Cryptography > OneKey versus TwoKey Cryptography (15 min.)  

Bruce Schneier, Applied Cryptography: Protocols, Algorithms, and Source Code in C. 1) OneKey CryptographyIn a "OneKeyEncryption" or "Conventional Encryption", the sender and the recipient share the same key as their common secret as displayed in figure 2 below. Figure 2 (source: www.PGPi.com): Conventional Encryption Scheme. The same key is used to encode and decode.
However, the major problem is the total number of keys involved. 2 correspondents use 1 key, 3 use 3 keys, 4 use 6 keys, 5 use 10 keys, 100 use 4950 keys, 1000 use 499500 keys, etc. And each key must be stored in a secure manner. And what if a key was accidentally revealed to a third party? Key management is enough of a difficult task that a name was invented for it: The Key Distribution Problem. It is the reason why OneKeyCryptography is not appropriate for today's secure electronic data transfers between many parties involved. Another way of encrypting data was needed: TwoKey Cryptography solves the key distribution problem. Caesar's way of having to deal with many different recipients was to simply use the same key for everybody. This allowed any of his recipients to decrypt any Caesarencoded message. Let's assume that he handdelivered his letters to Cleopatra... The Importance of KeysEvery Cipher is made up of two ingredients: an encryption method (the "algorithm") and the set of all possible keys (the "key space"). The sender may now choose from the number of possible keys to encode his secret message. What is the security of the encoded message based on? Is it the algorithm or the variety of keys? The Dutch Cryptographer Auguste Kerckhoff von Nieuwenhof answered this in 1883: Kerckhoff's Principle:
Kerckhoff formulated what every sender should have in mind when encoding a message: he shall not be naive and hope that his way of encrypting (his algorithm) has not been invented yet. How would he know? Nobody knows today how much cryptographic knowledge the NSA possesses. The National Security Agency employs more Mathematicians and other knowledgeable people than any other organization in the world. NSA is jokingly abbreviated as No Such Agency since nobody knows their advances and current knowledge on cryptography. The history of cryptography is filled with examples where the senders based their confidence fully on the assumption that their way of encoding was not known. A faux pas. If the algorithm can not guarantee any security, then it must be the keys. (Recall that Special Agent 007  James Bond  carries a secret key in his wellprotected suitcase and not an algorithm. And the submarine officers in "Crimson Tide" requires the secret key to launch the nuclear weapons.) How do keys ensure the security of a cipher? The answer is simple: It is the huge number of possible keys to choose from. Correct, not big but huge. Why that? Well, if a cipher consists of only 25 keys  as for the Caesar Cipher  an eavesdropper simply has to test those keys and the cipher is cracked. However, if the number of keys is 26! = 403291461126605635584000000  as it is for the Monoalphabetic Cipher  the eavesdropper's job is much more difficult. Testing each possible key would take too long. I.e. If he tests one key per second it would take him about a billion times the existence of our universe to crack a Monoalphabetic Cipher. No eavesdropper would take that route.
6 Key  Facts:

Related web sources:




top  