5.2.5. Question 5.2.6.

What are CAPIs? .................................................................................................. 133 What is the GSS-API? .......................................................................................... 134 What are RSA BSAFE CRYPTO-C and RSA BSAFE CRYPTO-J? .................. 135 What is SecurPC? ................................................................................................. 136 What is SecurID? ................................................................................................. 137 What is PGP? ........................................................................................................ 138

Section 5.3: Cryptography Standards ...........................................................................................139 Question 5.3.1. Question 5.3.2. Question 5.3.3. Question 5.3.4. Question 5.3.5. Question 5.3.6.

What are ANSI X9 standards? ........................................................................... 139 What are the ITU-T (CCITT) Standards? ......................................................... 141 What is PKCS? ..................................................................................................... 143 What are ISO standards? .................................................................................... 144 What is IEEE P1363?............................................................................................ 145 What are some other cryptography specifications? ....................................... 146

Section 6: Laws Concerning Cryptography .................................................. 147 Section 6.1. Legal Disclaimer. ....................................................................................................... 147 Section 6.2: Government Involvement ...........................................................................................148 Question 6.2.1. Question 6.2.2. Question 6.2.3. Question 6.2.4. Question 6.2.5. Question 6.2.6.

What is NIST? ...................................................................................................... 148 What is the NSA?................................................................................................. 149 What is Capstone? ............................................................................................... 150 What is Clipper? .................................................................................................. 151 What is the Current Status of Clipper? ............................................................ 152 What is Fortezza? ................................................................................................ 153

Section 6.3: Patents on Cryptography ..........................................................................................154 Question 6.3.1. Question 6.3.2. Question 6.3.3. Question 6.3.4. Question 6.3.5.

Is RSA patented? .................................................................................................. 154 Is DSA patented? ................................................................................................. 155 Is DES patented? .................................................................................................. 156 Are elliptic curve cryptosystems patented? .................................................... 157 What are the important patents in cryptography? ......................................... 158

Section 6.4: United States Cryptography Export/Import Laws ....................................................... 159 Question 6.4.1. Question 6.4.2. Question 6.4.3. Question 6.4.4.

Can RSA be exported from the United States? ................................................ 159 Can DES be exported from the United States? ................................................ 160 Why is cryptography export-controlled? ......................................................... 161 Are digital signature applications exportable from the United States? ....... 162

Section 6.5: Cryptography Export/Import Laws in Other Countries ................................................ 163 Question 6.5.1. Which major countries have import restrictions on cryptography? ............ 163

Section 7: Miscellaneous Topics .................................................................. 164 Question 7.1. What is probabilistic encryption? ........................................................................ 164 Question 7.2. What are special signature schemes? .................................................................. 165 Question 7.3. What is a blind signature scheme?....................................................................... 166 Question 7.4. What is a designated confirmer signature? ........................................................ 167 Question 7.5. What is a fail-stop signature scheme? ................................................................. 168 Question 7.6. What is a group signature? ................................................................................... 169 Question 7.7. What is a one-time signature scheme? ................................................................ 170 Question 7.8. What is an undeniable signature scheme? .......................................................... 171 Question 7.9. What are on-line/off-line signatures? ................................................................. 172 Question 7.10. What is OAEP? ..................................................................................................... 173 RSA Laboratories’ Frequently Asked Questions About Today’s Cryptography, v4.0

6

Question 7.11. What is digital timestamping? ............................................................................ 174 Question 7.12. What is key recovery? .......................................................................................... 176 Question 7.13. What are LEAFs? .................................................................................................. 177 Question 7.14. What is PSS/PSS-R? ............................................................................................. 178 Question 7.15. What are covert channels? .................................................................................. 179 Question 7.16. What are proactive security techniques? .......................................................... 180 Question 7.17. What is quantum computing? ............................................................................ 181 Question 7.18. What is quantum cryptography? ........................................................................ 182 Question 7.19. What is DNA computing? ................................................................................... 183 Question 7.20. What are biometric techniques? ......................................................................... 184 Question 7.21. What is tamper-resistant hardware? .................................................................. 185 Question 7.22. How are hardware devices made tamper-resistant? ....................................... 186

Section 8: Further Reading .......................................................................... 187 Question 8.1. Question 8.2. Question 8.3. Question 8.4. Question 8.5. Question 8.6.

