Imagine logging into a secure web server which, instead of asking you to type in your password, merely asks you questions about your password until it’s convinced that you really do know it and therefore are who you say you are. Moreover, imagine that your answers to the server’s questions provide no information whatsoever which could be used by a malicious hacker, even if all communications between you and the server are being intercepted. Finally, imagine that the server in question not only does not store any information about your password, it has never at any point asked you for information about your password.
Sounds too good to be true, right?
In fact, such password schemes do exist, and they’re quite easy to implement. They are known as zero knowledge authentication systems. In this post, I’ll explain the main idea behind such protocols using the notion of a “one-way homomorphism”. Before diving into the technicalities, though, here’s a useful thought experiment which conveys the main idea.
The following post was originally published on the AMS Blog “On Teaching and Learning Mathematics”. I have reproduced it here with the permission of the AMS.
Last year, I began offering an online Number Theory and Cryptography course for gifted high school students through Georgia Tech. Fourteen high school seniors from metro Atlanta took the course in Fall 2014, and overall I would say it was a big success. We will be offering the course again in Fall 2015 and are expecting roughly double the number of students. After describing the structure of the course, I will relate some of my experiences and describe some of the things I learned along the way. I hope this article stimulates others to think outside the box about using technology in education without necessarily following the standard “MOOC” model.
My last post was about “Cheryl’s birthday puzzle”, which recently became an internet sensation. I mentioned several additional puzzles in that post and promised solutions; here they are.
Let me begin, though, with a “cryptography” variant of the Cheryl puzzle which was sent to me by my friend and puzzle guru Pete Winkler:
Cheryl’s birthday possibilities are now May 14 or 15, June 15 or 16, July 16 or 17 or August 14 or 17. Albert gets the month and Bernard the day as before, and they both want to find out the birthday. But Eve, who’s listening in, mustn’t find out. How can A and B, who’ve never met before (and aren’t cryptographers), accomplish this mission?
Think about it, it’s a fun little puzzle! [Pete writes in addition: “You can also do this with a cycle of 5 months (10 dates total) but then you need a coin to flip.”]
My Meta-Cheryl Challenge (as revised on April 20) was to come up with a list of dates for which the following puzzle will have a unique solution:
This morning I attended Martin Hellman’s stimulating keynote address at the 2013 Georgia Tech Cyber Security Summit. Martin Hellman is the co-inventor, with Whitfield Diffie, of the Diffie-Hellman Key Exchange Protocol, which began the (public) public-key cryptography revolution. Among the interesting things I learned during Martin Hellman’s talk are:
1. Hellman feels that Ralph Merkle deserves equal credit for inventing public-key cryptography and refers to his own invention as the Diffie-Hellman-Merkle key exchange protocol. (Merkle was the director of the Georgia Tech Information Security Center from 2003-2006.)
2. Hellman came up with the famous “double padlock” thought experiment after the invention of the Diffie-Hellman-Merkle key exchange protocol, as a way to explain it to others. The mathematics came first. (I had always wondered about this.)
3. Most interestingly, Hellman said that he got the idea to use modular exponentiation/discrete logarithms as a “one-way function” from the engineer and mathematician John Gill (who I never heard of before this morning). John Gill’s other suggestion was to use multiplication/factoring, which forms the basis of RSA! It’s all the more amazing that I’ve never heard of John Gill because he earned his bachelor’s degree in Applied Mathematics from Georgia Tech (where I now teach) and his Ph.D. in Mathematics from U.C. Berkeley (where I got my Ph.D.)! Hellman also recounted a conversation in which Gill (who is African-American) mentioned having encountered very little racial intolerance during his undergraduate studies in the 1960’s — apparently Georgia Tech was (relatively speaking) an oasis of tolerance among southern universities during that time.
Now on to the mathematical part of this post, which is an unusual proof of the existence of primitive roots modulo primes which I came up with recently while preparing a lecture for my course on Number Theory and Cryptography. The proof is much less elementary than every other proof I’ve seen, but I would argue that it nevertheless has some merit. Continue reading