EATCS Monographs on Theoretical Computer Science Volume 23 Editors: W. Brauer G. Rozenberg A. Salomaa Advisory Board: G.Ausiello M.Broy S.Even IHartmanis N.Jones T. Leighton M.Nivat C. Papadimitriou D. Scott
Arto Salomaa Public-Key Cryptography With 18 Figures Springer-Verlag Berlin Heidelberg GmbH
Author Prof. Dr. Arto Salomaa The Academy of Finland SF-20500 Turku, Finland Editors Prof. Dr. Wilfried Brauer Institut fur Informatik, Technische Universitat Miinchen Arcisstrasse 21, D-8000 Miinchen 2, FRG Prof. Dr. Grzegorz Rozenberg Institute of Applied Mathematics and Computer Science University of Lei den, Niels-Bohr-Weg 1, P. O. Box 9512 NL-2300 RA Leiden, The Netherlands Prof. Dr. Arto Salomaa (address as above) ISBN 978-3-662-02629-8 Library of Congress Cataloging-in-Publication Data Salomaa, Arto. Public-key cryptography / Arto SaIomaa. p. cm. - (EATCS monographs on theoretical computer science; v. 23) Includes bibliographical references and index. ISBN 978-3-662-02629-8 ISBN 978-3-662-02627-4 (ebook) DOI 10.1007/978-3-662-02627-4 I. Computers - Access control. 2. Cryptography. I. Title. II. Series. QA76.9.A25S26 1990 005.8'2-dc20 90-10092 CIP This work is subject to copyright. All rights are reserved, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in other ways, and storage in data banks. Duplication of this publication or parts thereof is only permitted under the provisions ofthe German Copyright Law of September 9, 1965, in its current version, and a copyright fee must always be paid. Violations fall under the prosecution act of the German Copyright Law. Springer-Verlag Berlin Heidelberg 1990 Originally published by Springer-Verlag Berlin Heidelberg New York in 1990 Softcover reprint of the hardcover 1 st edition 1990 The use of registered names, trademarks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. 2141/3140-543210 - Printed on acid-free paper
To the Memory of My Sister Sirkka Salomaa 1919-1989
Preface Cryptography, secret writing, is probably as old as writing in general. Only recently it has become the object of extensive scientific studies. Vast new applications to data security constitute one explanation for this. Perhaps a still more important reason for the huge growth of scientific research on cryptography is the seminal idea of public-key cryptography and the resulting new vistas on the possibilities of communication. This book presents a view on public-key cryptography with classical cryptography as the starting point. An attempt has been made to cover some of the most recent developments and present novel features. The plaintext examples constitute a package of basic sauna knowledge. Acknowledgements. Hermann Maurer revived in the late 70's my dormant interest in cryptography. I have used some versions of this book since 1983 for courses on cryptography at the Universities of Turku and Leiden, as well as at the Technical University of Wien. The observations of the participants in these courses were useful. Juha Honkala, Jarkko Kari, Valtteri Niemi, Lila Santean, Mika Niemi and Ari Renvall have commented on various parts of the manuscripts, and the first four have contributed in numerous discussions as well. I have also benefited from discussions with Ron Book, Wilfried Brauer. Karel Culik, Ferenc Gecseg, Jozef Gruska, Tero Harju, liro Honkala, Helmut Jurgensen, Juhani Karhumiiki, Werner Kuich, Hannu Nurmi, Kaisa Nyberg, Azaria Paz, Grzegorz Rozenberg, Kai Salomaa, Aimo Tietiiviiinen, Emo Welzl, Derick Wood and Sheng Yu. Special thanks are due to Elisa Mikkola for excellent typing, as well as assistance in many practical matters. Anu Heinimiiki has drawn the pictures. The Academy of Finland has provided me excellent working conditions. The good cooperation with the Academy, in particular with Marjatta Niiiitiinen, is gratefully acknowledged. The scientific organization MA TINE has supported my cryptographic research. Finally, I want to thank Springer-Verlag and especially Dr. Hans Wossner and Mrs. Ingeborg Mayer for good cooperation and timely production. Turku, May 1990 Arto Salomaa
Contents Chapter 1. Classical Two-Way Cryptography... 1 1.1 Cryptosystems and Cryptanalysis... 1 1.2 Monoalphabetic Systems... 10 1.3 Polyalphabetic and Other Systems... 22 1.4 Rotors and DES... 39 Chapter 2. The Idea of Public Keys... 55 2.1 Some Streets Are One-Way........................... 55 2.2 How to Realize the Idea... 64 2.3 Obvious Advantages of Public Keys... 71 Chapter 3. Knapsack Systems... 77 3.1 A Trapdoor is Built... 77 3.2 How to Find the Trapdoor... 87 3.3 Theory of Reachability... 96 3.4 Trying to Hide the Trapdoor Again... 108 3.5 Dense Knapsacks... 117 Chapter 4. RSA... 125 4.1 Legal World... 125 4.2 Attack and Defense... 134 4.3 Primality... 137 4.4 Cryptanalysis and Factoring... 143 4.5 Partial Information on RSA... 147 4.6 Discrete Logarithms and Key Exchange... 154 Chapter 5. Other Bases of Cryptosystems... 159 5.1 Exponentiation in Quadratic Fields... 159 5.2 Iteration of Morphisms... 166 5.3 Automata and Language Theory... 174 5.4 Coding Theory... 178 Chapter 6. Cryptographic Protocols: Surprising Vistas for Communication 181 6.1 More Than Etiquette... 181 6.2 Coin Flipping by Telephone. Poker Revisited... 184 6.3 How to Share a Secret... 187 6.4 Partial Disclosure of Secrets... 190 6.5 Oblivious Transfer... 194 6.6 Applications: Banking and Ballots... 200
X Contents 6.7 Convincing Proofs with No Details... 202 6.8 Zero-Knowledge Proofs... 208 6.9 Zero-Knowledge Proofs of Identity... 213 Appendix A. Tutorial in Complexity Theory... 219 Appendix B. Tutorial in Number Theory... 223 Problems 229 Historical and Bibliographical Remarks... 237 References 239 Index... 243