Re: Symmetric alternative to public-key crypto for key-exchange?
From: Valery Pryamikov (valery_at_nospam.harper.no)
Date: Wed, 31 Aug 2005 07:32:07 +0200
>I remember seeing a note somewhere to the effect that a symmetric
> cipher could be used for key exchange instead of a public key one, as
> 1) Bob encrypts the key to be exchanged with his key and sends it to
> 2) Alice encrypts this message with her key and sends it back to Bob
> 3) Bob decrypts this message with his key, and sends it back to Alice
> 4) Alice decrypts the message, revealing the key
> This requires a couple of properties from the symmetric cipher used: It
> must be true that D(b, D(a, E(b, E(a, message)))) = message, and it
> must not be possible to recover the key given the intermediate messages
> transmitted between Alice and Bob (for example, with a standard stream
> cipher, XORing subsequent messages would reveal both Alice and Bob's
> keystreams, and hence the original message).
Stream ciphers would do it, as well as block ciphers in CTR/OFB (or other
streaming operation mode).