Security in communication networks

It may seem anomolous that electronic mail and other computer communication systems require cryptographic protection when almost no physical mail is given this protection. The difference is that computer readable traffic is extremely vulnerable to automatic sorting at very low cost. Physical mail would also need to be encrypted if it were all written on postcards and could be sorted at a cost of only $1 for several million pages. Even seemingly innocuous facts can be damaging when such vast amounts of data can be screened for all messages mentioning one of a list of key words (e.g., computer communications, electronic mail, EFT, etc.). Analog voice circuits are as vulnerable to wiretapping, but are expensive to sort. Fortunately, the digital nature of the data makes high grade encryption possible at low cost. Analog circuits are almost impossible to adequately secure without going through a digital interface and encryption. The National Bureau of Standards has promulgated a national data encryption standard which can be implemented on a single LSI chip. 1 In large quantities it should therefore cost on the order of $10, an insignificant addition to the cost of a computer terminal. While some have criticized the standard as being inadequately secure,2-4 this is not due to technical constraints, but rather appears to be a political problem. While the cost of the encryption hardware is not a barrier to the widespread use of cryptography in computer oriented systems, there are other costs and problems which must be considered. Key distribution is one such problem.5 In a network with n users there are approximately n/2 possible pairs of users who may wish to converse securely from all other users. The distribution of this many keys by courier, registered mail, etc. is clearly uneconomic even for n equal to one million. This problem can be solved by having the system itself distribute keys, encrypted in user specific system keys or passwords, but this requires the system to be secure. ,7 A more useful approach was suggested by Diffie and Hellman5 and Merkle. S They proposed that it is possible to converse securely over an insecure channel with no prearrangement through use of "public key systems." The second section describes the public key systems of References 5 and 8 as well as systems devised by Rivest, Shamir and Adleman, 9 McEliece,lO and Merkle and Hellman. 11