This preview shows pages 1–2. Sign up to view the full content.
This preview has intentionally blurred sections. Sign up to view the full version.
View Full Document
Unformatted text preview: Leo Reyzin. Notes for BU CAS CS 538. 1 7 DiffieHellman, ElGamal, and a Bit of History 7.1 DiffieHellman Key Exchange A great surge of academic interest in modern cryptography started with the work of Diffie, Hellman, and Merkle, and the publication of New Directions in Cryptography by Diffie and Hellman [DH76]. In this work, Diffie and Hellman proposed the idea of publickey encryption and digital signatures. Although they didnt have an implementation of publickey encryption, they did suggest something close, called key agreement. Here is the idea. Suppose there is a fixed prime p and generator g of Z * p known to everyone. Alice and Bob want to agree on a secret they can both use for some symmetric encryption scheme. To do so, Alice selects a random a Z * p and sends g a mod p to Bob. Bob similarly selects a random b Z * p and sends g b mod p to Alice. Now Alice can compute K = g ab by raising g b to the power a , and Bob similarly can compute K by raising g a to the power b . It is believed that g ab is hard to compute from just g , g a and g b . More formally, this is known as the Computational DiffieHellman Assumption. Assumption 1. For any polytime algorithm A , there exists a negligible function such that, if you generate random kbit prime p and its generator g , and select a random a,b Z * p , Pr[ A ( p,g,g a mod p,g b mod p ) = ( g ab mod p )] ( k ). Note that if p and g are not known to both parties in advance, Alice can simply send both to Bob together with g a . 7.2 A Bit More History In 1977, the RSA cryptosystem [RSA78] appeared in Scientific American, helping generate public interest in the subject. Until 1976, research in cryptography was mostly done in classified research labs, such as the National Security Agency in the United States, for military and intelligence purposes. Documents declassified by the UK in the late 1990s and now available on the web [Ell87] showed that publickey cryptography in general, and DiffieHellman and RSA specifically, were discovered in the classified community before their discovery in academia. Specifically, in 1970, James H. Ellis [Ell70] proposed the idea of publickey cryptography, which he termed nonsecret encryption; in 1973, Clifford C. Cocks [Coc73] proposed RSA (although Cocks suggestedtermed nonsecret encryption; in 1973, Clifford C....
View Full
Document
 Spring '09

Click to edit the document details