Understanding Locks and Keys in Cryptography
We begin our explanation of cryptographic concepts with the help of two people you'll get to know well in this book: Alice and Bob, a fictitious pair often used for illustration in cryptography books. Alice and Bob's first task is to illustrate the difference between method and key.
Imagine that a master locksmith has designed a combination lock and published the entire inner workings—the nuts and bolts of every mechanism in the lock. Alice buys a lock and changes the combination. The design is so secure that no one, not even the locksmith, can figure out the new combination. Of course, this means that if Alice forgets the combination, no one can open the lock without trying every combination or breaking the lock.
|One lock design used to make many locks.|
Further imagine that this one lock design is used to make many locks. Suppose Bob also buys a lock and changes the combination. Just like the locksmith who designed the lock, Alice has no clue how to figure out the combination on Bob's or anyone else's lock. So Alice can't open Bob's lock, and Bob can't open Alice's lock (see Figure 1-1).
Figure 1-1 Alice's and Bob's individual locks are only two of many instances of the identical lock design.
Alice checks that her lock is secure against the force she believes an opponent might use to open it and checks that the lock can't be opened by merely pulling on the handle. She also wants to have confidence that it would take an intruder a long time to try all the possible combinations. How long Alice wants someone to have to try different combinations determines the kind of lock she buys. If Alice's only concern is to protect her luggage against a nosy baggage attendant, she needs a lock to stop someone for only a few minutes. She might buy a lock with only a few possible combinations. On the other hand, if Bob wants to protect his valuables at an athletic club, he needs a lock with more possible combinations (see Figure 1-2).
Let's use the lock and key analogy to see how Alice could protect her electronic possessions. Imagine that Alice has an envelope containing a secret message and that her lock seals the envelope to keep others from opening it. The message inside the envelope is readable if the correct combination opens the lock. The message is unreadable if the lock is opened any other way, such as breaking it with a hammer or a crowbar.
Cryptography is both the lock and the combination (or key). Just as there are a variety of locks, there are a variety of cryptographic methods and keys (see Figure 1-3). The joining of the method and the key determines how secure Alice's secret message is from an opponent who doesn't know the combination.
|Strength of lock and number of possible combinations (keys)|
Bob can use a lock with the same design as Alice's lock; many people know that the method is to turn right to number 1, left to number 2, and finally right again to number 3. But it's Bob's individual lock combination (his personal numbers 1, 2, and 3) that enables his lock to secure his personal belongings and keeps Alice, or anyone else without the lock combination, out. What matters most in securing Bob's personal belongings is the strength of the lock and the number of possible combinations or keys.
In the same way, the lock strength and the number of possible keys are critical to securing Bob's and Alice's electronic communications. Alice and Bob can use a cryptographic method or lock with the same design (as long as it's a strong method) and still securely hide their personal messages from a savvy opponent, or each other, because their individual cryptographic keys are different. As long as there are enough possible keys to keep an opponent busy trying them for a long time, Bob and Alice can feel somewhat secure that the secrets in their messages won't fall into the wrong hands.
Figure 1-2 Some locks have very few possible combinations; others have many possible combinations.
Figure 1-3 Cryptography is both a lock and a key.
Why is the number of possible secret keys one of the most important factors about a secret key cryptographic method? It's obvious that a physical lock with 10,000 possible combinations is much more secure than a lock with only 10 possible combinations. In cryptography, this has not always been true. In the following chapters, you'll learn why.