“If I take a letter, lock it in a safe, hide the safe somewhere in New York, then tell you to read the letter, that’s not security. That’s obscurity. On the other hand, if I take a letter and lock it in a safe, and then give you the safe along with the design specifications of the safe and a hundred identical safes with their combinations so that you and the world’s best safecrackers can study the locking mechanism – and you still can’t open the safe and read the letter – that’s security!”
In addition to providing confidentiality, cryptography is often asked to do other jobs:
Authentication: It should be possible for the receiver of a message to ascertain its origin; an intruder should not be able to masquerade as someone else.
Integrity: It should be possible for the receiver of a message to verify that it has not been modified in transit; in intruder should not be able to substitute a false message for a legitimate one.
Nonrepudiation: A sender should not be able to falsely deny later that he sent a message.
This paper is inclined primarily towards the integrity aspect of a successful cryptosystem.
This document is in PDF format. To view it click here.