I like to keep the above quote by H. L. Mencken always in mind because it is a useful caution whenever one is weighing in on weighty issues on which one is not an expert. Like pretty much everyone else, I sometimes have a brainwave about some deep or complex problem (usually in a field that I am not that familiar with) in which a simple solution suddenly stares me in the face. I then wonder why no one else has thought of this ‘brilliant’ solution before and the usual answer is that people who do know a lot more about this topic are well aware of this proposed ‘solution’ and also know why it will not work.
Recently, I had such an idea about one way to overcome the security issues involved in sending information over the internet and foiling ‘man-in-the-middle’ attacks. I am pretty much a novice in the area but have a little knowledge about things like PGP. I believe that sending encrypted messages using PGP involves a private encryption key (known only to the sender) and a published public key for the recipient and to break the security requires difficult prime number combinatorial challenges. I was wondering if there could be a system that did not require public keys at all but only private ones and thought of a simple possible solution.
My idea can be best explained by analogy, by what might have been done in the old days if you wanted to send something securely to someone else by (say) sending it in a box with a padlock on it, but without also having to send the key to the lock or prearranging things so that the sender and the receiver have identical keys. What you could do is lock the box with a padlock to which only you have the key and then send the box. The recipient cannot unlock it but instead adds their own padlock to the box to which only they have the key and then sends the box back to the original sender, now with two padlocks on it. The original sender then unlocks their own padlock with their key and sends the box back with just the one padlock which the recipient can now unlock because it is their own padlock.
In the case of encrypted messages, the first person would take a message M and encrypt it in some way using some algorithm A to create an encrypted message AM (interpreted as algorithm A acting on M to get the encrypted AM) and send it. The recipient would then encrypt that already encrypted message using their own algorithm B to get a doubly encrypted message BAM and send it back to the original sender. The original person would then decrypt this doubly encrypted message using just their own decryption algorithm A-1 to get A-1BAM. (Note that A-1AM=M. i.e., applying the decryption A-1 to its own encrypted message AM gives you back the original unencrypted message M.)
The key step here is whether the original sender’s decryption algorithm A-1 can take the doubly encrypted message and reverse just their own original encryption, leaving the message BM. Writing this symbolically, the question is whether it is possible to have the decryption operation A-1 and B ‘commute’ such that A-1B=BA-1. If so, then A-1BAM=BA-1AM=BM. This message can then be sent back to the recipient who then just decrypts their own encryption using B-1. This system requires the message to go back and forth but that should not be a big problem.
This is possible for simple encryption systems like where A and B both shift letters by fixed amounts that are different for A and B and known only to each person. For example, suppose A shifts every letter in the message to p letters later in the alphabet and B shifts the letters in the encrypted message to q letters later in the alphabet. Hence the doubly encrypted message would consist of letters shifted by p+q. Then A-1 would shift letters up the alphabet by p (known only to the sender), leaving the final message shifted just by q (known only to the recipient). But this system is too trivial and also requires pre-arrangement by sender and recipient to use similar algorithms.
But would it be possible to find at least some reasonably complex algorithms A and B for which it would work? I had no idea if this was possible so what I did was send this idea privately to Marcus Ranum, our resident guru on FtB for computer security, and he said that this would not work for various technical reasons that I do not quite understand.
This is why it is always a good idea to ask experts before investing too much time and energy on your simple but ‘brilliant’ idea. As the poet Alexander Pope warned,
A little learning is a dangerous thing;
drink deep, or taste not the Pierian spring:
there shallow draughts intoxicate the brain,
and drinking largely sobers us again.