8 Cryptography 8.1 Symmetric-Key Cryptography In symmetric-key cryptography, the encryption key can be calculated from the decryption key and vice versa. Most symmetric algorithms use the same key for both encryption and decryption, as shown below (figure 8.1). Figure 8.1 – Symmetric key cryptography 8.2 Public Key Cryptography Public-key cryptography (also called asymmetric cryptography) involves a pair of keys: a public key and a private key, associated with an entity that needs to authenticate its identity electronically or to sign or encrypt data. Each public key is published, and the corresponding private key is kept secret.) Data encrypted with your public key can be decrypted only with your private key. The figure below shows a simplified view of the way public-key cryptography works. Figure 8.2 – Public key cryptography The scheme shown in the figure 8.2 lets you freely distribute a public key, while only you will be able to read data encrypted using this key. In general, to send encrypted data to someone, you encrypt the data with that person's public key, and the person receiving the encrypted data decrypts it with the corresponding private key. Public-key encryption requires more computation than symmetric-key cryptography and therefore is not recommended for large amounts of data. However, it is possible to use public-key encryption to send a 1 Best security through nature…. symmetric key, which can then be used to encrypt additional data. This is the approach used by the SSL (Secure socket Layer) protocol. As it happens, the reverse of the scheme shown in the figure 8.2 also works: data encrypted with your private key can be decrypted only with your public key. This would not be a desirable way to encrypt sensitive data, however, because it means that anyone with your public key, which is by definition published, could decrypt the data. Nevertheless, private-key encryption is useful, because it means you can use your private key to sign data to create a digital signature, an important requirement for electronic commerce and other commercial applications of cryptography. Client software such as Communicator can then use your public key to confirm that the message was signed with your private key and that it has not been tampered with since being signed. Bruce Schneier, a prominent figure in security compares public-key cryptography with a mailbox. He writes: "Putting mail in the mailbox is analogous to encrypting with the public key; anyone can do it. Just open the slot and drop it in. Getting mail out of a mailbox is analogous to decrypting with the private key. Generally it's hard; you need welding torches. However, if you have the secret (the physical key to the mailbox), it's easy to get mail out of a mailbox." 8.3 Digital Signatures The signature is a “Mathematical Function” that involves the original message and the sender’s private key. The first step in the signature process involves performing a mathematical algorithm known as a hash function. The hash function takes the original message and produces a fixed length (typically 160- Figure 8.3 – Digitally signing a document 2 Best security through nature…. bit) string of characters known as messages digest (Hash). The message digest is essentially a mathematical abstract of the original message. If a single character in the original message changes, the message digest changes significantly. The message digest is then encrypted with the sender’s private key. The resulting encryption is known as the digital signature. This signature is unique to each message and is appended to the original message. This is illustrated in diagram 8.3. Digital signatures serve the following purposes: Check whether an entity holds a certain private key Suppose you have the public key of A. Then, another individual states he/she is A. If he/she is A, he/she must hold the corresponding private key of the public key you hold of A. This enables you to send a message, and ask A to return the digital signature of the message. If you can decrypt using A’s public key, it means you are communicating with A. Integrity As discussed before, if the original message changes, the hash changes, resulting in a subsequent change of the generated digital signature. Thus, you can verify the integrity of the message by matching the message with the digital signature. Non-repudiation This is a great advantage over secret key cryptography. In secret key cryptography, if a person A sends a message to B, and later denies it, B cannot validate the claim. B having the same secret key could have also composed the message. But with digital signatures, only A can create the digital signature as only he/she holds the private key. Therefore, one can use the message and the digital signature to verify if A was the originator of the message. 3 Best security through nature….