Crypto Technologies
Whereas our approach never encrypts content, it makes substantial use of three cryptographic technologiesone-way functions to hide Tag Table Identifiers and User Device Descriptive Values, digital signatures to establish the identity of sites on the network, and Secure Sockets Layer (SSL) to ensure private communication of TTIDs.
Intuitively, a function f is one-way if, given x, it is easy to compute f(x) whereas given y, it is hard to find an x such that y = f(x). The hash function SHA-1 is one example (among many) of a one-way function.
The purpose of a digital signature is the same as of a written oneto establish the identity of the signer of a message. When you sign a contract, the holder of that contract can go to court and assert your agreement to the contract. Ideal written signatures are unforgeable but recognizable: only X can produce X's signature but anyone can recognize that signature. So, only one person can sign, but anyone can verify (at any time or place). Digital signatures work the same way: An agent (say, the Guardian Center) in our protocol uses a private key to sign a document but that agent's signature-verification key is well known (say, is in the Supervising Program of every User Device). Therefore, if a message arrives purporting to be from that agent, then any User Device can test whether the message is in fact from that agent.
The Secure Sockets Layer (SSL) protocol is a client-server protocol offering asymmetric authentication and private communication. SSL assures the client (in our protocols, the User Device) that the server has a particular identify (in our Call-Up protocol, that the server really is the Guardian Center). SSL also enables the client and server to agree on a private key, which can be used in subsequent communication. The net effect is that the client knows the identity of the server (but not the other way around) and that the content of the exchange between client and server remains hidden from anyone else.
M.R. and D.S.