Since the Edward Snowden revelations a year ago, I have been writing quite a lot about encryption although I don’t know much about it. I came across this introduction to the PGP (Pretty Good Privacy) system, a common form of what is known as public key cryptography, that was fairly clear about how it worked in converting the plain text message into the encrypted form called the ciphertext.
I know that many readers here are way more expert in this area and am putting the link out there for their critical comments as well as to serve as a general introduction to novices like me.
Public key cryptography is an asymmetric scheme that uses a pair of keys for encryption: a public key, which encrypts data, and a corresponding private, or secret key for decryption. You publish your public key to the world while keeping your private key secret. Anyone with a copy of your public key can then encrypt information that only you can read. Even people you have never met.
It is computationally infeasible to deduce the private key from the public key. Anyone who has a public key can encrypt information but cannot decrypt it. Only the person who has the corresponding private key can decrypt the information.
The primary benefit of public key cryptography is that it allows people who have no preexisting security arrangement to exchange messages securely. The need for sender and receiver to share secret keys via some secure channel is eliminated; all communications involve only public keys, and no private key is ever transmitted or shared.
The article goes into some detail about how it works.
PGP then creates a session key, which is a one-time-only secret key. This key is a random number generated from the random movements of your mouse and the keystrokes you type. This session key works with a very secure, fast conventional encryption algorithm to encrypt the plaintext; the result is ciphertext. Once the data is encrypted, the session key is then encrypted to the recipient’s public key. This public key-encrypted session key is transmitted along with the ciphertext to the recipient.
Decryption works in the reverse. The recipient’s copy of PGP uses his or her private key to recover the temporary session key, which PGP then uses to decrypt the conventionally-encrypted ciphertext.
While the public and private keys are mathematically related, it’s very difficult to derive the private key given only the public key; however, deriving the private key is always possible given enough time and computing power. This makes it very important to pick keys of the right size; large enough to be secure, but small enough to be applied fairly quickly.
As the article states, the recipients public and private keys are somehow related, as they must be if the recipient is to be able to decrypt with the private key something that has been encrypted with just the public key. I am assuming that the algorithm that relates the recipient’s public and private keys has some functionality that is unique to the recipient that prevents third parties from deducing the private key by knowing the public key.
One thing I learned from this article that I was not aware of before was the importance of verifying the identity of the recipient. It is no good having the best encryption system in the world if you are sending the message to the wrong person using the wrong’s person’s public key to encrypt it.
One issue with public key cryptosystems is that users must be constantly vigilant to ensure that they are encrypting to the correct person’s key. In an environment where it is safe to freely exchange keys via public servers, man-in-the-middle attacks are a potential threat. In this type of attack, someone posts a phony key with the name and user ID of the user’s intended recipient. Data encrypted to — and intercepted by — the true owner of this bogus key is now in the wrong hands.
In a public key environment, it is vital that you are assured that the public key to which you are encrypting data is in fact the public key of the intended recipient and not a forgery. You could simply encrypt only to those keys which have been physically handed to you. But suppose you need to exchange information with people you have never met; how can you tell that you have the correct key?
It does this using what are called Digital Certificates that is the equivalent of something like your driver’s license or passport that proves your identity and is included along with your public key. This turns out to be pretty complicated.
The whole thing is quite fascinating. It is likely that I will only really understand how it works when I actually implement it.