RSA public key

[skan]

Hello

I'm thinking in something like RSA public key.
The lock and the key store two encrypted key numbers.

The lock, using his internal encrypted number and a random number generates another one.
The key checks this number and if it's right (only a few are truly generated by the lock) generates another number with his own.
The lock checks the latter number and opens the lock.

This is very common in computer science, and has been mathematically proved to be really difficult to hack.

I speak about random numbers in order to repeating always the same, that could be eavesdropped.

[MacGyver101]

I agree: there are a lot of approaches to cryptographic key exchange that are all the product of a lot of careful thought and formal proofs -- and electronic locking systems would be wise to build on them.

My only hesitation with using Public Key crypto in a case like this, though, is that the real benefits of Public Key cryptography (e.g., a trusted central service to sign the keys and a key-revocation list) would be difficult to implement unless both the lock and the key each had the ability to communicate with a central signing authority... which may not be practical. (It's very costly to wire and network every door.) Public Key crypto also needs fairly long keys (thousands of bits).

It might be simpler to use an anonymous key-exchange protocol (e.g., some Diffie-Hellman variant), and the key could then use that to encrypt wherever data it needs to send to the lock. This would allow the crypto keys to be much shorter -- and Public Key without a signing authority is basically an anonymous exchange anyhow.

There are a lot of approaches, though, and they each have their merits: that's just my $0.02.

[skan]

I agree