Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
Cryptography works, but needs a system-wide view
Cyber Security: A Peer-Reviewed Journal,
7
(1),
73-81
(2023)
Abstract
Cryptography lies at the heart of most cyber security technologies, providing the core security services that enable notions of security to be constructed in cyberspace. Cryptographic algorithms are based on mathematics and increasingly subjected to such demanding levels of scrutiny that established cryptographic algorithms rarely fail from a theoretical perspective. Cryptography exists, however, to support practical information systems. It is thus necessary to take a system-wide view when assessing the effectiveness of cryptography in delivering security in cyberspace. This paper considers the wider system within which cryptography is deployed, identifying the most common points of failure, where even use of strong cryptographic algorithms may fail to deliver intended security. The paper also discusses the possible impacts of some future developments. The core message is that cryptography works, but only if the wider system in which it is deployed is given full consideration.
Keywords: cryptography; cryptographic algorithms; key management; Snowden revelations
The full article is available to subscribers to the journal.
Author's Biography
Keith Martin is a Professor of Information Security at Royal Holloway, University of London and Director of the EPSRC Centre for Doctoral Training in Cyber Security for the Everyday. He has broad research interests, with a focus on application of cryptography and geopolitical aspects of cyber security. Keith holds a degree in mathematics from the University of Glasgow and a PhD from Royal Holloway. Following research positions at the University of Adelaide and the Katholieke Universiteit Leuven, Keith returned to Royal Holloway in 2000, where he co-created the successful distance learning MSc in Information Security and served as Director of the Information Security Group from 2010 to 2015. Keith has over 100 research publications in cyber security, as well as articles in the popular and professional press. He is author of the textbook Everyday Cryptography (OUP, 2017), now in its second edition, and the popular science book Cryptography: The Key to Digital Security, How it Works and Why it Matters (Norton, 2020). He has also presented courses on cyber security to a wide range of audiences, including specialist industrial short courses, the general public and schools.
