Skip to main content
SpringerLink
Log in

Physical Cryptography

  • Conference paper
  • First Online:
Innovative Security Solutions for Information Technology and Communications (SecITC 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12001))

Abstract

We recall a series of physical cryptography solutions and provide the reader with relevant security analyses. We mostly turn our attention to describing attack scenarios against schemes solving Yao’s millionaires’ problem, protocols for comparing information without revealing it and public key cryptosystems based on physical properties of systems.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    We can also consider all types of small devices which incorporate cameras.

  2. 2.

    If the building already has security cameras, a simpler solution is bribing the security guard and watching the security footage to obtain b.

  3. 3.

    Without knowing the actual speed of the other party.

  4. 4.

    Again, without knowing the actual speed of the other party.

  5. 5.

    The precise difference between a and b depends on the race track’s radius.

  6. 6.

    From both a visual and acoustic point of view.

  7. 7.

    If, for example, we isolate the two areas using only a wall, one of the parties can use a drone for spying the other.

  8. 8.

    Or whatever units.

  9. 9.

    A simple mechanism with two plates that are in balance when no weight is placed on either of them.

  10. 10.

    Which, in this case, are considered their private spaces.

  11. 11.

    We denote the owner by Dave.

  12. 12.

    To overwrite the call history.

  13. 13.

    A powerful enough Bob can always eavesdrop the landline or ask the operator for Alice’s call history.

  14. 14.

    One for each candidate.

  15. 15.

    We refer the reader to Appendix B.

  16. 16.

    A similar solution for Yao’s problem is described in [9].

  17. 17.

    The authors assume that only Alice and Bob interferes with the system.

  18. 18.

    at least twice as large as the picture in each dimension.

  19. 19.

    At least the hole should be covered while the book is pulled out.

  20. 20.

    e.g. by showing a sawn up padlock.

  21. 21.

    entitled “Pontifex” in the book.

  22. 22.

    And obtain the initial colors.

  23. 23.

    When mixing two colors which can be described in the RGB (Red-Green-Blue) color model one can revert the process due to the uniqueness of each color. Note that such a phenomenon does not happen when working with paint.

  24. 24.

    Through the use of an authenticated channel.

References

  1. Falstad Electronic Circuit. https://www.falstad.com

  2. The Diffie-Hellman Key Exchange Using Paint. https://www.youtube.com/watch?v=3QnD2c4Xovk

  3. Balogh, J., Csirik, J.A., Ishai, Y., Kushilevitz, E.: Private computation using a PEZ dispenser. Theor. Comput. Sci. 306(1–3), 69–84 (2003)

    Article  MathSciNet  Google Scholar 

  4. Bell, T., Thimbleby, H., Fellows, M., Witten, I., Koblitz, N., Powell, M.: Explaining cryptographic systems. Comput. Educ. 40(3), 199–215 (2003)

    Article  Google Scholar 

  5. Bultel, X., Dreier, J., Lafourcade, P., More, M.: How to explain modern security concepts to your children. Cryptologia 41(5), 422–447 (2017)

    Article  Google Scholar 

  6. Courtois, N.T.: Cryptanalysis of Grigoriev-Shpilrain Physical Asymmetric Scheme With Capacitors. IACR Cryptology ePrint Archive (2013). http://eprint.iacr.org/2013/302

  7. Crowley, P.: Mirdek: a card cipher inspired by “Solitaire”. http://www.ciphergoth.org/crypto/mirdek/

  8. Fagin, R., Naor, M., Winkler, P.: Comparing information without leaking it. Commun. ACM 39(5), 77–85 (1996)

    Article  Google Scholar 

  9. Grigoriev, D., Kish, L.B., Shpilrain, V.: Yao’s Millionaires’ problem and public-key encryption without computational assumptions. Int. J. Found. Comput. Sci. 28(4), 379–390 (2017)

    Article  MathSciNet  Google Scholar 

  10. Grigoriev, D., Shpilrain, V.: Secure information transmission based on physical principles. In: Mauri, G., Dennunzio, A., Manzoni, L., Porreca, A.E. (eds.) UCNC 2013. LNCS, vol. 7956, pp. 113–124. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39074-6_12

    Chapter  Google Scholar 

  11. Grigoriev, D., Shpilrain, V.: Yao’s millionaires’ problem and decoy-based public key encryption by classical physics. Int. J. Found. Comput. Sci. 25(4), 409–418 (2014)

    Article  MathSciNet  Google Scholar 

  12. Halliday, D., Resnick, R., Walker, J.: Fundamentals of Physics. Wiley, Hoboken (2010)

    MATH  Google Scholar 

  13. Khovanova, T.: One-Way Functions. https://blog.tanyakhovanova.com/2010/11/one-way-functions/

  14. Menezes, A.J., Van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)

    MATH  Google Scholar 

  15. Moran, T., Naor, M.: Polling with physical envelopes: a rigorous analysis of a human-centric protocol. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 88–108. Springer, Heidelberg (2006). https://doi.org/10.1007/11761679_7

