Secure communications over insecure channels
@article{Merkle1978SecureCO,
title={Secure communications over insecure channels},
author={Ralph C. Merkle},
journal={Commun. ACM},
year={1978},
volume={21},
pages={294-299}
}According to traditional conceptions of cryptographic security, it is necessary to transmit a key, by secret means, before encrypted massages can be sent securely. This paper shows that it is possible to select a key over open communications channels in such a fashion that communications security can be maintained. A method is described which forces any enemy to expend an amount of work which increases as the square of the work required of the two communicants to select the key. The method… Expand
Topics from this paper
691 Citations
Secure Communications over Insecure Channels Using an Authenticated Channel
- Computer Science
- 2005
This work sketches three generic attacks against any message authentication protocol, concludes on their maximal security, and proposes a new protocol which achieves the same security level as that of SSH and GPG, but using much less authenticated bits. Expand
Secure Communications over Insecure Channels Based on Short Authenticated Strings
- Computer Science
- CRYPTO
- 2005
A way to establish peer-to-peer authenticated communications over an insecure channel by using an extra channel which can authenticate very short strings, e.g. 15 bits, which offers an alternative (or complement) to public-key infrastructures, since it no longer need any central authority, and to password-based authenticated key exchange, since one no longer needs to establish a confidential password. Expand
Some Open Problems In Cryptography
- Computer Science
- ACM Annual Conference
- 1978
This paper describes a method which does not require prior exchange of secret keys for private communication over a public network, and is related to the complexity of solving a certain zero-one integer programming problem. Expand
The dining cryptographers problem: Unconditional sender and recipient untraceability
- Mathematics, Computer Science
- Journal of Cryptology
- 2004
The solution presented here is unconditionally or cryptographically secure, depending on whether it is based on one-time-use keys or on public keys, respectively, and can be adapted to address efficiently a wide variety of practical considerations. Expand
A new group Diffie-Hellman key generation proposal for secure VANET communications
- Computer Science
- 2016 13th IEEE Annual Consumer Communications & Networking Conference (CCNC)
- 2016
This paper proposes a new secure variant of the Diffie-Hellman algorithm for groups that are fortified by a pre-shared secret to withstand the famous Man in the Middle attack. Expand
Random channel hopping schemes for key agreement in wireless networks
- Computer Science
- 2009 IEEE 20th International Symposium on Personal, Indoor and Mobile Radio Communications
- 2009
A channel hopping protocol that lets two stations agree on a secret key over an open wireless channel and without use of any pre-existing key is proposed, which is secure against an adversary with typical consumer radio hardware that only allows receiving on a single channel. Expand
The Internet public key infrastructure
- Computer Science
- IBM Syst. J.
- 2001
The details of the Internet public key infrastructure, which provides the secure digital certification required to establish a network of trust for public commerce, are explored. Expand
Secure personal computing in an insecure network
- Computer Science
- CACM
- 1979
A method for implementing secure personal computing in a network with one or more central facilities is proposed, which employs a public-key encryption device and hardware keys that need not rely on the security of the central facility or the communication links. Expand
Abritrated Unconditionally Secure Authentication Can Be Unconditionally Protected Against Arbiter's Attacks (Extended Abstract)
- Computer Science
- CRYPTO
- 1990
Given an arbiter whose arbitrage is trusted, an authentication scheme is presented which is unconditionally secure against impersonation and/or substitution attacks performed by the arbiter, whereas… Expand
Weakness in Some Threshold Cryptosystems
- Mathematics, Computer Science
- CRYPTO
- 1996
It is shown that the n-out-of-n threshold undeniable signature scheme has an actual security of only 2-out of-n, and the discrete log based threshold signature schemes have a weakness in the key generation protocol. Expand
References
SHOWING 1-10 OF 22 REFERENCES
Communication theory of secrecy systems
- Mathematics, Computer Science
- Bell Syst. Tech. J.
- 1949
A theory of secrecy systems is developed on a theoretical level and is intended to complement the treatment found in standard works on cryptography. Expand
Hiding information and signatures in trapdoor knapsacks
- Computer Science
- IEEE Trans. Inf. Theory
- 1978
Specific instances of the knapsack problem that appear very difficult to solve unless one possesses "trapdoor information" used in the design of the problem are demonstrated. Expand
New directions in cryptography
- Computer Science
- IEEE Trans. Inf. Theory
- 1976
This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing. Expand
A method for obtaining digital signatures and public-key cryptosystems
- Computer Science
- CACM
- 1978
An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key, soriers or other secure means are not needed to transmit keys. Expand
The wire-tap channel
- Computer Science
- The Bell System Technical Journal
- 1975
This paper finds the trade-off curve between R and d, assuming essentially perfect (“error-free”) transmission, and implies that there exists a Cs > 0, such that reliable transmission at rates up to Cs is possible in approximately perfect secrecy. Expand
Analysis of an algorithm for real time garbage collection
- Computer Science
- CACM
- 1976
Algorithms for recovering discarded list structures in this manner are presented and analyzed to determine sufficient conditions under which the list processor never needs to wait on the collector, which are suitable for measuring the typical behavior of the algorithm. Expand
Multiprocessing compactifying garbage collection
- Computer Science
- CACM
- 1975
Algorithms for a multiprocessing compactifying garbage collector are presented and discussed and particular attention is given to the problems of marking and relocating list cells while another processor may be operating on them. Expand
ACM
- ACM
- 1978
IEEE Trans. on Inform. IT-22
- IEEE Trans. on Inform. IT-22
- 1976