Cryptography Reference
In-Depth Information
unconditionally to protect the keys in their possession
and not to misuse them. Again, while this may be a toler-
able condition in diplomatic and military organizations, it
is almost never acceptable in the commercial realm.
Another key distribution problem is the sheer num-
ber of keys required for flexible, secure communications
among even a modest number of users. While only a single
key is needed for secure communication between two par-
ties, every potential pair of participants in a larger group
needs a unique key. To illustrate this point, consider an
organization with only 1,000 users: each individual would
need a different private key for each of the other 999 users.
Such a system would require 499,500 different keys in all,
with each user having to protect 999 keys. The number of
different keys increases in proportion to the square of the
number of users. Secure distribution for so many keys is
simply insolvable, as are the demands on the users for the
secure storage of their keys. In other words, symmetric
key cryptography is impractical in a network in which all
participants are equals in all respects. One “solution” is to
create a trusted authority—unconditionally trusted by all
users—with whom each user can communicate securely to
generate and distribute temporary session keys as needed.
Each user then has only to protect one key, while the bur-
den for the protection of all of the keys in the network is
shifted to the central authority.
Two-key crypTography
In 1976, in one of the most inspired insights in the his-
tory of cryptology, Sun Microsystems, Inc., computer
engineer Whitfield Diffie and Stanford University elec-
trical engineer Martin Hellman realized that the key
distribution problem could be almost completely solved
