Three-pass protocol

In cryptography the Three-Pass Protocol is a framework which allows two parties to securely exchange messages without the need to exchange or distribute encryption keys. It is called the Three-Pass Protocol because the sender and the receiver exchange 3 encrypted messages. The first three-pass protocol was developed by Adi Shamir circa 1980, and is described in more detail in a later section. The basic concept of the Three-Pass Protocol is that each party has private encryption and decryption keys which they use independently first to encrypt the message, and then to decrypt the message.

The protocol uses an encryption function E and a decryption function D. The encryption function uses an encryption key e to change a plaintext message m into an encrypted message, or ciphertext, E(e,m). Usually each encryption key will produce a different ciphertext. Corresponding to each encryption key e there is a decryption key d which allows the message to be recovered using the decryption function, D(d,E(e,m)) = m. Sometimes the encryption function and decryption function are the same.

In order for the encryption function and decryption function to be suitable for the Three-Pass Protocol it must have the property that for any message m, any encryption key e with corresponding decryption key d and any independent encryption key k,

  D(d,E(k,E(e,m))) = E(k,m).

The simplest way for this to happen is if the encryption function is commutative, that is if E(a,E(b,m))=E(b,E(a,m)) for all encryption keys a and b and all messages m. However, there are other possibilities. For example, the encryption function could commute with the decryption function.

The Three-Pass Protocol works as follows:

1. The sender chooses an encryption key s and a corresponding decryption key t. The sender encrypts the message m with the key s and sends the encrypted message E(s,m) to the receiver.
2. The receiver chooses an encryption key r and a corresponding decryption key q and super-encrypts the first message E(s,m) with the key r and sends the doubly-encrypted message E(r,E(s,m)) back to the sender.

This article or section is in a state of significant expansion or restructuring. You are welcome to assist in its construction by editing it as well. If this article or section has not been edited in several days, please remove this template. If you are the editor who added this template and you are actively editing, please be sure to replace this template with {{in use}} during the active editing session. Click on the link for template parameters to use. This article was last edited by Contestcen (talk | contribs) 17 years ago. (Update timer)