Cryptography Reference
In-Depth Information
4. Alice sends the second part of her message.
5. Bob puts the two parts of Alice's message together and decrypts it, using
his private key.
6. If everything is correct, Bob sends the second part to Alice. Alice puts
the two parts together and decrypts the message (Figure 4.16).
Since Alice's first message part cannot be decrypted, Mallory cannot 're-
encrypt' it with his own or Bob's key. He would have to forward invented
messages pretending to Bob that they came from Alice. This shouldn't be pos-
sible after this prerequisite; how Alice achieves it is not part of the protocol.
But why is Step 3 included in the protocol even if only Alice wants to send
a message to Bob? Wouldn't it be sufficient for Alice to decompose her mes-
sage into two parts? No, because Mallory could 'collect' the two halves and
proceed as usual. Only the trick that both parties send parts that cannot be
decrypted
alternately
and then complete these parts
alternately
makes the pro-
tocol secure. Moreover, both parties can discover a fraud and don't have to
talk about it via email. For, Mallory could also have tampered with this email.
Pretty clever.
The only downside is the prerequisite that Alice and Bob have to recognize
that the messages received 'come doubtlessly from the converser'. While this
is easy in personal contact, it is hard to automate. This point can become a
problem when computers want to communicate securely among themselves and
automatically over the interlock protocol.
Distribution of Public Keys
You can see that the sore point in using asymmetric methods is the distribu-
tion of public keys, as long as the methods themselves are secure, of course.
The interlock protocol introduced above is a clever method, for instance, to
exchange public keys individually and exclusively on the Internet. A public
key can also be reliably checked over the phone — it's not easy to fake another
person's voice
and
diction. But that means there will be additional cost with
every new contact. It would be nice to have a way to publish the public key
securely. We could publish it in a daily paper, but the costs of ads and han-
dling newspapers are not ideal. We would like to use one single communication
medium, e.g., the Internet.
