A-B-a-b encryption

Perry E.Metzger perry at piermont.com
Sun Nov 16 14:15:24 EST 2003

martin f krafft <madduck at madduck.net> writes:
> it came up lately in a discussion, and I couldn't put a name to it:
> a means to use symmetric crypto without exchanging keys:
>   - Alice encrypts M with key A and sends it to Bob
>   - Bob encrypts A(M) with key B and sends it to Alice
>   - Alice decrypts B(A(M)) with key A, leaving B(M), sends it to Bob
>   - Bob decrypts B(M) with key B leaving him with M.
> Are there algorithms for this already? What's the scheme called?
> I searched Schneier (non-extensively) but couldn't find a reference.

Hmm. You need a cipher such that given B(A(M)) and A you can get
B(M). I know of only one with that property -- XOR style stream
ciphers. Unfortunately that makes for a big flaw, so I'm not sure we
should throw out our Diffie-Hellman implementations yet.

Imagine the way this would work:

Alice takes a secret pad A and secret key M she wishes to convey and
does A xor M.

She sends A xor M to Bob, who turns it into B xor A xor M, and returns
it to Alice.

Alice easily turns it into B xor M, and returns it to Bob.

Bob then takes B xor M and turns it into M.

However, consider Eve, listening in. She has A xor M, and B xor A xor M.
She thus has B since A xor M xored with B xor A xor M yields B. She
also has B xor M, so she too has M. "Not good".

I'm not sure there are conventional ciphers with appropriate
properties such that this would would well.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list