“The magic words are squeamish ossifrage.”
—
Plaintext of the message encoded in RSA-129, given in
Martin Gardner’s 1977 “Mathematical Games” column
about RSA.
Public Key Cryptosystems

❖
Problem: distributing secret keys is
•
Difficult: eavesdroppers are everywhere
•
Expensive: hard to secure channels
❖
Can two people communicate securely without having to meet first
and establish a key?
Who needs public key encryption?
2

Trust a third party
3
Alice
Bob
E (K
AB
, K
A
)
E (K
AB
, K
B
)
Keys
Я
Us
knows K
A
, K
B
,
....

Trust a third party
3
Alice
Bob
E (“Bob”, K
A
)
E (K
AB
, K
A
)
E (K
AB
, K
B
)
Keys
Я
Us
knows K
A
, K
B
,
....

Trust a third party
3
Alice
Bob
E (“Bob”, K
A
)
E (K
AB
, K
A
)
E (K
AB
, K
B
)
Generates random K
AB
Keys
Я
Us
knows K
A
, K
B
,
....

Trust a third party
3
Alice
Bob
E (“Bob”, K
A
)
E (K
AB
, K
A
)
E (K
AB
, K
B
)
E (M, K
AB
)
Generates random K
AB
Keys
Я
Us
knows K
A
, K
B
,
....

Trust a third party
3
Alice
Bob
E (“Bob”, K
A
)
E (K
AB
, K
A
)
E (K
AB
, K
B
)
E (M, K
AB
)
Generates random K
AB
E (“Alice” || K
AB
, K
B
)
Keys
Я
Us
knows K
A
, K
B
,
....

❖
How much do you trust a third party?
•
Third party knows everyone’s keys!
•
Third party can read any message!
•
Big Brother is watching you…
❖
Is this scalable?
•
Problem: limited number of all-knowing oracles
•
Problem: need to involve a third party for all transactions
❖
Other, more secure protocols
•
We’ll cover these in a bit…
❖
General principle: include as much information as needed to
ensure that messages are self-contained
•
Don’t assume anything in the message!
Trusting a third party: issues
4

❖
Alice generates 2
20
messages: “This is puzzle
x
.
The secret is
y
.” (
x
and
y
are
random numbers)
•
Encrypts each message using symmetric cipher with a different key
•
Sends all encrypted messages to Bob
❖
Bob chooses random message, performs brute-force attack to recover
plaintext and key
k
•
Bob sends
x
(clear) to Alice
❖
Alice and Bob use
k
to encrypt messages
Merkle’s puzzles
(1974)
5

❖
Alice generates 2
20
messages: “This is puzzle
x
.
The secret is
y
.” (
x
and
y
are
random numbers)
•
Encrypts each message using symmetric cipher with a different key
•
Sends all encrypted messages to Bob
❖
Bob chooses random message, performs brute-force attack to recover
plaintext and key
k
•
Bob sends
x
(clear) to Alice
❖
Alice and Bob use
k
to encrypt messages
❖
Alice: uses DES symmetric cipher
•
~2
55
expected brute force work to break DES
•
Or perhaps uses a weakened form of AES
❖
Eve: has to break the 2
20
to find which one matches
x
•
~ 2
19
×
2
55
expected work
❖
Alice and Bob change keys frequently enough since it is less work to agree to
a new key
Merkle’s puzzles
(1974)
5

❖
1969: ARPANet born with 4 sites
•
Whitfield Diffie starts thinking about strangers sending messages securely
❖
1974: Whitfield Diffie gives talk at IBM lab
•
Audience member mentions that Martin Hellman (Stanford professor) had
spoke about key distribution
❖
That night, Diffie starts driving 5000 km to Palo Alto
❖
Diffie, Hellman and Ralph Merkle work on
key distribution
problem
Birth of public key cryptosystems
6

Secret paint mixing
7
Analogy from
The Code Book
(S. Singh)
Alice
Bob
Yellow paint (public)

Secret paint mixing
7
Analogy from
The Code Book
(S. Singh)
Alice
Bob
Yellow paint (public)