|
THE CryptologY GROUP |
|
Computer Science Department, University of Aarhus |
|
Information Security and Cryptology |
|
Information Security and Cryptology is the science of protecting information. More concretely, it is about constructing distributed systems that produce correct results, and protect confidentiality of private data. This must continue to hold, even if the system is attacked by external parties or even by users of the system. As a research area, information security encompasses theory and mathematical foundations, as well as a multitude of practical issues. We all realize the importance of protecting systems from attacks by viruses and hackers, but the applications of information security go far beyond that: In a modern information-driven society, we need to do business and exchange information between people who may have conflicting interests, and do not necessarily trust each other a priori. As examples, one may think of systems for e-commerce, e-voting or electronic auctions. In such scenarios, security is a complex notion. In an e-commerce system, for instance, the need to prevent misuse of the system seems to necessitate identification and surveillance of users, whereas the need to protect privacy pulls in the opposite direction. In an e-voting system no single entity, like a person or a computer, should know what individuals voted. On the other hand, information about votes must somehow leave the individuals computers to be tallied. These examples illustrate the fundamental problem of combining privacy and information processing between several parties. It follows that we need to understand what security really means, which goals can be achieved in which scenarios and which cannot, and finally how we can build efficient systems and solutions achieving these goals.
|
