{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

notes-7 - Leo Reyzin Notes for BU CAS CS 538 1 7 7.1...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Leo Reyzin. Notes for BU CAS CS 538. 1 7 Di ffi e-Hellman, ElGamal, and a Bit of History 7.1 Di ffi e-Hellman Key Exchange A great surge of academic interest in modern cryptography started with the work of Di ffi e, Hellman, and Merkle, and the publication of “New Directions in Cryptography” by Di ffi e and Hellman [DH76]. In this work, Di ffi e and Hellman proposed the idea of public-key encryption and digital signatures. Although they didn’t have an implementation of public-key encryption, they did suggest something close, called “key agreement.” Here is the idea. Suppose there is a fixed prime p and generator g of Z * p known to everyone. Alice and Bob want to agree on a secret they can both use for some symmetric encryption scheme. To do so, Alice selects a random a Z * p and sends g a mod p to Bob. Bob similarly selects a random b Z * p and sends g b mod p to Alice. Now Alice can compute K = g ab by raising g b to the power a , and Bob similarly can compute K by raising g a to the power b . It is believed that g ab is hard to compute from just g , g a and g b . More formally, this is known as the Computational Di ffi e-Hellman Assumption. Assumption 1. For any poly-time algorithm A , there exists a negligible function η such that, if you generate random k -bit prime p and its generator g , and select a random a, b Z * p , Pr[ A ( p, g, g a mod p, g b mod p ) = ( g ab mod p )] η ( k ). Note that if p and g are not known to both parties in advance, Alice can simply send both to Bob together with g a . 7.2 A Bit More History In 1977, the RSA cryptosystem [RSA78] appeared in Scientific American, helping generate public interest in the subject. Until 1976, research in cryptography was mostly done in classified research labs, such as the National Security Agency in the United States, for military and intelligence purposes. Documents declassified by the UK in the late 1990s and now available on the web [Ell87] showed that public-key cryptography in general, and Di ffi e-Hellman and RSA specifically, were discovered in the classified community before their discovery in academia. Specifically, in 1970, James H. Ellis [Ell70] proposed the idea of public-key cryptography, which he termed “non-secret encryption”; in 1973, Cli ff ord C. Cocks [Coc73] proposed RSA (although Cocks suggested
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}