February 26, 2021

Key Distribution


The history of cryptography is filled with tales of two competing factions. The cryptographers who devised increasingly ingenious means of encrypting messages and the cryptanalysts, or code breakers, who developed the means of deciphering the code.

The processes used by both sides has of course varied during this time, but the overall pattern can be simply described.

The cryptographer takes the message, or plaintext, and applies an algorithm and a key to produce ciphertext, or code. The coded message is transmitted - by messenger, radio, email etc - to the receiver. The receiver, who knows the algorithm and has a copy of the key, deciphers the coded message back into plain text. The message may be intercepted and passed to the cryptanalyst, but if the encryption is secure enough, the code should resist any attempt to decipher it, or at least take so long to break that it renders the information useless to the intercepting party.

To cut through a fascinating history in a few words feels like a travesty, but here goes.

The cryptographers won the day by developing the means to produce unbreakable code. There was, however, one small problem, which can be summed up in two words - key distribution. It was all well and good owning a totally secure means of encryption, but the sender still had to ensure that any receiver possessed a copy of the key. So how can you tranmit keys securely? The answer was, for a long time, that you could not. Well, not without a great deal of expense and trust of third parties. Governments would ship their keys around the globe under conditions of maximum security. Banks would employ secure messenger services. This was all very expensive, time consuming and susceptible to military or industrial espionage.

The answer was eventually provided by interested parties on both sides of the Atlantic. The British government, in the form of James Ellis and Clifford Cocks at GCHQ, were first to crack the problem in 1973. Ellis had produced a secret paper a few years earlier in 1970 (go here to read Ellis' account), but for reasons of security GCHQ chose to conceal it. In 1976, an American team (Diffie, Hellman and Merkle) independently produced a solution to securely distribute keys. The protocol enabled parties to create a symmetric key without having to pass the key across a network. In 1978, RSA (Rivest, Shamir and Adleman) developed and patented a public asymmetric key cryptosystem.

Note: The issue of producing unbreakable code using something similar to RSA is now open to some debate. The reason for this can be summed up in two words,
quantum computing.
There are many articles in the press discussing this issue
e.g. here is one article dated 1st July, 2008.

Next page » The Diffie-Hellman Key Exchange Protocol

Previous page « Introduction to Encryption













Up to top of page