An Analysis of the Computer Security Ramifications of Weakened Asymmetric Cryptographic Algorithms

Abstract

Abstract : This paper explores the ramifications of what a proof that non-deterministic polynomial (NP) time algorithms could be solved in polynomial (P) time would mean for computer networking and the Internet as a whole. The P = NP problem and is a famous and unresolved mathematical question. If the P and NP classes of problems are really one in the same, there would be significant ramifications across numerous fields, including and especially asymmetric cryptography. Therefore, a great deal of effort in the computer science and mathematics fields has been devoted to this problem over the past 40 years. A significant subset of modern cryptographic systems rely on mathematical principles that make the assumption that P /= NP. If P = NP, these cryptographic systems would be in imminent danger of being weakened or completely obviated. As a result, there are many who speculate that the consequences of a P = NP proof would be the ultimate demise of the Internet. However, rarely are such claims substantiated with an analysis demonstrating how such effects would be caused. Therefore, this research attempts to determine the veracity of those claims through analysis of critical Internet protocols. The paper includes an explanation of the P = NP debate by describing what a P problem is and the contrasting it with an NP problem and then showing how they are related. It will then show how certain commonly-used cryptographic systems rely upon problems that fall within NP and describe how a P = NP proof would affect the security of those systems. Next it will examine critical components of computer networking and the Internet and determine how they rely upon potentially weakened cryptologic systems. That examination will include an analysis of how those dependencies impact network security (including data confidentiality, integrity and availability).