There are two different meanings of the word cryptosystem. One is used by the cryptographic community, while the other is the meaning understood by the public.
In this meaning, the term cryptosystem is used as shorthand for "cryptographic system". A cryptographic system is any computer system that involves cryptography. Such systems include for instance, a system for secure electronic mail which might include methods for digital signatures, cryptographic hash functions, key management techniques, and so on. Cryptographic systems are made up of cryptographic primitives, and are usually rather complex. Because of this, breaking a cryptosystem is not restricted to breaking the underlying cryptographic algorithms - usually it is far easier to break the system as a whole, eg, through the not uncommon misconceptions of users in respect to the cryptosystem.
In this meaning, a cryptosystem refers to a suite of algorithms needed to implement a particular form of encryption and decryption.
Typically, a cryptosystem consists of three algorithms: one for key generation, one for encryption, and one for decryption. The term cipher (sometimes cypher) is often used to refer to a pair of algorithms, one for encryption and one for decryption. Therefore, the term "cryptosystem" is most often used when the key generation algorithm is important. For this reason, the term "cryptosystem" is commonly used to refer to public key techniques; however both "cipher" and "cryptosystem" are used for symmetric key techniques.
The Internet Security Glossary RFC 2828 dissuades from using the term "cryptosystem", giving the following definitions.
|