    Chapter  Google Scholar 

  16. Moran, T., Naor, M.: Basing cryptographic protocols on tamper-evident seals. Theor. Comput. Sci. 411(10), 1283–1310 (2010)

    Article  MathSciNet  Google Scholar 

  17. Naor, M., Naor, Y., Reingold, O.: Applied kid cryptography or how to convince your children you are not cheating. http://www.wisdom.weizmann.ac.il/~naor/PAPERS/waldo.pdf

  18. Nishigami, K., Iwamura, K.: Geometric pairwise key-sharing scheme. In: Lanet, J.-L., Toma, C. (eds.) SECITC 2018. LNCS, vol. 11359, pp. 518–528. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-12942-2_38

    Chapter  Google Scholar 

  19. Quisquater, J.-J., et al.: How to explain zero-knowledge protocols to your children. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 628–631. Springer, New York (1990). https://doi.org/10.1007/0-387-34805-0_60

    Chapter  Google Scholar 

  20. Schneier, B.: The Solitaire Encryption Algorithm. https://www.schneier.com/academic/solitaire/

  21. Shpilrain, V.: Groups Complexity Cryptology. Decoy-Based Inf. Secur. 6(2), 149–155 (2014)

    MathSciNet  Google Scholar 

  22. Singh, S.: The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography. Anchor, New York City (2000)

    Google Scholar 

  23. Stephenson, N.: Cryptonomicon. Arrow (2000)

    Google Scholar 

  24. Yao, A.C.: Protocols for secure computations. In: SFCS 1982, pp. 160–164. IEEE Computer Society (1982)

    Google Scholar 

Download references

Acknowledgments

The authors would like to thank Valentin Petre for his helpful comments on the “Communicating Vessels” solution.

Author information

Authors and Affiliations

  1. Advanced Technologies Institute, 10 Dinu Vintilă, Bucharest, Romania

    Mariana Costiuc, Diana Maimuţ & George Teşeleanu

  2. Simion Stoilow Institute of Mathematics of the Romanian Academy, 21 Calea Grivitei, Bucharest, Romania

    George Teşeleanu

Authors
  1. Mariana Costiuc
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Diana Maimuţ
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. George Teşeleanu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Diana Maimuţ .

Editor information

Editors and Affiliations

  1. Polytechnic University of Bucharest, Bucharest, Romania

    Emil Simion

  2. École Normale Supérieure, Paris, France

    Rémi Géraud-Stewart

Appendices

A Recreational Cryptographic Problems

The interest of the cryptographic community regarding various recreational cryptography problems has grown in time. We further recall a series of physical cryptographic solutions which appeared in the literature. Note that our list of recreational cryptographic problems is, by no means, extensive.

“Finding Waldo” Solution. The authors of [17] provide an insight on how to convince people about knowing Waldo’s location without revealing it. We initially assume that Alice and Bob have a large piece of cardboardFootnote 18. As a first step, Alice cuts a Waldo shaped hole in the middle of the cardboard. To prove that she knows where Waldo is, Alice puts the shape precisely on top of Waldo while Bob is not looking and then calls Bob to check. Given the previous steps of the protocol, Bob learns nothing about the location of Waldo. Next, Alice must prove that she has the correct Waldo picture. Therefore, she must pull the book beneath the cardboard in front of Bob’s eyes without revealing information about the place from which she is pulling the bookFootnote 19.

“Ali Baba Cave” Solution. A well known story for explaining the intuition behind zero knowledge protocols is presented in [19]. The story is about a magical cave shaped like a ring with an entrance on one side as well as a magical door blocking the opposite side. We assume that Alice discovers the secret magical word that opens the door and wants to prove to Bob that she knows the secret without revealing it. Thus, they agree to label the left and right paths from the entrance head and tail. The protocol proceeds as follows. Bob waits outside the cave as Alice goes in. Then, Alice flips a coin to determine the path she follows. Note that Bob is not allowed to see which path she takes. Bob enters the cave, flips a coin and shouts the outcome. If Alice knows the magical word she opens the door, if necessary, and returns along the path chosen by Bob. If she lied about knowing it, then she has a \(50\%\) chance of returning through the correct path (i.e. by guessing Bob’s outcome). If they repeat this protocol multiple times, the chance of Alice tricking Bob decreases. Thus, if Alice always exits through the right path, Bob can conclude that Alice really knows the secret word.

“Locked Boxes” Solution. A classical method for explaining symmetric encryption is through the use of “impenetrable” locked boxes (see [4, 5]). More precisely, Alice and Bob both have a copy of the key that opens a chest. To exchange messages, Alice simply puts her letter in the box, locks it and sends it to Bob. Since Bob has an identical copy of the key, he opens the chest and reads the letter. Another protocol that can be explained using locked boxes is Shamir’s three-pass protocol [14]. First, Alice puts her message in a box, locks it with her private padlock and sends it to Bob. Then, Bob places his private padlock on the box and sends it back to Alice. Once she receives the box, she removes her padlock and sends the box to Bob. Finally, Bob removes his padlock and reads Alice’s message. In order to popularize cryptography to non-specialized audiences, the authors of [4] used a toolbox or a loose chain to implement the previous physical example of Shamir’s protocol. The authors point out it is easy to proveFootnote 20 to audiences that a persistent code-breaker could always dismantle a padlock, or X-ray it, and hence crack the code (i.e. knowing the inside of the lock is isomorphic to knowing the key). Thus, we have to employ other techniques than the secrecy of the encryption method.

