Cryptography Reference
In-Depth Information
The Early History
Authenticating messages, rather than ensuring their confidentiality, formed
the primary motivation for Diffie and Hellman's work on public-key
encryption. Working in John McCarthy's AI lab at Stanford, Diffie had been
stimulated by discussions over the possibility of computers becoming
mainstream appliances and the numerous issues in electronic communica-
tions this would bring, including the problem of duplicating customary
methods of authentication:
What would be the computerized version of a receipt? How could you get a com-
puter-generated equivalent of a signed contract? Even if people were given unique
“digital signatures”—say a long randomly generated number bequeathed to a single
person—the nature of digital media, in which something can be copied in millisec-
onds would seem to make such an identifier pointless. . . . Diffie began to wonder
how one could begin to fix this apparently inherent flaw in the concept of digital
commerce.
4
“New Directions” thus makes the case for solving the problem of
authentication in electronic networks at some length, arguing that it pre-
sented “perhaps an even more serious barrier to the universal adoption of
telecommunications for business transactions than the problem of key
distribution.”
5
Diffie and Hellman point out to the major shortcoming of
symmetric cryptography for the purposes of such transactions: “In order
to have a purely digital replacement for this paper instrument [written
contracts], each user must be able to produce a message whose authenticity
can be checked by anyone, but which could not have been produced by
anyone else, even the recipient.”
6
That is, because in symmetric cryptosystems the sender and the receiver
share the same secret key, both are confident that no third party has been
able to modify the message while in transit. However, because they share
the same secret key, there is nothing to prevent either party from modify-
ing the message after it was first sent and reencrypting the message with
the secret key. The common secret key will still correctly decrypt the
message and both sender and receiver would thus be able to exhibit dif-
ferent versions of the message and claim them to be the original one.
Symmetric cryptosystems would thus enable parties to a contract to
produce
contradictory evidence
of their commitments. Diffie and Hellman
thus argued that the solution to the problem of providing signatures in an
