|
Example: Imagine receiving a note from a friend. You and your friend have
agreed that to encrypt and decrypt your messages, you will use the
following algorithm: every letter of the alphabet will be shifted upward
in the alphabet by three places, with A=C, B=D, and so on, with Y and Z
wrapping around to A and B, respectively. This formula ("shift each
letter up three places in the alphabet") is the key that the sender
uses to encrypt the message; the receiver uses the same key to decrypt the
message. Anyone who doesn't have the key will not be able to read the
message. Because the same key is used both to encrypt and decrypt the
message, this method is said to be a symmetric key algorithm. This type of
cryptography is also known as secret key cryptography because the key must
be kept secret by the sender and receiver to protect the integrity of the
data.
Example: Assume an originator needs to send a message to a recipient, and
secrecy is required for the message. The originator encrypts the message
using the recipient's public key. Only the recipient's private key can be
used to decrypt the message. This is due to the computational
infeasibility of inverting the public key transformation function. In
other words, without the recipient's private key, it is computationally
infeasible for the interceptor to transform the cipher text into its
original plaintext. Note that with a public-key system, while the secrecy
of the public-key is not important (in fact, it is intended to be “public''),
the integrity of the public-key and the ability to bind a public-key to
its owner is crucial to its proper functioning.
-
What
is a message digest?
Message digest, also known as the hash of a message, is a small
piece of data that results from performing a particular mathematical
calculation (hashing function) on the message during encryption. Two
properties of message digests to note:
A small alteration in the original message would cause a big change in
the message digest;
Derivation of the original message is not possible from the message
digest. It acts as a "fingerprint" of the message and is
used to ensure data integrity.
-
What
exactly is a digital signature?
Just as a handwritten signature is affixed to a printed letter for
verification that the letter originated from its purported sender,
digital signature performs the same task for an electronic message. A
digital signature is an encrypted version of a message digest,
attached together with a message. A secure digital signature system
consists of two parts:
A method of signing a document such that forgery is detected, and A
method of verifying that a signature was actually generated by
whomever it represents Asymmetric/
Public key vs. Symmetric/ Secret key: which cryptography system is
better?
A
combination of both. The action of encrypting information with
public-key cryptography is significantly slower than encrypting with
a secret key. However the drawback of the secret-key system is that,
secret keys must be transmitted either manually or through a
communication channel, and there may be a chance that others can
discover the secret keys during transmission. This is not a problem
with public-key cryptography, as private keys never need to be
transmitted or revealed to anyone. Each user has sole responsibility
for protecting his or her private key.
So,
in practice public-key cryptography is used with secret-key cryptography
to get the best of both worlds. A system that uses public-key cryptography
first generates a secret key and uses the secret key to encrypt the
message. Public-key cryptography key is then used to encrypt the secret
key, which then is attached to the secret key-encrypted message.
|