Where can I learn more about cryptography? .................................................... 187 Where can I learn more about cryptographic protocols and architecture? .... 188 Where can I learn more about recent advances in cryptography? .................. 189 Where can I learn more about electronic commerce? ........................................ 190 Where can I learn more about cryptography standards? ................................. 191 Where can I learn more about laws concerning cryptography? ...................... 192

Glossary ...................................................................................................... 193 References .................................................................................................. 203

RSA Laboratories’ Frequently Asked Questions About Today’s Cryptography, v4.0

7

Foreword This document is the fourth version of RSA Laboratories’ Frequently Asked Questions About Today’s Cryptography. Completely revised, restructured, and updated, it covers many more questions than the previous version, which was published in September 1995. The FAQ represents the contributions of numerous individuals. Particular appreciation is due to Paul Fahn, who wrote the first and second versions while an RSA Laboratories research assistant in 1992 and 1993, to Sambasivam Valliappan, who drafted the third version as an RSA Laboratories research assistant in Summer 1995. Other contributors to the fourth version include Jim Bidzos, John Brainard, Victor Chang, Scott Contini, Dana Ellingen, James Gray, Ari Juels, Burt Kaliski, Patrick Lee, John Linn, Paul Livesay, Hoa Ly, Tim Matthews, Matthew Robshaw, Ray Sidney, Bob Silverman, Jessica Staddon, Jeff Stapleton, Kurt Stammberger, and Yiqun Lisa Yin from RSA Data Security, Michael Baum from VeriSign, Mathew Butler, Stuart Haber from Bellcore, Bart Preneel from Katholieke Universiteit, and Scott Stornetta from Surety Technologies. Special thanks to Patrick Lee, Eliza Sachs, Michael Girdley, Jason Gillis, and Clint Chan for carefully reading through the final draft and providing many helpful suggestions. Special thanks also to Jason Thompson and Brandon Richards for converting the FAQ to the web. Finally, special thanks to Jeff Ylvisaker, who helped with the editing throughout. The technical editors are RSA Laboratories research assistants Moses Liskov and Beverly Schmoock. Comments on the FAQ are encouraged. Address correspondence to: FAQ Editor RSA Laboratories 2955 Campus Drive, Suite 400 San Mateo, CA 94403-2507 USA Tel: 650-295-7600 Fax: 650-295-7700

RSA Laboratories’ Frequently Asked Questions About Today’s Cryptography, v4.0

8

Section 1: Introduction Question 1.1. What is the RSA Laboratories’ Frequently Asked Questions About Today’s Cryptography? The RSA Laboratories’ Frequently Asked Questions About Today’s Cryptography is a large collection of questions about modern cryptography, cryptanalysis, and issues related to them. The information is presented in question and answer form. Version 4.0 of the FAQ is markedly different from previous versions, primarily in the general structure of the document. Section 1: Introduction. This section is intended for those who are interested in learning about cryptography but don’t know very much about it. The introduction gives a brief overview of the field of cryptography and related issues. Section 2: Cryptography. This section expands on the overview of the field of cryptography and related issues, providing more detail about the concepts involved in cryptography. It lays the conceptual groundwork for the next section. Section 3: Techniques in Cryptography. Cryptographic algorithms are the basic building blocks of cryptographic applications and protocols. This section presents most of the important encryption algorithms, hash functions, stream ciphers, and other basic cryptographic algorithms. Section 4: Applications of Cryptography. This section is an overview of the most important protocols and systems made possible by cryptography. In particular, it discusses the issues involved in establishing a cryptographic infrastructure, and it gives a brief overview of some of the electronic commerce techniques available today. Section 5: Cryptography in the Real World. This section goes over some of the most important cryptographic systems in place around the world today, including secure Internet communications, and some of the more popular cryptographic products. It also gives an overview of the major groups of cryptographic standards. Section 6: Laws Concerning Cryptography. This section deals with the legal and political issues associated with cryptography, including government involvement, patent issues, and import and export regulations. Note that while this section includes legal information, it should not be used as a substitute for consulting an attorney. Section 7: Miscellaneous Topics. This section contains additional applications of cryptography, including new technologies and techniques as well as some of the more important older techniques and applications. Section 8: Further Reading. This section lists suggestions for further information about cryptography and related issues. Glossary. Contains a brief definition of most of the terms in this document. Note: We have not attempted to be, nor could we be, exhaustive in answering every possible question. We hope that this document will be both a useful introductory text and a useful reference for those interested in the field of cryptography.

