
JUNE 1996 (Vol. 16, No. 3) pp. 1013
07721732/96/$31.00 © 1996 IEEE
Published by the IEEE Computer Society
Published by the IEEE Computer Society
Guest Editors' Introduction: PublicKey Security Systems
Article Contents  
References  
Download Citation  
Download Content  
PDFs Require Adobe Acrobat  
Publickey cryptography today is having a significant impact throughout the microprocessor and microcomputer world. From smart cards to network protocols, from electronic payment systems to optimized arithmetic techniques, publickey cryptography affects microcomputer systems at every level.
The main concept of publickey cryptography is that users can communicate securely—with privacy from eavesdroppers and assurance that messages exchanged are authentic—without first sharing secret information. ^{1} With nonpublickey (that is, secretkey) techniques, such sharing of secrets is essential at some point, which limits the flexibility of a security system, or at least requires that users place significant trust in a central authority. With publickey techniques, parties have pairs of keys: a secret private key and a public key available to other users. (For details, see the box, What is publickey cryptography?) Only one party knows a given private key, but the public key need not be kept secret and can be given to anyone.
In a sense, the move from secret to publickey techniques parallels the transition from mainframes to microcomputers, as the ownership of data—keys in the case of cryptography—moves from a central authority to the users. Just as the transition in computing devices has opened opportunities for networking and communications, so the transition to publickey cryptography lends itself to all kinds of opportunities, including secure electronic commerce.
The most notable microprocessorrelated impact of publickey technology is perhaps in the area of integrated circuit cards, variously known as smart cards or chip cards, the development of which coincided with the maturation of publickey cryptography. While initial IC cards were generally passive storage devices, a limited processing capability is now fairly standard. These cards often also have some degree of physical protection, making them suitable for storing secrets such as private keys.
IC card technology has influenced publickey cryptography in the sense that designers have developed publickey systems specifically to meet the stringent memory and communication bandwidth requirements of IC cards (for example, the GuillouQuisquater identification scheme ^{2} ). Likewise, publickey cryptography has affected IC card design in the introduction of coprocessors for the arithmetic in publickey systems.
David Naccache and David M'Raïhi's article, "Cryptographic Smart Cards," covers the latter kind of impact, surveying the arithmetic coprocessors for IC cards currently available and categorizing their features. A remarkable number of such coprocessors are available, reflecting the commitment of manufacturers to publickey technology based on modular arithmetic (for example, RSA and DSA—see the box). Two boxes accompany the article, "Toward available personal portable security," by Stephan Ondrusch, and "Motorola's SC49: A publickey microcontroller," by Carol H. Fancher. These boxes offer further comments on IC cards and cryptography, discussing such issues as performance, publickey certificate storage, and "electronic wallets."
While arithmetic coprocessors are convenient (and arguably essential) for dedicated hardware such as IC cards, software implementations are equally important. For those techniques based on modular arithmetic, researchers have developed a variety of implementation methods, particularly for the central step of modular multiplication (the computation of a × b mod n, for some fixed modulus n). One of the more promising methods, in terms of simplicity and speed, is that introduced by Peter Montgomery. ^{3} "Analyzing and Comparing Montgomery Multiplication Algorithms," by Çetin Koç, Tolga Acar, and Burton S. Kaliski, Jr., compares several approaches to this method.
Publickey technology finds many applications in microcomputer networking. Electronic mail is one example (and perhaps the most common illustration of the technology); parties can send mail confidentially and ensure its authenticity by applying publickey encryption and digital signatures. Electronic mail falls into the class of storeandforward applications, as it is possible for one party to send protected mail, without the immediate participation of the recipient. Sessionoriented applications assume the direct involvement of multiple participants, and as a result can sometimes employ a different set of cryptographic techniques. (For instance, in the sessionoriented case, it may not be so important to the parties to have a digitally signed receipt of a transaction; an interactive identification scheme may be sufficient.)