By relaxing the security requirements from an “impenetrable” box to a tamper-evident box (i.e. the receiver can detect if someone managed to open the box) the authors of [15, 16] devise a series of secure protocols.

Ciphers Based on a Deck of Cards. Schneier designed the “Solitaire” cipher [20] for the book “Cryptonomicon” [23]Footnote 21. Solitaire was intended to be the first truly secure “pen and paper” cipher. It requires only a pack of cards both for encryption and decryption. A similar example is the “Mirdek” cipher [7].

“PEZ Dispenser” Solution. In [3] the authors present a solution for voting using a PEZ dispenser. Consider a group of kids wishing to vote between two candidates without revealing anything except the final outcome. Assume that they have a PEZ dispenser, which may be previously loaded with some publicly known sequence of red and yellow candies. The kids take turns. Each one decides how many candies to pop out of the dispenser according to his vote. Note that no other kid can see the number or the colors of these candies. Also, it is forbidden for the participants to weight the dispenser and, thus, deduce the number of remaining candies. When this process ends, the color of the candy on top has to correspond to the correct majority vote. The voting process is completed when one of the kids pops an additional candy and announces its color.

“Phonebook” Solution. Khovanova recalls on her blog [13] that, for explaining one-way functions, Micali used the following example of encryption. We start by assuming that Alice and Bob obtain the same edition of the white pages book for a particular town. For each letter Alice wants to encrypt, she finds a person in the book whose last name starts with this letter and uses his/her phone number as the encrypted version of that letter. To decrypt the message Bob has to read through the whole book to find all the numbers. The decryption will take a lot more time than the encryption. Unfortunately, the technology changes and the example is not up to date anymore: reverse look-up is always possible in a digital world. Furthermore, regarding the security of the scheme, an \(8^{\text {th}}\) grader said: “If I were Bob, I would just call all the phone numbers and ask their last names.” A similar example may be found in [4]. Such examples are very good for teaching one-way functions to non-mathematicians.

“Colors” Solution. The Diffie-Hellman protocol can be depicted using colors as further presented. An illustration using common paint may be found in [2]. The idea, first proposed by Simon Singh [22], relies on two properties of colors: it is easy to mix two colors and given a color that was obtained by mixing two other colors, it is difficult to reverse the processFootnote 22. As a specific example, we may assume that yellow is a public color. Let us further consider that Alice’s secret color is blue and that Bob’s secret color is red . The parties wish to agree on a new shared secret color. In the first step, Alice sends green to Bob (i.e. the result of yellow mixed with blue ). Then, Bob sends orange to Alice (i.e. the result of yellow mixed with red ). By mixing the received color with the secret color, each party obtains the common secret brown (i.e. Alice mixes orange with her blue and Bob mixes green with red ).

Although insecureFootnote 23, the digital version of the above protocol is a good teaching tool e.g. when trying to explain beginners how to use colors in the case of programming languages used in web development.

B Physical Public Key Encryption

We further present a generic protocol based on the protocols described in [11]. Alice and Bob have access to a physical medium characterized by a parameter p(t), such that p(t) has two components \(p = p_a(t) \circ p_b(t)\), where \(\circ \) is a group law and \(p_a(t)\), \(p_b(t)\) can randomly be changed by varying t. In her private spaces U and V, Alice and Bob secretly vary \(p_a(t)\) and, respectively, \(p_b(t)\). Note that Eve only has access to p(t). First Alice and Bob randomly vary \(p_a(t)\) and \(p_b(t)\). When they agree to synchronizeFootnote 24, Alice and Bob stabilize their parameters \(p_a(t') = a\) and \(p_b(t') = b\). Bob can measure \(p(t') = a \circ b\) and deduce Alice’s value a. Similarly, Alice can compute b.

Example. We consider the setup from Sect. 2.3. Thus, the components that Alice and Bob vary are their corresponding speeds values a and b. Once the system is stabilized Bob can deduce a using the attack we described in Sect. 2.3, but Eve can only deduce \(b-a\).

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Costiuc, M., Maimuţ, D., Teşeleanu, G. (2020). Physical Cryptography. In: Simion, E., Géraud-Stewart, R. (eds) Innovative Security Solutions for Information Technology and Communications. SecITC 2019. Lecture Notes in Computer Science(), vol 12001. Springer, Cham. https://doi.org/10.1007/978-3-030-41025-4_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-41025-4_11

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-41024-7

  • Online ISBN: 978-3-030-41025-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation