Chapter 9 Mathematical Models in Public - Key Cryptology { draft 5 / 26 / 99 }

Chapter 8 has described several of the classical models of cryptography in which the decryption key was the same as or easily derivable from the encryption key. This meant that the corresponding encryption and decryption algorithms were closely related in the sense that one could be easily deduced from the other. Such cryptographic systems are called symmetric-key or conventional systems, and their security relies exclusively on the secrecy of the keys. Other examples of private-key systems are the Data Encryption Standard (DES) [24] and IDEA [12], in which users of the system who share a secret key can communicate securely over an unsecure channel. In all of the private-key systems, two users who wish to correspond must have a common key before the communication starts, and in practice, establishing a common secret key can be expensive, difficult, and sometimes nearly impossible, especially in a large network where the users need not know each other.