Public Key Cryptography’s Impact on Society: How Diffie and Hellman Changed the World

Abstract

In 1975 and 1976, Whitfield Diffie and Martin Hellman conceived and introduced fundamental new methods that changed how communications are secured. Their landmark paper “New Directions in Cryptography” explained both public key cryptography and what would become known as Diffie-Hellman key exchange. These ideas, influenced and augmented by a few souls within a small community, set the world on a new course by establishing novel cryptographic techniques for protecting information transmitted over untrusted channels. Our aim herein is to consider how public key cryptography has changed the world, and in particular its impact on society. We review the original contributions of Diffie and Hellman, and provide context to relate these to pre-existing and subsequent cryptographic techniques. Aided by this understanding, we connect their contributions to resulting major changes in society. To retain accessibility for non-specialists, our treatment largely avoids mathematical details, while selectively introducing technical terms to maintain technical accuracy. 1 Security background We begin with some basic concepts and terminology to develop a working vocabulary. When information is transmitted over a physical channel (physical line) such as a traditional phone line, cable, or optical fibre, the line may be physically shielded or isolated, to reduce the risk of unauthorized access such as by a physical wiretap. If such a communication channel is accessible to unintended parties, it is called an open or untrusted channel. In general, ordinary information (plaintext) sent over untrusted channels is at risk of interception. For example, plaintext sent over a radio channel is accessible to anyone with a suitable wireless receiver. A common defense is to convert plaintext characters into a related sequence of characters (ciphertext) that are not meaningful even if intercepted. To do so, at the sender’s end a sequence of instructions (called an encryption algorithm) is used to convert plaintext to ciphertext, which is then transmitted. To recover the plaintext, the operation is reversed at the receiver’s end by a decryption algorithm. In this way, encryption provides a confidentiality property, whereby the meaningful content is available only to authorized parties. Unauthorized parties cannot recover the plaintext because the encryption and decryption algorithms require a secret number, which may be viewed as a random string of 0s and 1s; 128 of these would be called a 128-bit cryptographic key. The aim is that only the sender and recipient (i.e., their computing devices) share this secret key.1 Historically, decryption requires the same key as used for encryption; in this case we use the terms symmetric-key algorithms and symmetric keys. Distinct from confidentiality or secrecy is the concept of authentication. The ability to recognize individuals (entity authentication) is taken for granted in human-to-human interactions, but more challenging in written communications. (Can you be sure that the postcard you have received is legitimately from your sister?) To provide a modest degree of authentication beyond relying solely on context and semantic content, we conventionally ∗3 Nov 2020. To appear as a chapter in Democratizing Cryptography, R. Slayton (ed.), ACM Press. 1Viewing the encryption process as an algorithm, the key is a required input parameter. For a given plaintext message, a different key results in a different ciphertext.