The Science of Secrecy

This concept of public-key cryptography was developed by Whitfield Diffie, Martin Hellman and Ralph Merkle, researchers at Stanford University. However, to implement the system it was necessary to find a mathematical padlock, a formula that would work on the internet. The mathematical padlock was eventually discovered by Ronald Rivest, Adi Shamir and Len Adleman, and the cipher is known by their initials: the RSA cipher.

It is also important to point out that this chain of events in the US was paralleled in Britain by research in the Communications-Electronics Security Group (CESG) at GCHQ in Cheltenham. Recent revelations have suggested that James Ellis, Clifford Cocks and Malcolm Williamson were, in fact, the first to invent public-key cryptography. Their breakthroughs were classified for a quarter of a century, so they were the anonymous heroes of cryptography. The science of secrecy is often a secret science.

One way to think about public-key cryptography and the RSA cipher is to consider the concept of symmetry. Conventional encryption, which dominated the first 2,000 years of the science of secrecy, is said to be symmetric, because the sender has a key and encrypts the message and the receiver has the identical key and decrypts the message. In the case of the Enigma cipher, for instance, the key was the machine setting, and as long as the receiver had the same key (that is the same machine setting) then he or she could decipher the message. The relationship between the sender and receiver is symmetric: the encryption and decryption keys are the same. Clearly this means that it is necessary to transport the information describing the key between the sender and the receiver, which brings us back to the key-distribution problem.

Public-key cryptography solves the key-distribution problem by using an asymmetric cipher. This means that the encryption key and decryption key are not the same, and furthermore it is not possible to work out the decryption key from the encryption key.

For example, I could create a pair of encryption and decryption keys. I keep the decryption key secret, but I publicly distribute the encryption key, perhaps on the internet. Anybody has access to this encryption key and can use it to encrypt messages to me. But only I, the owner of the decryption key, can decipher the messages.

There is an analogy to help explain this concept. Imagine that I create a padlock with a key. I make millions of copies of the padlock and distribute them to post offices around the world, but I keep the key for myself. Anybody who wants to send me a private message can collect a padlock from the local post office and use it to lock the message inside a box. However, only I, the owner of the key, can open the padlock.


			Text only
			This concept of public-key cryptography was developed by Whitfield Diffie, Martin Hellman and Ralph Merkle, researchers at Stanford University. However, to implement the system it was necessary to find a mathematical padlock, a formula that would work on the internet. The mathematical padlock was eventually discovered by Ronald Rivest, Adi Shamir and Len Adleman, and the cipher is known by their initials: the RSA cipher. It is also important to point out that this chain of events in the US was paralleled in Britain by research in the Communications-Electronics Security Group (CESG) at GCHQ in Cheltenham. Recent revelations have suggested that James Ellis, Clifford Cocks and Malcolm Williamson were, in fact, the first to invent public-key cryptography. Their breakthroughs were classified for a quarter of a century, so they were the anonymous heroes of cryptography. The science of secrecy is often a secret science. One way to think about public-key cryptography and the RSA cipher is to consider the concept of symmetry. Conventional encryption, which dominated the first 2,000 years of the science of secrecy, is said to be symmetric, because the sender has a key and encrypts the message and the receiver has the identical key and decrypts the message. In the case of the Enigma cipher, for instance, the key was the machine setting, and as long as the receiver had the same key (that is the same machine setting) then he or she could decipher the message. The relationship between the sender and receiver is symmetric: the encryption and decryption keys are the same. Clearly this means that it is necessary to transport the information describing the key between the sender and the receiver, which brings us back to the key-distribution problem. Public-key cryptography solves the key-distribution problem by using an asymmetric cipher. This means that the encryption key and decryption key are not the same, and furthermore it is not possible to work out the decryption key from the encryption key. For example, I could create a pair of encryption and decryption keys. I keep the decryption key secret, but I publicly distribute the encryption key, perhaps on the internet. Anybody has access to this encryption key and can use it to encrypt messages to me. But only I, the owner of the decryption key, can decipher the messages. There is an analogy to help explain this concept. Imagine that I create a padlock with a key. I make millions of copies of the padlock and distribute them to post offices around the world, but I keep the key for myself. Anybody who wants to send me a private message can collect a padlock from the local post office and use it to lock the message inside a box. However, only I, the owner of the key, can open the padlock. Top