> It is impossible to construct a cypher with just one key […]
Technical nit:
I (mis?)remember reading in a cryptography book (by Schneier?) that the NSA has at least one algorithm where the decryption key is different than the encryption key, but my search-fu finds no references to it online. The application would be for devices in 'hostile territory' where there was a risk of capture of the unit and so you didn't want the other side to be able to alter data/firmware since the cipher that is available is decrypt only.
Technical nit:
I (mis?)remember reading in a cryptography book (by Schneier?) that the NSA has at least one algorithm where the decryption key is different than the encryption key, but my search-fu finds no references to it online. The application would be for devices in 'hostile territory' where there was a risk of capture of the unit and so you didn't want the other side to be able to alter data/firmware since the cipher that is available is decrypt only.
However, see perhaps:
* https://crypto.stanford.edu/~dabo/abstracts/traitors.html
* https://crypto.stackexchange.com/questions/39397/one-encrypt...
Also, see n-of-m algorithms:
* https://en.wikipedia.org/wiki/Shamir%27s_secret_sharing