What is a secure channel?

In information theory, any information (or data) that is transmitted is transmitted via a communication channel. Cryptography is particularly interested in the security properties that a communication channel is able to guarantee for the information it allows to be transmitted. Several types of channels can be distinguished:

  • Unsecure channels do not guarantee anything: neither authenticity nor confidentiality. This is for example the case of messages received by SMS and emails.

  • Authentic channels (but not confidential) only guarantee the authenticity of transmitted information, but not its confidentiality. This is the case with the classic telephone channel: “everyone” can listen to you, but you know who is talking to you, and you have the guarantee that what you hear is what your contact said.

  • Secure channels guarantee both the authenticity and confidentiality of information. On such channel, only the sender and the receiver can access the information (confidentiality), and the receiver has the guarantee that the data that arrives is strictly as it was sent by the sender (authenticity). This is a must. In other words, if you use a channel like this, you and the person you are talking to both know who you are talking to, and you know that no one but the two of you have access to what you are saying to each other. An example of this is a private discussion behind closed doors.

Beyond these basic properties, cryptography also defines more advanced notions, such as forward secrecy, which guarantees that the confidentiality property will always remain valid, even if a hacker manages (in the future) to steal your cryptographic keys. But we won’t go into details here!