On the Importance of Memory Resources in the Security of Key Exchange Protocols

Extended Abstract
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 473)


We present a protocol for key exchange which relies on the existence of permutations which are not necessarily trap-door, and which are one-way in a weaker sense than that usually assumed in the literature. Our main result is that, under this assumption, two players can exchange a secret key over an open channel in such a way that an eavesdropper must spend time proportional to TIME · SPACE, where TIME is the time spent by the two players and SPACE is the amount of information which can be stored and transmitted by the two players. Hence the importance of storage technology for security.


  1. [CW79]
    J.L. Carter and M.N. Wegman. Universal classes of hash functions. Journal of Computer and System Sciences, 18(2):143–154, 1979.MathSciNetzbMATHCrossRefGoogle Scholar
  2. [DDP90]
    G. Davida, Y. Desmedt, and R. Peralta. A key distribution system based on any one-way function. In Advances in Cryptology — proceedings of EUROCRYPT’ 89, Lecture Notes in Computer Science. Springer-Verlag, 1990. to appear.Google Scholar
  3. [Hel80]
    M. E. Hellman. A cryptanalytic time-memory tradeoff. IEEE Tr. Inform. Theory, 26(4):401–406, July 1980.MathSciNetzbMATHCrossRefGoogle Scholar
  4. [Mer78]
    Ralph Merkle. Secure communications over insecure channels. Communications of the ACM, 21(4):294–299, 1978.CrossRefGoogle Scholar
  5. [QD88]
    J.-J. Quisquater and J.-P. Delescaille. Other cycling tests for DES. In C. Pomerance, editor, Advances in Cryptology, Proc. of Crypto’ 87 (Lecture Notes in Computer Science 293), pages 255–256. Springer-Verlag, 1988. Santa Barbara, California, U.S.A., August 16–20.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1991

Authors and Affiliations

  1. 1.Dept. EE & CSUniv. of Wisconsin — MilwaukeeMilwaukeeUSA

Personalised recommendations