A-B-a-b encryption

[Perry E.Metzger]

martin f krafft <madduck at madduck.net> writes:
> it came up lately in a discussion, and I couldn't put a name to it:
> a means to use symmetric crypto without exchanging keys:
>
>   - Alice encrypts M with key A and sends it to Bob
>   - Bob encrypts A(M) with key B and sends it to Alice
>   - Alice decrypts B(A(M)) with key A, leaving B(M), sends it to Bob
>   - Bob decrypts B(M) with key B leaving him with M.
>
> Are there algorithms for this already? What's the scheme called?
> I searched Schneier (non-extensively) but couldn't find a reference.

Hmm. You need a cipher such that given B(A(M)) and A you can get
B(M). I know of only one with that property -- XOR style stream
ciphers. Unfortunately that makes for a big flaw, so I'm not sure we
should throw out our Diffie-Hellman implementations yet.

Imagine the way this would work:

Alice takes a secret pad A and secret key M she wishes to convey and
does A xor M.

She sends A xor M to Bob, who turns it into B xor A xor M, and returns
it to Alice.

Alice easily turns it into B xor M, and returns it to Bob.

Bob then takes B xor M and turns it into M.

However, consider Eve, listening in. She has A xor M, and B xor A xor M.
She thus has B since A xor M xored with B xor A xor M yields B. She
also has B xor M, so she too has M. "Not good".

I'm not sure there are conventional ciphers with appropriate
properties such that this would would well.

Perry

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com