views:

463

answers:

3

Lately I've been intrigued by some of the less traditional uses of cryptography. Things like:

What other applications of cryptography can you think of outside the usual realm of message authentication and confidentiality?

+2  A: 

My favorite use of cryptography is for deleting information. You encrypt the information you have (GB worth, TB worth), and store the key WITH THE DATA. When you want to erase all of the data, you simply overwrite the key. This makes key management simple, and the erasure is as good as your cryptography.

Alternatively, you can simply increase the work factor to recover the erased information. You can, for example, erase one bit of the key every hour. This makes it twice as hard to recover the data every hour, which is useful if you want to give the user a chance to "undelete" the data, but you want to make that harder and harder as time goes on.

vy32
This becomes infinitely more useful when you consider that the encrypted data could be stored on backup tapes, and you may have a legal obligation to delete old data. This way, you can 'delete' the data by erasing the key, instead of having to find and load the tape.
Nick Johnson
Accept if the back up is to have any meaning the key is stored with the data
Patrick
See http://portal.acm.org/citation.cfm?id=1267578A revocable backup system USENIX Security Symposium archiveProceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
vy32
+1  A: 

I am using symmetric algorithums to implement URL lengthening. To navifate to the URL one simply decrypts the URL of the page, removes padding and redirects to the cleartext URL

Crippledsmurf
Could you elaborate a bit on what you mean by that? Not sure I follow.
viksit
I'm implementing URL lengthing, the lengthing works by encrypting the original URL using symmetric encryption with a very weak key (for performance reasons). When the URL is used, the cyphertext is decrypted by the server to reveal the original URL which is then redirected to
Crippledsmurf
But why do you need to encrypt your URLs?
Adam Byrtek
I'm not encrypting for the sake of security but because cyphertext tends to be quite long which is desirable for URL lengthening and the fact that this is generated from the URL itself makes it eas to obtain the original URL again
Crippledsmurf
+3  A: 

Most of the examples listed here are just using cryptographic hashes as a substitute for a good random number generator.

Since cryptography, when working ideally, results in a string of bits indistinguishable from randomness, there's really not all that much you can do with it. Any purpose other than concealing a string of bits would be served just as well by a really good random number generator.

Hashes are good for detecting unwanted changes to data, be they intentional or unintentional. Similarly, you can do comparisons or large items quickly by computing a hash of the desired value so that it only needs to be considered once, then scanning the "haystack" for an item with a matching hash.

Cryptography can be used to make a "hidden commitment," where one can commit to an answer/prediction/etc. while keeping it hidden. Others can reveal the committed value on some condition, and you cannot later change your answer. (e.g., the secure equivalent of an answer sealed in an envelope)

Related to zero-knowledge proofs, already listed, encryption techniques can be used to allow separate parties to collaborate usefully without sharing their data, called Secure Multi-party Computation. Of course, this is still related to confidentiality, but it's quite different from the "normal" uses of cryptography.

Tim Sylvester
The shuffling a deck of cards across a network application is not one that can be "served just as well by a really good random number generator". It allows N players to securely shuffle a deck of cards between them without requiring a trusted party.
caf
Agreed, but it's really not "outside the usual realm of message authentication and confidentiality".
Tim Sylvester