On Tue, 11 Jan 2000 09:11:04 -0500, Roger Turk wrote:
> Let me give you my idea of public key/private key usage by going back about
> 40 years. This is in the day where encryption was performed by mechanical
> crypto machines that had a number of rotors that could each be assembled in
> various manners. As the encrypter typed the plain text message, the crypto
> machine would generate a letter, increment the rotor so that if the same key
> was typed, a different letter would be generated. There would be literally
> thousands of ways the rotors could be assembled. The message would be the 5
> character group messages that Sam Heywood mentioned.
> Everybody had machines capable of decoding the message and anyone that had a
> radio receiver tuned to the proper frequency could receive the message,
> however, in order to decode the message, the recipient had to know how the
> rotors were assembled by the sender. Obviously, the sender could not send a
> plain text message giving instructions on how to assemble the rotors, yet,
> the sender had to tell the intended recipient how to assemble his/her
> rotors. This was done at the beginning of the message before the 5 character
> groups started, thus:
> ALPHA ROMEO ALPHA CHARLIE HOTEL ... (etc.)
> This is the PUBLIC KEY. Everyone who received the message received the
> Public Key. The people to whom the message was intended would pull out their
> code book, turn to the page for the date (and possibly time) the message was
> originated, and see that under rotor 1, ALPHA meant to assemble parts a, b,
> c, and under rotor 2, ROMEO meant to assemble parts e, f, g, etc. The code
> book page is the PRIVATE KEY. A person receiving the message who didn't know
> how to set up the rotors, i.e., did not have the PRIVATE KEY, would have to
> try the thousands of combinations of rotors in order to decode the message.
<snip>
Hello again, Roger:
This seems like a very secure system. The disadvantage is that the code
books having the secret instructions would have to be disseminated to each
intended recipient by some secure means. The public key provides references
to a particular set of secret instructions on how to assemble the ciphering
wheels and gears for each transmission. Of course those who are not in
possession of the secret instructions cannot decipher the message.
The type of system used by SSL and RSA has the advantage of not requiring
any method for secure transmission of any key or code book. For this reason,
I cannot understand how RSA or SSL could possibly meet any high standard for
security.
Sam Heywood
-- This mail was written by user of Arachne, the Alternative WWW Browser
