Encryption is esentially the transformation of meaningful data into non-meaningful data for the purposes of transportation so that anyone without a secret decryption key can not read the original meaningful data unless they are the intended recipient of the data.

Privacy is ensured by keeping the information hidden from anyone for whom it is not intended, even those who can see the encrypted (meaningless) data. As a simple example it is possible to encrypt files on a hard disk to prevent intruders from reading them.

However, when the environment, where data is exchanged, has many people transferring data within it, the risks of intruders, be they passive (attempting to read the data) or active (attempting to corrupt the data), increases to the point of justifying that all data packets leaving a particular node need to be encrypted.

Encryption allows secure communication over an insecure data comunications channel. It works as follows:- 1. The sender intends to send a message to the recipient. The data is
not to be seen by any other person that may also be using the same
environment.

- 2. The sender completes writing the message which when read is meaningful.
This is the plaintext.

- 3. He/She then encrypts the message with an encryption key. There are
different types of encryption discussed below.

- 4. The encrypted message is sent off down the insecure communications
channel to the intended recipient. The message in this meaningless
form is called the ciphertext.

- 5. On arrival of the encrypted message, the receiver decrypts the
ciphertext with the decryption key and reads the message.

- 6. While the ciphertext is in transit, an intruder, in order to read the
message, may try the following:
- obtain the secret key (eg by theft) or
- recover the plaintext without using the secret key.

A secure Cryptosystem is one where the plaintext cannot be recovered from the ciphertext without using the decryption key.

Here, the same single key is used as both the encryption key and the decryption key.

Secret-key cryptography is a very straightforward agreement between sender and receiver a message. Each party knows and uses the same secret key.

It works very simply:- 1. The sender uses the secret key to encrypt the message.

- 2. The receiver uses the same secret key to decrypt the message.

This form of cryptography has one hugely insecure factor. How to keep the 'secret' key as a secret! The sender and receiver must agree on the secret key (usually text of some form, similiar to a login password) without any other party finding out.

If they are in separate physical locations, communication is required to agree on the key. They must trust a courier, the phone system, or some other transmission system to ensure that the secret key being communicated is not disclosed to anyone else but the two parties.Anyone who overhears or intercepts the key while in transit is capable of decrypting and thus reading all messages encrypted using that key.

** Key management **

This is the generation, transmission and storage of keys. All cryptosystems
have to deal with key management issues. Secret-key cryptography often has
difficulty providing secure key management due to the insecurity of agreeing
on a secret key in the first place.

Diffie and Hellman solved the key management problem in 1976 by inventing Public-key cryptography. This cryptosystem is based on the idea that each person gets a pair of keys, called a public key and a private key. Every user gets their public key published but the private key is kept secret. So the sender and receiver need not have to agree on, and communicate secret information (ie a key).

All communication involves public keys only. No private key is ever transmitted or shared. So trusting some communications channel to be secure against eavesdropping or betrayal is no longer an issue. The most important requirement is that no party can figure out the private key from the corresponding public key.

Any sender can send a confidential message just using the intended recipient's public key, but it can only be decrypted with the private key solely in the possession of the receiver.

Furthermore, public-key cryptography aswell as being used for privacy (encryption), can also be used for authentication (digital signatures - discussed below).

How Public-key cryptography functions:- 1. The sender wishes to send a message to the receiver

- 2. He/She looks up the receiver's public key in a directory

- 3. The public key is used to encrypt the message and it is sent off

- 4. The receiver uses his/her private key to decrypt the message and
read it.

- 5. No other party listening in can decrypt the message.

- 6. Anyone can send an encrypted message to the receiver but
only the receiver can read it.

RSA was invented in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman. It is a public-key cryptosystem used for the purposes of both encryption and authentication.

- 1. Take two large primes, p and q.

- 2. Find their product n = pq; n is called the "modulus".

- 3. Choose a number, e, less than n.

- 4. e must also be relatively prime to (p-1)(q-1).

- 5. Find its inverse, d, mod (p-1)(q-1).

- 6. This means that ed = 1 mod (p-1)(q-1).

- 7. e and d are called the public and private exponents, respectively.

- 8. The public key is the pair (n,e) and the private key is d.

- 9. The factors p and q must be kept secret, or destroyed.

It is presumed to be too difficult to obtain the private key d from the public key (n,e). This is the fundamental irony of RSA. We could call this both a flaw and an adequately good enough security measure. If an intruder could factor n into p and q, then he could obtain the private key d.

So the entire security of RSA is predicated on the assumption that factoring (of two very large primes) is difficult. In theory an easy factoring method would ``break'' RSA.

- 1. The sender wants to send a private message, m, to the receiver.

