Cryptography Reference
In-Depth Information
Figure 3.1
Secret-key (symmetric) cryptography. To illustrate the definition of the crypto-
graphic signature model, I use slides representative of the kinds that were ubiquitous
in cryptography-related conferences in the 1990s. They are meant to serve both as
pedagogical aids and exhibits of the process I seek to illuminate. The slides feature
the legitimate participants to the protocol (Alice and Bob), as well as the adversary
that seeks to defeat the security objectives of their communication. Image courtesy
of Dr. Warwick Ford.
that this would be, in effect, a burden so significant as to all but negate
the benefits of electronic communications.
One solution lay in equipping networks with centralized key distribu-
tion centers, “trusted third parties” that could provide each pair of users
with the required key pairs without the need for prior interaction. As he
later explained, Diffie viewed such solutions with suspicion: “The virtue
of cryptography should be that you don't have to trust anybody directly
involved with your communications.”
5
He felt that any system that relied
on centralized authority put the user at risk of having her personal infor-
mation disclosed, even if that authority was well intentioned. The very
existence of the keys in a centralized system would inevitably lead to their
compromise, as authorities could simply present the system operator with
a subpoena: “That person would sell you out because he had no interest
in defying the order and going to jail to protect your data.”
6
