Cryptography Reference
In-Depth Information
channel — for example, a secure telephone line, or via a private meeting or
hand delivery by a trusted courier.
Such a secure channel is usually available only at certain times and under
certain circumstances. So users far apart, in order to guarantee perfect secu-
rity of subsequent cryptocommunication, have to carry around with them
an enormous amount of secret and meaningless information (cryptographic
keys), equal in volume to all the messages they might later wish to send. This
is, to say the least, not very convenient.
Furthermore, even if a secure channel is available, this security can never
be truly guaranteed. A fundamental problem remains because, in principle,
any classical private channel can be monitored passively, without the sender
or receiver knowing that the eavesdropping has taken place. This is because
classical physics — the theory of ordinary-scale bodies and phenomena such
as paper documents, magnetic tapes, and radio signals — allows all physical
properties of an object to be measured without disturbing those properties.
Since all information, including cryptographic keys, is encoded in measur-
able physical properties of some object or signal, classical theory leaves open
the possibility of passive eavesdropping, because in principle it allows the
eavesdropper to measure physical properties without disturbing them. This
is not the case in quantum theory, which forms the basis for quantum cryp-
tography. However, before we venture into quantum physics, let us mention
in passing a beautiful mathematical approach to solving the key distribution
problem.
The 1970s brought a clever mathematical discovery in the shape of “public-
key” systems. The two main public-key cryptography techniques in use today
are the Diffie-Hellman key exchange protocol [13] and the RSA encryption
system (named after the three inventors, Ron Rivest, Adi Shamir, and Leonard
Adleman) [24]. They were discovered in the academic community in 1976 and
1978, respectively. However, it was widely rumored that these techniques
were known to British government agencies prior to these dates, although
this was not officially confirmed until recently. In fact, the techniques were
first discovered at the British Government Communication Headquarters in
the early 1970s by James Ellis, who called them nonsecret encryption. In 1973,
building on Ellis' idea, C. Cocks designed what we now call RSA, and in
1974 M. Williamson proposed what is essentially known today as the Diffie-
Hellman key exchange protocol.
In the public-key systems, users do not need to agree on a secret key be-
fore they send the message. They work on the principle of a safe with two
keys, one public key to lock it, and another private one to open it. Every-
one has a key to lock the safe but only one person has a key that will open
it again, so anyone can put a message in the safe but only one person can
take it out. The systems avoid the key distribution problem but unfortunately
their security depends on unproven mathematical assumptions. For example,
RSA — probably the most popular public-key cryptosystem — derives its se-
curity from the difficulty of factoring large numbers. This means that if math-
ematicians or computer scientists come up with fast and clever procedures
