There are two types of Cryptographies.
a. Secret key cryptography
b. Public key cryptography
Secret
key cryptography
It is also known as symmetric key
encryption. Let’s say ‘A’ wants to send message to ‘B’, then ‘A’ shares a key
with ‘B’ (Assuming that key is not disclosed to any one). Once the key shared
between ‘A’ and ‘B’, ‘A’ encrypts the data and send to ‘B’. Once ‘B’ receives encrypted data, it uses
same key to decrypt. Since same key is used for both encryption and decryption,
it is called Symmetric Encryption. The larger the key, the more difficult to
break the encrypted message.
Public
Key Cryptography
The problem with secret key cryptography
is in, transferring the key securely between the parties involved in
communication. This problem solved by using public key cryptography, also
called Asymmetric cryptography. In public key cryptography, encryption is done
with public key and decryption is done with private key. Steps are like
following.
a. Person ‘A’, creates public-private key
pair.
b. ‘A’ distribute (publish) his public key,
to all the parties involved in communication.
c. ‘B’ who wants to send information to
‘A’, encrypt the message with ‘A’ ‘s public key and send.
d. ‘A’ receives the encrypted message,
decrypt it with his private key.
Since private key is known to ‘A’ only,
it is nearly impossible for any other person to decrypt the message. This seems
to be some what magic to, who are new to cryptography. For complete understanding, go through
following wiki article.
By using public key encryption, we can
provide authentication service also. Let’s say ‘A’ encrypt some info ‘x’ with
his private key and send it to ‘B’. Once ‘B’ receives the encrypted message, he
decrypts the message with ‘A’ public key and make sure that it is ‘x”. If is
there any mismatch in decrypted information, then ‘B’ confirm that it is not
‘A’. Only the problem with public key cryptography is, it is costly, complex
mathematical operations performed while encrypting.
So better solution is to combine both
Symmetric and Asymmetric algorithms. The main problem with symmetric encryption
is, how can key exchange happen securely between ‘A’ and ‘B’.
a. ‘A’ generates his public-private key
pair
b. ‘A’ sends his public key to ‘B’
c. ‘B’ generate a random number, and
encrypt the random number with ‘A’ public key and send the encrypted message to
‘A’.
d. ‘A’ receives the encrypted message and
decrypts the message with his private key.
e. At this point of time, both ‘A’ and ‘B’
knows the random number, they use this random number as secret key and perform
secret key encryption with this key.
In summary, public key encryption is
used for key exchange, secret key encryption is used for data exchange.
No comments:
Post a Comment