In lieu of an abstract, here is a brief excerpt of the content:

The Equivalent of a Written Signature 65 The Early History Authenticating messages, rather than ensuring their confidentiality, formed the primary motivation for Diffie and Hellman’s work on public-key encryption. Working in John McCarthy’s AI lab at Stanford, Diffie had been stimulated by discussions over the possibility of computers becoming mainstream appliances and the numerous issues in electronic communications this would bring, including the problem of duplicating customary methods of authentication: What would be the computerized version of a receipt? How could you get a computer -generated equivalent of a signed contract? Even if people were given unique “digital signatures”—say a long randomly generated number bequeathed to a single person—the nature of digital media, in which something can be copied in milliseconds would seem to make such an identifier pointless. . . . Diffie began to wonder how one could begin to fix this apparently inherent flaw in the concept of digital commerce.4 “New Directions” thus makes the case for solving the problem of authentication in electronic networks at some length, arguing that it presented “perhaps an even more serious barrier to the universal adoption of telecommunications for business transactions than the problem of key distribution.”5 Diffie and Hellman point out to the major shortcoming of symmetric cryptography for the purposes of such transactions: “In order to have a purely digital replacement for this paper instrument [written contracts], each user must be able to produce a message whose authenticity can be checked by anyone, but which could not have been produced by anyone else, even the recipient.”6 That is, because in symmetric cryptosystems the sender and the receiver share the same secret key, both are confident that no third party has been able to modify the message while in transit. However, because they share the same secret key, there is nothing to prevent either party from modifying the message after it was first sent and reencrypting the message with the secret key. The common secret key will still correctly decrypt the message and both sender and receiver would thus be able to exhibit different versions of the message and claim them to be the original one. Symmetric cryptosystems would thus enable parties to a contract to produce contradictory evidence of their commitments. Diffie and Hellman thus argued that the solution to the problem of providing signatures in an 66 Chapter 4 electronic environment lay in providing messages verifiable by third parties: “Current electronic authentication systems cannot meet the need for a purely digital unforgeable message-dependent signature. They provide protection against third-parties forgeries, but do not protect against disputes between transmitter and receiver.”7 In these two short sentences, Diffie and Hellman laid out the essential design of cryptographic signatures, a design that has remained largely untouched to this day: a digital signature is (a) purely digital; (b) unforgeable, in the sense of being uniquely linked to its author; (c) message-dependent, that is, uniquely linked to each message; and (d) providing protection against disputes between the contracting parties. Public-key cryptography fulfilled just such properties, if one inversed the procedure required for encryption: to produce a signature, Alice must use her private key, and to verify Alice’s signature, Bob must use Alice’s public key (see figures 4.1 and 4.2). That is, Alice encrypts her message using her private key and sends the resulting ciphertext to Bob. Note that the procedure does not provide for confidential communication: because Alice’s Figure 4.1 Public-key cryptography, authentication mode. By reversing the order of the keys used to encrypt and decrypt, one obtains an entirely different set of security properties . Image courtesy of Dr. Warwick Ford. [18.191.181.231] Project MUSE (2024-04-19 08:05 GMT) The Equivalent of a Written Signature 67 public key is publicly available, anyone can decipher the message. But given the unique mathematical relationship that obtains between the public and the private keys, the receiver has confidence the message was encrypted with the private key corresponding to Alice’s public key and furthermore, that it was not modified in transit, because otherwise the decryption process would fail. As noted before, Diffie and Hellman could not offer a concrete realization of trapdoor one-way functions and thus, of digital signatures. The RSA paper, “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems ,” focused explicitly on the potential of public-key...

Share