- 2. The sender creates the ciphertext c by exponentiating:
c = m^e mod n, where e and n are the receiver's public key.

- 3. To decrypt, the receiver performs the exponentiation:
m = c^d mod n, and recovers the original message m.

- 4. The relationship between e and d ensures that the receiver correctly
recovers m.

- 5. Since only the receiver knows d, only he/she can decrypt the message.

While encryption dates back to the times of Caesar, digital signatures are more recent. This is due to the proliferation of digital communications and in this context the exponential growth of the Web.

Authentication is the use of digital signatures and holds the same function and meaning for digital documents as handwritten signatures do for printed documents. In paper and ink terms, a signature is an unforgeable piece of information unique to a particular person who has written or has agreed with the contents of the document where their signature is attached.

The recipient (as well as a third party) can verify that the document did originate from the person whose signature is attached and also that the document has not been tampered with since it was signed and dispatched.

The same concepts hold for electronic messages. Authentication in the context of Web Security is where the receiver of a digital data message can be confident of the identity of the sender and of the validity of the message.

Popular examples of authentication protocols in use today are: secret-key cryptosystem: DES, public-key system: RSA (detailed below) Authentication in public-key systems uses digital signatures.

All secure cryptosystems consist of two parts: The method of signing the document at the senders end, making forgery an impossibility, and the method of verifying that the signature was actually generated by the real sender, at the receivers end.

- 1. The sender, to sign a message, does a computation involving both their
private key and the message itself.

- 2. The resulting output of this computation is called the digital signature
and it is attached to the message.

- 3. The package is then sent.

- 4. The receiver needs to verify the signature. This is achieved by performing
some computation involving:

- the message
- the supposed senders signature and
- the sender's public key

- 5. If the results hold in this simple mathematical relation then the
signature is verified as genuine. If not, they are discarded
because the signature may be fraudulent or the message may have been
altered.

So it would seem that there is no way secure digital signatures can be the cause of conflict. The signer of a document would never be able to disown it by later claiming it was forged.

- 1. The sender wants to send a signed document m to the receiver.

- 2. The sender creates a digital signature s by exponentiating:
s = m^d mod n, where d and n belong to the sender's key pair.

- 3. He/She sends s and m to the receiver.

- 4. In order to verify the signature, the receiver performs the
exponentiation: m = s^e mod n, where e and n belong to the sender's public
key, and hence has checked that the message m has been recovered intact.

So in keeping with public-key principles, encryption and authentication take place without any sharing of private keys. Each person uses only other people's public keys and his or her own well guarded private key.

Again anyone can send an encrypted message or verify a signed message, using only public keys, but only someone in possession of the correct private key can decrypt or sign a message.

The advantages and disadvantages:

- The obvious advantage of public-key cryptography is increased
security in that the private keys need not ever be communicated, transmitted or
revealed to anyone.

- This, in contrast, is the insecurity of a secret-key system. There is
always the possiblility that another rogue party could discover the secret
key while it is being transmitted for agreement purposes.

- From the authentication point of view public-key systems are a major
advantage in that they can provide a method for digital signatures.

Authentication via a secret-key system would require the sharing of some secret key and sometimes requires trust of a third party as well. A sender could then deny any association with a previously signed message by claiming that the shared secret was somehow compromised by one of the parties sharing the secret. However this conflict would never arrive using public-key authentication because each user is responsible for protecting his/her private key. This property of public-key authentication is called "non-repudiation". - From the judicial point of view, digitally signed messages can be proved
authentic to a third party, such as a judge, thus allowing such
messages to be legally binding.

- The major disadvantage of using public-key cryptography for encryption is
speed of encrypting a message before dispatching it. Most popular
Secret-key encryption methods are significantly faster than any
public- key encryption methods currently available. So obviously the
trade-off involves secure key management against speed.

- A compromise is achieved where public-key cryptography can share the burden
with secret-key cryptography to get the best of both worlds.

In order to utilise both the security advantages of public-key systems, and the speed advantages of secret-key systems, the solution is to combine public- and secret-key systems.

Initially the public-key system can be used to encrypt a secret key. The secret is probably small in size, so speed of encryption is not important. Once such a key has been securely communicated between patries, it is then used to encrypt a complete file or message. This may be large in size, but the sender and receiver have the assurance that it is being encrypted as quickly as possibly and that the secret-key has been shared using a sound secure method. This is indeed the case in RSA.

Public-key cryptography is not meant to replace secret-key cryptography, but rather to supplement it, to make it more secure. The first use of public- key techniques is for secure key exchange in an (otherwise) speedy secret-key system. Hence secret-key cryptography is still extremely important.