Cryptography Reference
In-Depth Information
4.5.2 Exchanging Keys With and Without a Public Key
Exchanging Keys Without an Asymmetric Method
If you exchange encrypted messages with someone on a permanent or regular
basis, you can often do without an asymmetric method. Asymmetric methods
may only mean additional work. The installation of additional software, such
as PGP, and the training required can quickly cost a company a couple of
hundred dollars. Moreover, additional risks cannot be totally excluded; see
Section 4.5.6.
So, if you exchange encrypted emails with your converser and the only thing
you have to look out for is protection against
one
cunning competitor, just
call your converser up and tell him the password on the phone. The competitor
would have to both intercept your emails (which is doable) and listen in on your
phone conversations (you really think he does?). If you wouldn't put it past
him, send the key by regular mail. All right, he could have bribed the mailman
if he knows your tactics. In that case, try to send half the key by mail (perhaps
in several portions) and tell your converser the other half on the phone. Who on
earth can monitor postal
and
phone traffic concurrently (well, guess who can)?
If you use three or four different distribution channels for the 'parts' of your
key, a normal adversary won't stand a chance (let's define the other adversaries
as 'abnormal'). Of course, you mustn't distribute a 64-bit key in four portions of
16 bits each (the broken magic amulet is only good for fairy-tale movies), for,
in the unlikely event that somebody intercepts three key parts, then brute force
will become a kid's game for them (as opposed to the magic amulet!). A better
idea is to represent your 64-bit key as the sum of four 64-bit numbers, three of
which are random. This way you can rest assured that an eavesdropper won't
have a chance, unless he actually possesses all key parts. This is presumably
the most reliable practical method for secure message exchange.
If you don't trust anybody other than your converser, why not make a trip,
hand him the key over personally, and subsequently enjoy a short vacation?
There won't be many occasions for you to go through this procedure, though.
Agree on a 'key encryption key' (KEK) with your converser that must never
be compromised. For each message, you create a new separate
session key
(using a cryptologically good computer program; see Section 5.1.4) and use
it to encrypt the message. You use the KEK to encrypt the session key and
send it along with the message. This careful approach ensures that no single
key is ever used to encrypt large amounts of data, thus significantly improving
