Cryptography Reference
In-Depth Information
Centralized systems thus involved institutions devoted to their own
protection, rather than users' privacy. Diffie envisioned the solution as the
development of cryptographic privacy-protection tools which would effec-
tively put the user at the wheel: “Diffie believed in what he called 'a
decentralized view of authority.' By creating the proper cryptographic
tools, he felt, you could solve the problem—by transferring the data protec-
tion from a disinterested third party to the actual user, the one whose
privacy was actually at risk.” 7
In “New Directions,” Diffie and Hellman proposed two new methods
for transmitting keys over public (i.e., insecure) channels without compro-
mising their security: the first method, which they called public key distribu-
tion system (now commonly known as Diffie-Hellman key agreement),
enabled users to establish a common key over a public channel in such a
way that an eavesdropper could not deduce the key even though it had
access to the entire exchange. 8 The second method, public-key cryptography ,
would write a new and defining chapter in the contemporary evolution of
the field.
Diffie and Hellman's system was deceptively simple. The solution lay in
splitting the key in two components: a public and a private part. Each user on
the network is assigned such a pair of keys. The private part is kept secret by
each user; the public part is made available to all other users on the network.
Imagine two such users, Alice and Bob (see figure 3.2). If user Alice wants to
send a confidential message to user Bob, she obtains his public key and uses
it as the enciphering key before sending him the resulting encrypted
message. The message can then be decrypted by Bob using his private key.
The trick lies in the mathematical relationship between the public and the
private part of the key: although each key provides the inverse function of
the other, even with significant computational resources it would require
considerable time to deduce the private from the public portion of the key.
The system effectively solved the problems identified by Diffie with
respect to secret key cryptosystems. It relieved users from having to estab-
lish a common key with every other user in the system prior to commu-
nicating with them. As the need for interaction arose, a user could simply
fetch other users' public keys, which would be conveniently stored in a
public directory indexed by their names. Theoretically, key distribution
was thus reduced to the problem of correctly maintaining the public direc-
tory and protecting it against malicious modifications.
Search WWH ::




Custom Search