Cryptography Reference
In-Depth Information
•
elections; and
•
cash payments.
This is not as easy as one might think. So far in this topic, we have dealt
with the environment of one single activity, namely the transmission of secret
messages. Securing this activity is difficult enough!
As it turns out, however, we can apply our current knowledge to fields other
than message encryption. If you have read Section 4.5 and are familiar with
one-way hash functions (these will be discussed in Section 6.3.1) you will
easily understand, for example, how to create digital signatures.
Even better, cryptographic protocols can offer new functionalities. For example,
it is not difficult to distribute a secret among several people such that all together
can reconstruct the secret, but none of them can recover any information from
their part alone. This is a way to secure secrets more reliably than keeping
them in safes.
Cryptographic protocols are extremely complex in many cases. For example,
people still work on digital elections, and protocols for electronic payment
systems are subject to intense further development. Section 6.6.7 will introduce
a protocol for electronic checks which, in turn, uses several other cryptographic
protocols.
But I won't give you an overview of the most important protocols here (you
will find a full overview, including references for further reading in Schneier
[SchnCr]). I will limit this discussion to a few understandable and particularly
important protocols for practical purposes to give you an insight into this field.
6.1 Key Distribution
Protocols for secure key distribution are probably the protocols most widely
used today. We have dealt with several important key distribution methods in
Section 4.5.2, but there are many more interesting possibilities.
6.1.1 Diffie-Hellman, SKIP, KEA, and the Wide-Mouth Frog
We know that keys for symmetric methods are distributed by splitting them over
different channels, and how they are distributed in asymmetric cryptography.
Neither of the two methods is always satisfactory.
Though splitting over several channels is secure in practice, it is hard to
automate. For a government agency with important data to acquire daily that
