On the Use of RSA as a Secret Key Cryptosystem

One fundamental difference between the use of symmetric and publickey cryptosystems is that the former requires trust between sender and receiver. Typically they will share a secret key and neitherhas any protection from the other. However, many users are nowfinding that they want keys to be used for 'one purpose only'and are relying on hardware functionality to introduce the conceptof unidirectional keys for symmetric algorithms. (So, for instance,the hardware functionality might ensure that a key used for encryptingmessages from user A to user B cannot be used for encrypting messages in the opposite direction.) For public key systems this concept of unidirectional keys is automatically satisfied. However,when the encrypting key is made public, the exposure of this key means that the deciphering key is only safe from compromise when the keys are very large. If, on the other hand, both keys were kept secret then it might be possible to use much smallerkeys. In this paper we investigate ways of using the primitives of an RSA public key cryptosystem in a symmetric key 'setting'i.e. where neither key is made public.