tags:

views:

463

answers:

3
+4  Q: 

Creative uses for cryptography beyond the usual encryption/authentication

Lately I've been intrigued by some of the less traditional uses of cryptography. Things like:

What other applications of cryptography can you think of outside the usual realm of message authentication and confidentiality?

+2  A: 

My favorite use of cryptography is for deleting information. You encrypt the information you have (GB worth, TB worth), and store the key WITH THE DATA. When you want to erase all of the data, you simply overwrite the key. This makes key management simple, and the erasure is as good as your cryptography.

Alternatively, you can simply increase the work factor to recover the erased information. You can, for example, erase one bit of the key every hour. This makes it twice as hard to recover the data every hour, which is useful if you want to give the user a chance to "undelete" the data, but you want to make that harder and harder as time goes on.

vy32  2009-07-13 04:10:24
This becomes infinitely more useful when you consider that the encrypted data could be stored on backup tapes, and you may have a legal obligation to delete old data. This way, you can 'delete' the data by erasing the key, instead of having to find and load the tape.
Nick Johnson  2009-07-13 09:34:44
Accept if the back up is to have any meaning the key is stored with the data
Patrick  2009-07-13 18:45:47
See http://portal.acm.org/citation.cfm?id=1267578A revocable backup system USENIX Security Symposium archiveProceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
vy32  2009-07-16 22:45:22
+1  A: 

I am using symmetric algorithums to implement URL lengthening. To navifate to the URL one simply decrypts the URL of the page, removes padding and redirects to the cleartext URL

Crippledsmurf  2009-07-13 04:23:21
Could you elaborate a bit on what you mean by that? Not sure I follow.
viksit  2009-07-21 00:37:48
I'm implementing URL lengthing, the lengthing works by encrypting the original URL using symmetric encryption with a very weak key (for performance reasons). When the URL is used, the cyphertext is decrypted by the server to reveal the original URL which is then redirected to
Crippledsmurf  2009-07-21 01:29:27
But why do you need to encrypt your URLs?
Adam Byrtek  2009-09-20 19:21:16
I'm not encrypting for the sake of security but because cyphertext tends to be quite long which is desirable for URL lengthening and the fact that this is generated from the URL itself makes it eas to obtain the original URL again
Crippledsmurf  2009-09-21 09:57:06
+3  A: 

Most of the examples listed here are just using cryptographic hashes as a substitute for a good random number generator.

Since cryptography, when working ideally, results in a string of bits indistinguishable from randomness, there's really not all that much you can do with it. Any purpose other than concealing a string of bits would be served just as well by a really good random number generator.

Hashes are good for detecting unwanted changes to data, be they intentional or unintentional. Similarly, you can do comparisons or large items quickly by computing a hash of the desired value so that it only needs to be considered once, then scanning the "haystack" for an item with a matching hash.

Cryptography can be used to make a "hidden commitment," where one can commit to an answer/prediction/etc. while keeping it hidden. Others can reveal the committed value on some condition, and you cannot later change your answer. (e.g., the secure equivalent of an answer sealed in an envelope)

Related to zero-knowledge proofs, already listed, encryption techniques can be used to allow separate parties to collaborate usefully without sharing their data, called Secure Multi-party Computation. Of course, this is still related to confidentiality, but it's quite different from the "normal" uses of cryptography.

Tim Sylvester  2009-07-13 04:35:23
The shuffling a deck of cards across a network application is not one that can be "served just as well by a really good random number generator". It allows N players to securely shuffle a deck of cards between them without requiring a trusted party.
caf  2009-07-20 05:06:39
Agreed, but it's really not "outside the usual realm of message authentication and confidentiality".
Tim Sylvester  2009-07-20 05:59:24

related questions

How to transition to Functional Programming
List of the top Programming "shows"
How to contribute code back to an Open Source project?
What is Test Driven Development (TDD)?
pass by reference or pass by value?
Could you recommend a good free project hosting website?
Writing A "Conway's Game of Life" Program
Learning to write a compiler
How can I modify .xfdl files? (Update #1)
Followup: "Sorting" colors by distinctiveness
Followup: Finding an accurate "distance" between colors
Windows Help files - what are the options?
A little diversion into floating point (im)precision, part 1
Internationalization in your projects
Efficiently get sorted sums of a sorted list
Format string to title case
GUI Programming APIs
Using combinations of sets as test data
What books would you recommend for a beginning Software Developer?
The Definitive Guide To Website Authentication
What is your solution to the FizzBuzz problem?
Generate list of all possible permutations of a string
When to use unsigned values over signed ones?
Function for creating color wheels
Fastest way to get value of pi