applied cryptography - protocols, algorithms, and source code in c

Digital signature trees ralph merkle proposed a

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Trent re-encrypts the bundle with the secret key he shares with Carol, KC, and sends it to Carol. (5) Carol decrypts the bundle with KC. She can now read both the message and Trent’s certification that Alice sent it. These protocols work, but they’re time-consuming for Trent. He must spend his days decrypting and encrypting messages, acting as the intermediary between every pair of people who want to send signed documents to one another. He must keep a database of messages (although this can be avoided by sending the recipient a copy of the sender’s encrypted message). He is a bottleneck in any communications system, even if he’s a mindless software program. Harder still is creating and maintaining someone like Trent, someone that everyone on the network trusts. Trent has to be infallible; if he makes even one mistake in a million signatures, no one is going to trust him. Trent has to be completely secure. If his database of secret keys ever got out or if someone managed to modify his programming, everyone’s signatures would be completely useless. False documents purported to be signed years ago could appear. Chaos would result. Governments would collapse. Anarchy would reign. This might work in theory, but it doesn’t work very well in practice. Digital Signature Trees Ralph Merkle proposed a digital signature scheme based on secret-key cryptography, producing an infinite number of one-time signatures using a tree structure [1067,1068]. The basic idea of this scheme is to place the root of the tree in some public file, thereby authenticating it. The root signs one message and authenticates its sub-nodes in the tree. Each of these nodes signs one message and authenticates its sub-nodes, and so on. Signing Documents with Public-Key Cryptography There are public-key algorithms that can be used for digital signatures. In some algorithms—RSA is an example (see Section 19.3)—either the public key or the private key can be used for encryption. Encrypt a document using your private...
View Full Document

{[ snackBarMessage ]}

Ask a homework question - tutors are online