Hey Folks....
This has been a great thread. As a digest reader I'm afraid my response
may be a little late. I have combined quotes from a few posts while
maintaining proper context. I hope this isn't considered poor practice.
> Sam Heywood wrote:
> The type of system used by SSL and RSA has the advantage of not requiring
> any method for secure transmission of any key or code book. For this reason,
> I cannot understand how RSA or SSL could possibly meet any high standard for
> security.
>> Gregory J. Feig responded:
>> Sam .......we shipped those type of documents by accountability armed
>> couriers.....nowdays, YOU, with your encryption program, generate
>> your private key, and you NEVER send it anywhere...at the same time,
>> you generate your public key, and you send that.......
> Later, Sam Heywood asked:
> Why should the transmitting station broadcast the PUBLIC KEY?
After reading posts regarding Enigma alongside PGP/RSA/SSL I think the
terms PUBLIC KEY and PRIVATE KEY are taking on different meanings
depending on the particular encryption technique discussed.
To Sam's first point:
One point to remember is that Asymmetrical encryption (i.e. SSL, RSA)
is ONE WAY.
If I am sending a message to Sam, 'my' PUBLIC KEY and PRIVATE KEY are out
of the picture.....never used....useless. I will encrypt the message
with Sam's PUBLIC KEY.....Sam, and ONLY Sam, can decrypt it with 'his'
PRIVATE KEY.....Done.
If Sam wants to reply to me, 'his' PUBLIC/PRIVATE KEY set are useless. He
must encrypt the reply with 'my' PUBLIC KEY so that I can decrypt it
with 'my' PRIVATE KEY. We can carry on an encrypted exchange ONLY if we
BOTH have generated key sets and make our PUBLIC KEYS known to each
other.
I suspect the first thing that happens in an SSL session is that
both computers exchange PUBLIC KEYS.
As to how security can be maintained through such a system. Well the
function that is used to generate the keys is designed so that the
PRIVATE KEY cannot in any way be determined by examining the PUBLIC KEY.
So any message I encrypt with someone's PUBLIC KEY cannot be 'broken' by
anyone else with that PUBLIC KEY. Only the receiver can decrypt it with
their PRIVATE KEY.
As far as the nuts and bolts of the function, well there's lot's written
about what goes on under the hood and I think the suggestion regarding
DR.DOBBS is a good one. It's pretty interesting when you realize that
the source code (with comments) is freely available for PGP and it's key
generator. Free for all to examine and reverse engineer. Still there is
no compromise to security. Even with a full and deep understanding of
the algorithm, the PRIVATE KEY can't be broken (other than to brute force
it.....but you don't need the source code to do that just lots of money,
equipment and time).
To Gregy's point:
I'm not sure if I get what your saying. If Sam is at the receiving end
of those documents (once sent by courier) then yes he would send his
PUBLIC KEY. If he is the sender of the documents, he would not send any
key, he would use the PUBLIC KEY of the intended redipient.
And finally to Sam's last question which was:
> Why should the transmitting station broadcast the PUBLIC KEY?
Only if the transmitting station wanted a Reply. At least for SSL/PGP/RSA.
For Enigma the term PUBLIC KEY may be used differently.
In the SSL/RSA sense, The 'Central Station' could not provide secure
communications TO it's field agents by sending it's PUBLIC KEY. That
would only guarentee secure communications FROM it's field agents.
But I believe Enigma falls under the cloak of Symmetrical encryption.
Closer to OTP. The problem of getting new wheel configurations to the
field agents without resorting to couriers must have been the hardest
thing to do. I can't imagine dual-key asymmetrical encryption being
useful before the advent of computers due to the math intensive nature
of the process.
Question for the Enigma folks....If you knew the wheel settings used to
encrypt a message, could you then decrypt it? If so then Enigma is
Symmetrical. If not, and a different wheel set is used to decrypt the
message then that's one impressive machine (and I hope they kept the
inventor's brain in a jar somewhere ;-)).
I hope these comments help.
Take Care...
Jim.
-- Arachne.....Registered.....Life doesn't get any better!!
-- Pixel32.....Registered.....OOPS!, Life just got better!!
