Cryptography Reference
In-Depth Information
1976, Whit DiQe and Martin Hellman conceived of a method for two entities,
2.20
who have never met in advance or exchanged keys, to establish a shared secret
key by exchanging messages over an open (unsecured) channel.
2.21
We will learn
the mathematical means for how this works in Chapter 4. Up to the time of
this idea, all cryptosystems, including DES, were looking for mechanisms to
securely distribute secret keys. This is because once a symmetric enciphering
key is known, an entity can easily deduce the deciphering key from it. Now,
with the introduction of the DiQe-Hellman idea, which has come to be known as
the
Di
E
e-Hellman Key-Exchange
,
2.22
entities could exchange keys in the open
and ensure privacy. It seems contrary to the very notion of secrecy. However,
that is the brilliance of the scheme, use two essentially
different
keys, one for
enciphering that can be made public, and one for deciphering that can be kept
private, a
key pair
. No longer would the key be
symmetric
(the deciphering key
easily determined from the enciphering key and vice versa). Now there would
be an
asymmetric
key pair, the advent of
public-key cryptography
(PKC). How
could this possibly work?
Public-Key Cryptography (PKC)
Before giving an introduction to the Di
Q
e-Hellman idea, let us look at an
analogy, a standard one, for PKC, which will provide an easy-to-understand
scenario to give the reader an understanding of how a public key can work.
First we will introduce the first two characters (entities) in our cryptographic
cast,
Alice
and
Bob
. Suppose that Bob has a
public
wall safe with a
private
combination known only to him. Moreover, the safe is left open and made
available to passers-by. Then, anyone, including Alice, can put messages in the
safe and lock it. However, only Bob can retrieve the message, since, even Alice,
who left the message in the safe has no way of retrieving it.
In order to give a general overview of the basic DiQe-Hellman idea, we need
the notion of a
one-way function
, which we may view, at this juncture, as a
method of enciphering that cannot be reversed. For instance, if youwrite a
message on a piece of paper, then burn it, that is an example of a one-way
function since retrieving the message is impossible. One says, in mathematical
terms, that this is a function whose values are easy (computationally feasible)
to compute, but calculating that inverse is
computationally infeasible
, meaning
2.20
Henceforth, by an
entity
we will mean any person or thing, such as a computer terminal,
which sends, receives, or manipulates information.
2.21
From now on, by a
channel
we will mean any means of communicating information from
one entity to another. A
secure
channel is one that is not physically accessible to an adversary,
whereas an
unsecured
channel is one from which entities, other than those for whom the
information was intended, can delete, insert, read, or reorder data.
2.22
In some parts of the literature, this is called the
Merkle-Di,e-Hellman Key-Exchange
since R.C. Merkle was working on these same ideas at that time. Merkle was a graduate
student at the University of California at Berkeley, and was working on an idea for a one-way
function involving certain puzzles. This would evolve later into what we now call the
knapsack
ciphers
, none of which have survived cryptanalysis today. We will come back to this topic
in later chapters. Merkle actually proposed joint work in a letter he wrote to Hellman in
February 1976. However, it turned out that the DiFe-Hellman idea was both more eFcient
and more secure than Merkle's idea.
Search WWH ::
Custom Search