information age: who encrypts ?
government military business crime
citizens ?
Phil Zimmermann
1970s Florida Atlantic University
1977 RSA: government military business (costly)
until then, large scale gov't privacy invasion prohibitive
1980s developed pgp
1991 asks friend to post pgp on internet
1993 US govt visits Phil
msg: symmetric secret-key cryptosystem
secret key: asymmetric public-key cryptosystem
signature: asymmetric public-key cryptosystem
automated pkc key generation, session key
e.g. Eve uses Alice's RSA public key, sends Alice this message: Hi Alice, this is Bob. I would like to purchase an expensive gift for Eve. Please send the gift directly to Eve, and charge my account. Thank you. Bob.
one-way function: given f( ), finding f-1( ) hard
e.g. Alice's RSA public encryption function f(m) = me (mod n)
f-1( ) is Alice's RSA secret decryption function
recall f-1(x) = xd (mod n), where d*e = 1 (mod phi(n)), where phi(n) = (p-1)(q-1)
f( ) is a one-way function, but so is g = f-1( )
Alice sends signed message m to Bob:
uses public hash function h( )
computes j = h(m)
computes c = g(j)
sends m,j,c to Bob
Bob verifies Alice's signature:
confirms j = h(m)
confirms j = g-1(c) = f(c)
security ?
determining g( ) from g
only Alice could have created signature