You are on page 1of 1

Key distribution problem.

A driving force in the practical use of cryptography is the key distribution pro blem inherent in single-key cryptosystems. This problem can best be described by means of a simple analogue to encryption/decryption. A and B are to be physical ly apart and will be able to communicate only by way of intermediaries who will pass along messages, which they may either read or alter. In order to communicat e in secret, A and B obtain a strongbox with a double-acting dead bolt on it, so that a key must be used to lock or unlock the box. Locking a message in the box is analogous to encryption and unlocking to decryption. The locked box, contain ing a secret message, is the analogue of a cipher. If A and B each have a copy o f the key and no one else does, then whenever either of them receives a locked b ox containing a message that person can be confident the message actually came f rom the other party because only one or the other of them could have locked the box (authentication). By the same token, the sender of the message can be certai n that only the intended recipient can open the box (secrecy). This, of course, requires that A and B either meet in person at the time the system is set up to share the secret key or exchange the key via a trusted courier, which is how act ual cryptographic keys have traditionally been disseminated. A and B must therea fter protect the key in their possession, because if C, the cryptanalyst, can ga in access to either's key to make a copy he could then lock messages in the box to impersonate A or B or else open the box sent by either party and read the enc losed message. If A or B allows his key to be compromised, however, neither auth entication nor secrecy can be relied on thereafter. Consider a system with only 1,000 subscribers, any two of whom may wish to commu nicate in secret or be able to verify the source of a message. In this case, A w ould need to exchange secret keys with 999 other subscribers and would have to p rotect all 999 keys in his possession in precisely the same way he did the singl e key he shared with B before. One of these keys would still be shared with B, b ut B would also need to have 998 other keys to enable him to communicate securel y with persons other than A. In short, 499,500 different keys are needed if ever y pair of subscribers among 1,000 is to be able to communicate securely. Each su bscriber would have to exchange secret keys with every one of the 999 other subs cribers and then protect the integrity of the 999 keys that he is responsible fo r. The key distribution problem is that the number of keys required increases pr oportionate to half the square of the number of users. Furthermore, since the sa me key is held by both users of any one of the secure data links, say between A and B, A must trust B to protect his key so that A's messages to B are secret an d the messages (locked boxes) A receives--purportedly sent by B--are necessarily from B (authentic). In most military and diplomatic communications this latter condition of mutual trust is satisfied; e.g., one embassy, A, can rely on anothe r embassy, B, to protect the cryptographic keys entrusted to its care. In other words, A is not concerned that B may send messages to him and later disavow them as forgeries created by A, nor claim to have received messages from A that he f raudulently created himself. In commercial and business applications, however, t hese are precisely the major concerns of the users--namely, the customer does no t want to give the merchant the ability to create undetectable forgeries in his stead, nor would the merchant accept a system in which the customer could disavo w a legitimate draft. The key distribution problem of single-key cryptography is that the number of se cret keys needed increases proportionate to the square of the number of users of the system and that each user must be responsible for the protection of as many keys as there are users (less one). The related problem arising from the symmet ry of the cryptographic system is that each user must trust the other users to p rotect their copies of the keys that he depends on. This is a characteristic of single-key cryptographic systems and not itself part of the key distribution pro blem.

You might also like