Talking Cryptography
Posted by jipi Sun, 18 Aug 2002 21:49:18 GMT
Cryptography It is a study of techniques used to convert valuable data into something unmeaningful for people to make use of.
Symmetric Cryptography (Secret Key System) The technique of using the same secret key to encrypt data and decrypt data. The cautious handling of the key has to be emphasised.
Assymetric Cryptography (Public Key System) The technique authored by Whitfield Diffie and Martin Hellman. It uses a public-private key pair where the private key never leaves the owner and the public key is being held public. A sender who wants to send a message to the owner will take the owner’s public key to encrypt the message. After that, the sender will send the encrypted message to the owner while the owner will use his/her private key to decrypt the message. Due to the nature of the mathematics (prime numbers) used, the encrypted message which used the public key can be decrypted ONLY by the complementary private key. Conversely, if the owner decides to send a message to the sender, the owner can encrypt his/her message using his/her secret key and when the sender receives the owner’s encrypted message and decrypts it using the owner’s public key, he will know the message is from the owner.
Message Authentication A mechanism to ensure that the received message is not being changed and is indeed from the claimed sender and not from a the ‘spy in the middle’. The integrity of the message is typically provided by using a hashing technique to generate what’s known as a message digest. Hashing is the technique that involves a string of characters of variable length being converted to a fixed-length result, usually 128 bits.
Simplified Model The following simplified model shows how these different elements can work together to protect a message from casual scrutiny and have it received with confidence that it has come from me, the authorized sender:
- I apply to my plain text message an appropriate process to generate a hash value to be used as a message digest.
- I encrypt this digest, but not the message itself, with my private key, confirming to anyone who can decrypt it with my public key that it came from me.
- I generate for one-time use a secret key that I use to rapidly encrypt the text of the message.
- I encrypt this secret key using my recipient’s public key and send the whole bundle to him.
My addressee uses his private key to obtain the secret key, uses that in turn to decrypt the message, applies to it the same message digest algorithm and compares it with the message digest that he’s decrypted using my public key. Provided they match, he can be sure that the message came from me and is unchanged.