RSA Laboratories’ Frequently Asked Questions About Today’s Cryptography, v4.0

9

Question 1.2. What is cryptography? As the field of cryptography has advanced, the dividing lines for what is and what is not cryptography have become blurred. Cryptography today might be summed up as the study of techniques and applications that depend on the existence of difficult problems. Cryptanalysis is the study of how to compromise (defeat) cryptographic mechanisms, and cryptology (from the Greek kryptós lógos, meaning “hidden word”) is the discipline of cryptography and cryptanalysis combined. To most people, cryptography is concerned with keeping communications private. Indeed, the protection of sensitive communications has been the emphasis of cryptography throughout much of its history [Kah67]. However, this is only one part of today’s cryptography. Encryption is the transformation of data into a form that is as close to impossible as possible to read with out the appropriate knowledge (a key). Its purpose is to ensure privacy by keeping information hidden from anyone for whom it is not intended, even those who have access to the encrypted data. Decryption is the reverse of encryption; it is the transformation of encrypted data back into an intelligible form. Encryption and decryption generally require the use of some secret information, referred to as a key. For some encryption mechanisms, the same key is used for both encryption and decryption; for other mechanisms, the keys used for encryption and decryption are different (see Question 2.1.1). Today’s cryptography is more than encryption and decryption. Authentication is as fundamentally a part of our lives as privacy. We use authentication throughout our everyday lives -when we sign our name to some document for instance and, as we move to a world where our decisions and agreements are communicated electronically, we need to have electronic techniques for providing authentication. Cryptography provides mechanisms for such procedures. A digital signature (see Question 2.2.2) binds a document to the possessor of a particular key, while a digital timestamp (see Question 7.11) binds a document to its creation at a particular time. These cryptographic mechanisms can be used to control access to a shared disk drive, a high security installation, or a pay-per-view TV channel. The field of cryptography encompasses other uses as well. With just a few basic cryptographic tools, it is possible to build elaborate schemes and protocols that allow us to pay using electronic money (see Question 4.2.1), to prove we know certain information without revealing the information itself (see Question 2.1.8), and to share a secret quantity in such a way that a subset of the shares can reconstruct the secret (see Question 2.1.9). While modern cryptography is growing increasingly diverse, cryptography is fundamentally based on problems that are difficult to solve. A problem may be difficult because its solution requires some secret knowledge, such as decrypting an encrypted message or signing some digital document. The problem may also be hard because it is intrinsically difficult to complete, such as finding a message that produces a given hash value. Surveys by Rivest [Riv90] and Brassard [Bra88] form an excellent introduction to modern cryptography. Some textbook treatments are provided by Stinson [Sti95] and Stallings [Sta95], while Simmons provides an in-depth coverage of the technical aspects of cryptography [Sim92]. A comprehensive review of modern cryptography can also be found in Applied Cryptography [Sch96b]; Ford [For94] provides detailed coverage of issues such as cryptography standards and secure communication.

RSA Laboratories’ Frequently Asked Questions About Today’s Cryptography, v4.0

10

Question 1.3. What are some of the more popular techniques in cryptography? There are two types of cryptosystems: secret key and public key (see Questions 2.1.2 and 2.1.1). In secret-key cryptography, also referred to as symmetric cryptography, the same key is used for both encryption and decryption. The most popular secret-key cryptosystem in use today is known as DES, the Data Encryption Standard. IBM developed DES in the middle 1970’s and it has been a Federal Standard ever since 1976. In public-key cryptography, each user has a public key and a private key. The public key is made public while the private key remains secret. Encryption is performed with the public key while decryption is done with the private key. The RSA public-key cryptosystem is the most popular form of public-key cryptography. RSA stands for Rivest, Shamir, and Adleman, the inventors of the RSA cryptosystem. The Digital Signature Algorithm (DSA) is also a popular public-key technique, though it can only be used only for signatures, not encryption. Elliptic curve cryptosystems (ECCs) are cryptosystems based on mathematical objects known as Elliptic Curves (see Question 2.3.10.). Elliptic curve cryptography has been gaining in popularity recently. Lastly, the Diffie-Hellman key agreement protocol is a popular public-key technique for establishing secret keys over an insecure channel.

RSA Laboratories’ Frequently Asked Questions About Today’s Cryptography, v4.0

11

Question 1.4. How is cryptography applied? Cryptography is extremely useful; there is a multitude of applications, many of which are currently in use. A typical application of cryptography is a system built out of the basic techniques. Such systems can be of various levels of complexity. Some of the more simple applications are secure communication, identification, authentication, and secret sharing. More complicated applications include systems for electronic commerce, certification, secure electronic mail, key recovery, and secure computer access. In general, the less complex the application, the more quickly it becomes a reality. Identification and authentication schemes exist widely, while electronic commerce systems are just beginning to be established. Secure Communication Secure communication is the most straightforward use of cryptography. Two people may communicate securely by encrypting the messages sent between them. This can be done in such a way that a third party eavesdropping may never be able to decipher the messages. While secure communication has existed for centuries, the key management problem has prevented it from becoming commonplace. Thanks to the development of public-key cryptography, the tools exist to create a large-scale network of people who can communicate securely with one another even if they had never communicated before. Identification and Authentication Identification and authentication are two widely used applications of cryptography. Identification is the process of verifying someone’s or something’s identity. For example, when withdrawing money from a bank, a teller asks to see identification (e.g. a driver’s license) to verify the identity of the owner of the account. This same process can be done electronically using cryptography. Every automatic teller machine (ATM) card is associated with a “secret” personal identification number (PIN), which binds the owner to the card and thus to the account. When the card is inserted into the ATM, the machine prompts the cardholder for the PIN. If the correct PIN is entered, the machine identifies that person as the rightful owner and grants access. Another important application of cryptography is authentication. Authentication is similar to identification, in that both allow an entity access to resources (such as an Internet account), but authentication is broader because it does not necessarily involve identifying a person or entity. Authentication merely determines whether that person or entity is authorized for whatever is in question. For more information on authentication and identification, see Question 2.2.5. Secret Sharing Another application of cryptography, called secret sharing, allows the trust of a secret to be distributed among a group of people. For example, in a (K, N)-threshold scheme, information about a secret is distributed in such a way that any K out of the N people (K