7. The Bedrock of Cybersecurity: Cryptography 165 7.2.2 Public Key Cryptography “I walked downstairs to get a Coke, and almost forgot about the idea. I remembered I had been thinking about something interesting, but couldn’t quite recall what it was. Then it came back in a real adrenaline rush of excitement.” - Whitfield Diffie recalling the moment he conceptualized public key cryptography in The Code Book by Simon Singh Symmetric key cryptography relies on the communicating parties sharing a secret, the key. Obtaining the shared key is a significant hurdle because it means that for people to communicate securely, they must first have communicated securely to exchange the key. This is known as the key distribution problem. Keys must be generated and securely distributed and this is not easy to do. Ironically, cryptography is only needed when people cannot communicate securely, and that is why key distribution is a serious issue. Key management is also difficult. A unique key is needed for every communicating pair. The formula to calculate the number of keys needed for n people to communicate with one another on a one-on-one basis is: (n × (n - 1)) / 2 This means five people would need ten keys, fifty people would need 1,225 keys, and 500 people would need 124,750 keys. Clearly, this does not scale well. For communicating over the Internet, key distribution and key management are deal breakers—there is no good way to distribute and manage the needed shared keys. Fortunately, around the same time Internet technology was maturing in the 1970s, Diffie and Hellman discovered public key cryptography. In their seminal paper, they explained a new way to perform cryptography but were unable to provide an implementation. They introduced the concept of two keys that were inverses of one another. What one encrypted, the other could decrypt. They stated that it should be easy to create a key pair but infeasible given one of the keys to calculate its inverse. Thus, the concept of public key cryptography was born. Within a year, three researchers from the Massachusetts Institute of Technology, Ron Rivest, Adi Shamir, and Leonard Adleman, inspired by Diffie and Hellman’s paper, devised a practical scheme to actually implement public key cryptography. This scheme became known as RSA after the last initials of the three researchers. RSA is based on number theory and utilizes mathematical equations that are easy to calculate in one direction, but are difficult to calculate in the reverse direction. RSA is entirely mathematical. It transforms one number into another number—this is how it encrypts and decrypts messages. In physical space it would seem weird to perform math on messages, but in cyberspace, this is completely natural. In cyberspace, all data is a string of 1s and 0s and any message, be it an email, a file, or a computer program, can be treated as a base two number and used in mathematical equations.
RkJQdWJsaXNoZXIy MTM4ODY=