Sunday, July 29, 2007

Marconi Award for Co-Author of RSA Encryption Algorithm...with Simple Explanation about RSA

The Marconi Society recognizes a living scientist who shares the determination that advances in communications and information technology be directed to the social, economic and cultural improvement of all humanity.

Ronald Rivest, Professor of Electrical Engineering and Computer Science at MIT, will receive the annual award and $100,000 prize for his pioneering work in the field of cryptography, computer and network security.

"Ron Rivest's achievements have led to the ability of individuals across the planet --in large cities and in remote villages-- to conduct and benefit from secure transactions on the Internet. Public key cryptography has flattened the planet by enabling secure communication via email, web browsers, secure shells, virtual private networks, mobile phones and other applications requiring the secure exchange of information. The technology has enabled entrepreneurial activity on an unprecedented level, and facilitated major advances in political and social interactions." said Robert Lucky, chairman of the non-profit Marconi Society.

CryptoGraf brings Ron Rivest's work with public key crypto to enable mobile phone users send securely encrypted messages, so I have great respect and admiration for him. I was delighted that the closest I got to know Ron was when I met and talked to his neighbor at a trade show. When I mentioned the work that CryptoGraf did with RSA encryption (Ron Rivest is the "R" in RSA) and our enhancements to PKI usability for mobile messaging, it triggered a nice conversation. At some point, she related that she struggled to explain Ron's "invention" to her young son. She couldn't explain it in terms simple enough for her boy to understand.

It's difficult for the average person to appreciate public key crypto, let alone the workings of the underlying mathematical algorithm, since the concept is counter-intuitive.

Most people have no problem understanding standard crypto when it involves using the same key to encrypt and decrypt. That's quite intuitive and is based on the age old method of sharing secret codes. It's also simple to see the analogy of sharing duplicate keys to open and close a lock.

The problem with this standard crypto is that for two people who have never met, to personally exchange duplicate keys, it is impossible to securely share a secret.

However, public key crypto makes it possible for people who have never met to exchange a secret message. Public key crypto uses two separate (but related) keys. One key is used to encrypt, while another key is used to decrypt. Of the two keys, one key is distributed to be made public and is called the public key. The other related key is kept private and is called the private key.

At this point most people who know crypto, enough to try to explain public and private keys, start loosing the attention of their audience.

The counter-intuitive part about public key crypto is that the public key is used to encrypt and the private key is used to decrypt. So Alice can send Bob a message by encrypting the message with Bob's public key. Since Bob is the only person who has the private key, Bob can be certain that he is the only person who can decrypt and read the secret message.

Since our aim is to enhance the usability of CryptoGraf, I've grappled with various analogies to explain the mechanisms underlying the security of RSA, which is the basis of the security of CryptoGraf. The closest I can get is the result of several brainstorming sessions with my brother about ways to explain public key crypto in simple terms. It is still a work in progress, but I try to explain the analogy here. There's a limitation to the analogy since I can't yet figure out how to extend this to illustrate digital signatures.

Here's the Simple Explanation about RSA...
Using public key crypto to communicate is like using a P.O. Box to send and receive letters. Let's say Bob is the owner of the P.O. Box. Bob is the only one who has the key to open the P.O. Box to retrieve the letters. When Alice wants to send a letter to Bob, Alice must have access to Bob's P.O. Box. The P.O. Box is Bob's public key. The private key is used to open the P.O. Box to retrieve the letter.

Some people may consider this analogy "incomplete" since it requires Alice to personally insert the letter into the P.O. Box to make sure that no one else gets access to the letter, to make sure that no one has a chance to even try to open the envelope. Or in essence, it requires multiple copies of Bob's P.O. Box to be shipped out. Anyone who wants to send a secret letter to Bob will insert the letter into their copy of Bob's P.O. Box and ship the P.O. Box to Bob. Bob will use his private key to open each P.O. Box delivered to him.

Hope this goes toward helping the average guy understand the ingenuity of Ron Rivest and the Marconi award for his accomplishment in making it possible for people to securely exchange messages and do e-commerce over the Internet.

Labels: , , ,

0 Comments:

Post a Comment

<< Home