Cryptography Reference
In-Depth Information
As noted in [253], several SKC schemes were delineated, all with problems
concerningauthentication that the followingPKC scheme solves.
How is the treaty enforced?
Suppose that two countries, A and B , sign a treaty to terminate all un-
derground nuclear weapons testing. Both A and B need to verify that the
other is not engaging in underground testing. To do this, country A , say, will
put seismic monitors in country B , since one of the most reliable methods of
detecting underground tests is the measurement of ground motion from such
mechanisms. Also, we need a monitor , whom we will call Monty , from, say, the
United Nations, in country B to relay messages to country A from the sensors.
(We assume that both A and B agree on the construction and placement of
these devices.) In this scenario, both countries have issues.
Country A wants to ensure that country B does not alter the data, and
country B needs to ensure that there is no unauthorized data beingtransmitted
to A . Here is how both of these issues can be resolved.
The seismic device, which we will call HAL, secretly generates primes p and
q for an RSA modulus n = pq , as well as the encipheringkey e . Moreover,
we assume that all the security issues discussed on pages 174-179 have been
addressed and programmed into HAL, together with a CSRNG (see page 151).
Thus, after the random process of generating p , q , and e , the Euclidean algo-
rithm would be used to calculate the decryption key d . Then n = pq , and d
would be provided to Monty, country A and country B . However, p , q , and e
are kept secret within HAL, which is assumed to be deeply buried and tamper-
proof. HAL gathers data m and uses e to form the information c
m e (mod n ).
Both c and m must first pass muster with country B , which verifies that
c d
m (mod n )
(9.1)
so they know that m indeed is the data that corresponds to the encrypted data
c . They then forward m and c to country A , who also verify (9.1). Then country
A is certain that m could not have been altered. They know this since if B were
to choose
c d (mod n ) ,
then this is the same effort as decrypting c , which the RSA conjecture presumes
is computationally infeasible (see page 175).
m 1
= m so that m 1
Summary of Treaty features
(1) None of A , B , or Monty can forge messages that would be accepted as
authentic.
(2) Since n and d are public, both countries A , and B , as well as Monty may
verify the authenticity of messages.
(3) Since e is kept secret from all entities, no unilateral actions are possible
by any entity that would be capable of lesseningthe confidence in the
authentication of the message.
Search WWH ::




Custom Search