10 ágúst 2010
Problem
Alice and Bob, are going to a cryptography conference. They happen to represent different nations that do not trust each other and both Alice and Bob are each going to propose a new cryptography standard.
Everyone at the cryptography conference is suspicious of each other, and think the representatives from other nations than their own are proposing standards without telling the whole truth behind them (for example that they have hidden backdoors).
Solution:
- Alice generates a big random prime and makes it public.
- Bob proposes a cryptography standard and makes the encryption and decryption algotithms public.
Bob's encryption function is
c=Ebob(p,k)
and his decryption funciton
p = Dbob(c,k)
where c is cryptogram, p is the plain text and k is the key.
- Alice proposes a different cryptography standard and also makes the encryption and decryption algorithms public.
Alice's encryption function is
c=Ealice(p,k)
and decryption function is
p=Dalice(c,k)
- Bob might know of an efficient1 backdoor algorithm
p = Bbob(c)
such that
p = Bbob(Ebob(p,k))
We see that the backdoor algorithm does not require the key to decrypt the cryptogram.
- Alice might similarily know of a backdoor algorithm
p = Balice(c)
such that
p = Balice(Ealice(p,k))
- Alice and Bob decide to use the encryption function c = Ebob( Ealice(p, k1), k2) and decryption function p = Dbob( Dalice(c, k1), k2) where k1 and k2 are two unrelated keys.
- If an attacker does not know k1 and k2 his knowledge of only one of the backdoor algorithms will not help him.
But what if?
But what if an attacker finds the hidden backdoor of the other's encryption standard?
-That's a risk both of them have to take anyway if they are going to propose a standard with a hidden backdoor. The standard must from the proposer's view point meet the proposer's requirements.
But what if the attacker knows one of the keys?
- A condition for either of the standards to work on its own is that it key is not known by an attacker. The two keys can be viewed as just one key (which is for instance a concatenation of the two keys).
1Here an efficient algorithm, means that it can be solved in reasonable amount of time (at least less than a human lifetime) with reasonable amount of resources (available computation power, during the time period the standard is intended to be in use).
Epilogue
To be clear, I do not think that this is a very innovative and new solution that no one has ever thought of before. I also do not believe this solution could be used in reality to create widely used cryptography standard.
After reading my cryptography book I was inspired to write a nice little Alice and Bob problem story, and make a little fun of cryptography politics.
The prime Alice generates in the first step is not used. The first step is just intended to create the right feel to the text.
09 ágúst 2010
| Boolean | Íslenska |
| A AND B | A og B Bæði A og B |
| A XOR B | A eða B Annaðhvort A eða B |
| A OR B | A eða B nema hvor tveggja sé Annaðhvort A eða B nema hvor tveggja sé A og/eða B A oða B |
| A NOR B | Hvorki A né B |
| A NAND B | Ekki A og B Ekki bæði A og B |
| A XNOR B | Annað hvort bæði A og B eða hvorugt |