Who wants a puzzle?

[mjrpes3]

Originally posted by: xcript
Lock -> send -> she adds her own padlock -> sends back -> remove your lock -> send to her again -> she takes off her lock and enjoys the contents. No key was ever sent.

Very nice. One of those concepts that makes perfect sense once you understand it.

 

[BigDH01]

Originally posted by: Locut0s

Originally posted by: irishScott

Originally posted by: xcript
Lock -> send -> she adds her own padlock -> sends back -> remove your lock -> send to her again -> she takes off her lock and enjoys the contents. No key was ever sent.

Sweet. Hilariously impractical IRL, but sweet.

That's the concept behind public key encryption, which is anything but impractical.

But from my understanding of public key crypto, this analogy isn't very good. Both parties would have keys to both padlocks, one private and one public. An operation on a padlock can only be reversed by the key other than the one used for the original operation. Ex: if k1 (little key 1) was used to lock padlock1 (p1) then K1 (big key 1) would have to be used to unlock it. Bob and alice both have big and little keys (ka, Ka, kb, Kb). They both keep their big keys but give copies of the little keys to anyone that wants one. Bob would have a copy of Alice's little key. Bob takes two boxes, puts the diamond in the smaller, and puts the smaller box in the larger box. He locks the small box with Kb. He then locks the big box with ka. Only Alice, who retains sole control of Ka, can unlock the big box. However, since anyone could have a copy of ka, she needs to verify that this box actually came from Bob. This is why Bob locked this inside box with Kb, of which there is only one copy. Alice unlocks this box with kb and verifies it was from Bob.

At least that's my understanding. Of course, it's often just the hash of the message that would be encrypted with Bob's private key.

 

[sswingle]

Put on a combo lock and call her on the phone with the numbers.

 

[Quasmo]

GET THIS Call her ass, and tell her the combination. Idiots.

Shit... beat by 2 minutes.

Apparently I'm in an angry mood today.

 

[Phoenix86]

Originally posted by: paulney
You want to mail diamonds to your gf. Suppose, it's the only way to reach her - you have a long distance relationship/whatever.

If you mail diamonds in an open box, post office people will steal them. You can put a padlock on the box, and the diamonds will be delivered safe and secure. You can't mail the key, because it will be compromised right away (post office people will make a copy, then steal your diamonds).

How can you mail the diamonds to the girl, so that she can actually get them out of the box?

Have her buy the lock, and mail you the lock first. You lock the box and mail it back to her. She opens the box with the key she already has.

 

[QED]

Originally posted by: BigDH01

Originally posted by: Locut0s

Originally posted by: irishScott

Originally posted by: xcript
Lock -> send -> she adds her own padlock -> sends back -> remove your lock -> send to her again -> she takes off her lock and enjoys the contents. No key was ever sent.

Sweet. Hilariously impractical IRL, but sweet.

That's the concept behind public key encryption, which is anything but impractical.

But from my understanding of public key crypto, this analogy isn't very good. Both parties would have keys to both padlocks, one private and one public. An operation on a padlock can only be reversed by the key other than the one used for the original operation. Ex: if k1 (little key 1) was used to lock padlock1 (p1) then K1 (big key 1) would have to be used to unlock it. Bob and alice both have big and little keys (ka, Ka, kb, Kb). They both keep their big keys but give copies of the little keys to anyone that wants one. Bob would have a copy of Alice's little key. Bob takes two boxes, puts the diamond in the smaller, and puts the smaller box in the larger box. He locks the small box with Kb. He then locks the big box with ka. Only Alice, who retains sole control of Ka, can unlock the big box. However, since anyone could have a copy of ka, she needs to verify that this box actually came from Bob. This is why Bob locked this inside box with Kb, of which there is only one copy. Alice unlocks this box with kb and verifies it was from Bob.

At least that's my understanding. Of course, it's often just the hash of the message that would be encrypted with Bob's private key.

You're right, this puzzle isn't an illustration of public key encryption at all--this is instead a great illustration of another fundamental use of some encryption principle-- namely, symetric key exchange.

In this case, think of the diamonds instead as a secret passcode to be used to encrypt any future communications between Alice and Bob. Bob and Alice want to communicate privately, but how? Bob can encrypt his letter using some passcode, but Alice would need to know the passcode to decrypt it. So the problem then becomes: how can Bob send Alice the passcode without anyone else knowing it? The answer to the puzzle shows us exactly how, except instead of sending diamonds, Bob sends Alice a box with the shared passcode in it.

Bob locks the box with his padlock (only he has the key to it). He then sends it to Alice, who throws on her own padlock (only she has the key to it), and sends it back to Bob. Bob removes his padlock (using the key that only he has), and sends the box back to Alice who removes her padlock. Bob and Alice now have a shared passcode that they can use for all future communications, and their own private keys have never been exposed.

Note that this isn't a public key encryption because Bob did not need to know anything about Alice or her keys (whether publicly known or not), nor did Alice need to know anything about Bob or his keys. In fact, this is perhaps simultaneously one of the best and one the worst attributes about this key exchange system: Alice has no way of knowing for sure it was Bob who sent the box and is trying to communicate with jer, and Bob has no sure way of knowing that it was Alice who replied to him. If the post office were truly wise, once Bob sent his box with diamonds they would put their own padlock on it and send it back to Bob, who would remove his padlock and send it back through the post office.

Public key encryption systems offer you a similiar key exchange method, but also add the ability to verify the authenticity of the item being sent as well as the ability to verify the identity of the sender.

 

[paulney]

I had to go to bed, but thanks to QED for a great explanation of the algo behind the puzzle.
Great job, guys!