Re: Symmetric alternative to public-key crypto for key-exchange?

From: Valery Pryamikov (
Date: 08/31/05

Date: Wed, 31 Aug 2005 07:32:07 +0200

<> wrote:
>I remember seeing a note somewhere to the effect that a symmetric
> cipher could be used for key exchange instead of a public key one, as
> follows:
> 1) Bob encrypts the key to be exchanged with his key and sends it to
> Alice
> 2) Alice encrypts this message with her key and sends it back to Bob
> 3) Bob decrypts this message with his key, and sends it back to Alice
> 4) Alice decrypts the message, revealing the key
> This requires a couple of properties from the symmetric cipher used: It
> must be true that D(b, D(a, E(b, E(a, message)))) = message, and it
> must not be possible to recover the key given the intermediate messages
> transmitted between Alice and Bob (for example, with a standard stream
> cipher, XORing subsequent messages would reveal both Alice and Bob's
> keystreams, and hence the original message).
Stream ciphers would do it, as well as block ciphers in CTR/OFB (or other
streaming operation mode).


Relevant Pages