Piggy bank cryptography

From HandWiki

Piggy bank cryptography is a digital emulation of a piggy bank. It uses an encrypted message as a carrier into which valuable secrets can be inserted and later recovered by the person who issued the message. A typical protocol works as follows:[1]

  1. Bob, who wishes to obtain secret information from Alice, uses public key cryptography to encrypt some random data with his own public key. He sends the result to Alice.
  2. Alice creates a single-use key pair. She injects both her secret and her new decryption key into Bob's message. She then writes a signed note that describes what she has injected. She encrypts the note with her new encryption key, and sends the modified message and note to Bob.
  3. Bob decrypts the modified message to obtain both the secret and Alice's decryption key. He uses her decryption key to read the note and verify that Alice sent the secret.

In this scheme, Bob does not necessarily require a public key from Alice, although he does require her to sign her note in such a way that he can verify her authorship.

Piggy bank cryptography has been proposed for authenticating parties to detect man-in-the-middle attack.[2] The piggy bank paradigm can be used to implement asymmetric as well as double-lock cryptography.[3]

References

  1. Kak, S. The piggy bank cryptographic trope. Infocommunications Journal, vol. 6, pp. 22-25, March 2014.
  2. Kak,S. Authentication using piggy bank approach to secure double-lock cryptography https://arxiv.org/abs/1411.3645
  3. Chodisetti, N. https://arxiv.org/abs/1406.2285

See also

  • Asymmetric key algorithm