Cryptography Reference
In-Depth Information
4. Alice uses
s
to encrypt the message and sends Bob
X
and the encrypted
message.
5. Bob computes
s
X
y
=
mod
p
and decrypts the message.
However, there is a catch in this procedure: it now uses private keys again,
and Mallory is interested in them.
Though this methods appears a bit awkward, it can be automated in software or
hardware just like any other cryptographic protocol. It is not more insecure than
RSA, and what's more, it had a considerable benefit over RSA for three years:
since autumn 1997 it is no longer patented (while the RSA patent expired in
September 2000). This is certainly one of the reasons why the Diffie - Hellman
principle is used in the
SKIP
Internet protocol, which ciphers data packets with-
out the need for users to change their applications. SKIP was a competitor of the
IPsec protocol, which is much more complicated but eventually won the race.
However, there is a more important reason why SKIP uses key exchange rather
than RSA. Using RSA means that a session key has to be generated, encrypted,
and then distributed. This translates in an additional data packet for each session
and each key exchange, which is not desirable in this context. SKIP solves this
problem simply and elegantly: Alice and Bob choose their secret exponents,
x
and
y
, for good and deposit their certified public keys,
g
x
and
g
y
, in a public
database. To ensure that they won't permanently use the same joint secret,
g
xy
,
a timing mark and a sequential number are appended to this number. Both
parties know the timing mark and the sequential number, so these two items
don't have to be distributed separately. Now, a one-way hash function is applied
to this conglomerate, creating the joint session key. This virtually excludes the
possibility that somebody might guess the joint secret,
g
xy
. Furthermore, the
session key changes often enough, and the procedure does not create additional
data packets.
KEA, the NSA Variant by Diffie-Hellman
Together with the disclosure of its secret Skipjack algorithm (Section 5.7.5),
the NSA published
KEA
(probably short for 'key exchange algorithm'), the
public-key method used in the Clipper chip. In contrast to Skipjack, which
would go beyond the volume of this topic, KEA is quickly explained. We will
have a look at how the NSA implements asymmetric cryptography.
Initially, everything runs like in Diffie - Hellman: both parties know (in this
case) the 1024-bit module
p
, base
g
of equal length, and both possess a secret
