Cryptography Reference
In-Depth Information
together determine an authentication bit, 0 or 1, to be
appended to the ciphers to form four possible messages:
Buy-1, Buy-0, Sell-1, and Sell-0. B will only accept a mes-
sage as authentic if it occurs in the row corresponding to
the secret key. The pair of messages not in that row will be
rejected by B as non-authentic. B can easily interpret the
cipher in an authentic message to recover A 's instructions
using the outcome of the first coin flip as the key. If a third
party C impersonates A and sends a message without
waiting for A to do so, he will, with probability 1 / 2 , choose
a message that does not occur in the row corresponding to
the key A and B are using. Hence, the attempted deception
will be detected by B , with probability 1 / 2 . If C waits and
intercepts a message from A , no matter which message
it is, he will be faced with a choice between two equally
likely keys that A and B could be using. As in the previ-
ous example, the two messages he must choose between
convey different instructions to B , but now one of the
ciphers has a 1 and the other a 0 appended as the authen-
tication bit, and only one of these will be accepted by B .
Consequently, C 's chances of deceiving B into acting con-
trary to A 's instructions are still 1 / 2 ; namely, eavesdropping
on A and B 's conversation has not improved C 's chances of
deceiving B .
Clearly in either example, secrecy or secrecy with
authentication, the same key cannot be reused. If C
learned the message by eavesdropping and observed B 's
response, he could deduce the key and thereafter imper-
sonate A with certainty of success. If, however, A and
B chose as many random keys as they had messages to
exchange, the security of the information would remain
the same for all exchanges. When used in this manner,
these examples illustrate the vital concept of a onetime
key, which is the basis for the only cryptosystems that can
be mathematically proved to be cryptosecure. This may
 
Search WWH ::




Custom Search