Cryptography Reference
In-Depth Information
16.2.3
Asymmetric Encryption-Based Key Distribution Protocol
Asymmetric encryption-based key distribution and corresponding protocols are
simple and straightforward. As illustrated in Protocol 16.3, such a protocol can be
used by two entities—A and B—that share no secret key initially. B is assumed
to have a public key pair of an asymmetric encryption system (
E
B
refers to the
encryption function that is keyed with
k
B
,and
D
B
refers to the corresponding
decryption function that is keyed with
k
−
1
B
). A randomly selects a secret key
K
from an appropriate key space
, encrypts it with
E
B
, and transmits
E
B
(
K
) to B.
B, in turn, uses
D
B
to decrypt
K
. A and B now both share the secret key
K
.
K
Protocol 16.3
An asymmetric encryption-based key distribution protocol.
A
B
(
k
−
B
)
(
k
B
)
K ∈
R
K
E
B
(
K
)
−→
K
=
D
B
(
E
B
(
K
))
(
K
)
(
K
)
Many cryptographic security protocols for the Internet make use of asymmet-
ric encryption-based key distribution in one way or another. We already mentioned in
Section 2.3.3 that the SSL/TLS protocol works this way (see, for example, Chapter
6 of [5]). Another example is some keying option in the Internet key exchange (IKE)
protocol used in the IPsec protocol suite (see, for example, [6]).
16.3
KEY AGREEMENT PROTOCOLS
As mentioned in Sections 1.3 and 14.2.3, Whitfield Diffie and Martin E. Hellman
published their landmark paper entitled “New Directions in Cryptography” in 1976
[7]. The paper introduced the basic idea of public key cryptography and provided
some evidence for its feasibility by proposing a key agreement protocol. In fact, the
Diffie-Hellman key exchange protocol
can be used by two entities that have no prior
relationship to agree on a secret key by communicating over a public but authentic
channel. As such, the mere existence of the Diffie-Hellman key exchange protocol
sounds like a paradox.
The Diffie-Hellman key exchange protocol can be implemented in any group
in which the DLP (see Definition 7.5) is intractable, such as the multiplicative
group of a finite field
Z
p
). The Diffie-Hellman key exchange protocol
Z
p
(i.e.,