"Transparent Authentication and Confidentiality for Stream Sockets," by André Zúquete and Paulo Guedes, describes a sessionoriented application, in which parties on a network authenticate one another and agree on a session key with which they encrypt subsequent communications. The key agreement technique is DiffieHellman (see the box).
Electronic payment systems have become a publickey technology application of intense interest, especially with the potential for electronic commerce on the Internet. Such systems take many forms, from anonymous digital cash following David Chaum's pioneering work ^{4} to creditcardoriented systems such as VISA and MasterCard's recently announced Secure Electronic Transaction (SET) specifications. ^{5}
Nonpublickey systems are certainly possible for electronic payments, and indeed the backbone of the world's financial networks has long relied on secretkey technology. But publickey technology offers a much more open system, as merchants and consumers can join the system simply by presenting a public key (and for legal reasons, possibly a proof of identity); no sharing of secrets with other parties is necessary.
"SCALPS: Smart Card for Limited Payment Systems," by JeanFrançois Dhem, Daniel Veithen, and JeanJacques Quisquater describes one payment system based on publickey cryptography, specifically on a variant of the GuillouQuisquater identification scheme. ^{2} SCALPS complements the other articles in the issue as well; it employs IC cards, and the multipleprecision arithmetic follows Montgomery's method.
Of course, for electronic payment systems and many other applications of publickey technology to become a part of everyday life, such applications need a legal standing. Indeed, it is only recently that the concept of a digital signature has been given a legal interpretation. One reason is that there are more issues to consider than just the cryptographic operations. Ownership of a key pair is one issue (whose signature is it?); the recovery from the compromise of a key is another. The sidebar, "Legal recognition of digital signatures," by Lee Hollaar and Alan Asay, gives a synopsis of efforts in this area.
These articles offer a view into some of the ways publickey technology affects microcomputer and microprocessor systems today. We can find many other illustrations. As a popular example, one might consider Netscape's Navigator, a browser for the World Wide Web. The key icon in the lower lefthand corner of the Navigator display is either intact or broken depending on whether the current connection is secured. Regardless, the publickey cryptography is already there; the only difference is whether the Web server turns security on. One may expect the Netscape key—as well as its counterparts in other applications—to be intact more often as publickey cryptography becomes a standard feature of the microcomputer world.
An LEQSF PLEx grant, LEQSF(199396)ENHPLEx03, funded part of this work.
References
Mahdi Abdelguerfi, a professor of computer science at the University of New Orleans, participates in research on database systems, information retrieval, and VLSI architectures for encryption. He is the recipient of the 1991 University of New Orleans Early Career Achievement award for excellence.Abdelguerfi received a Dipl in electrical engineering from the National Polytechnic School of Algiers, Algeria, and MS and PhD degrees in computer engineering from Wayne State University, Detroit. He is a member of the IEEE, the ACM, Eta Kappa Nu, and Tau Beta Pi.
Burton S. Kaliski, Jr. is chief scientist of RSA Laboratories. His research interests include cryptography and computer arithmetic.Kaliski received BS, MS, and PhD degrees in computer science from the Massachusetts Institute of Technology. He is a member of the IEEE Computer Society, Sigma Xi, and Tau Beta Pi. He chairs IEEE P1363, a group developing standards for publickey cryptography. He performed part of this work during his time at the Isaac Newton Institute for Mathematical Sciences, University of Cambridge (UK).
Wayne Patterson is vice president for research, dean of graduate studies, and professor of computer science at the University of Charleston, South Carolina. He is the author of the widely used textbook, Mathematical Cryptology, and numerous research articles, primarily in the areas of cryptology and parallel computer arithmetic.Patterson received BS and MS degrees in math from the University of Toronto, an MS in computer science from the University of New Brunswick, and a PhD from the University of Michigan. He is a member of the ACM, the IEEE Computer Society, and the International Association for Cryptologic Research.
 x  