Types of Encryption - Public Key Method (Part 2)

In conventional encryption/decryption methods, the decryption algorithm is always the inverse of the encryption algorithm and uses the same key. Anyone who knows the encryption algorithm and key can deduce the decryption algorithm.

For this reason, security can be assured only if the entire process is kept secret. In cases where there are many senders and one receiver, however, this level of secrecy can be inconvenient. For example, imagine that a bank wants to give customers remote access to their accounts. To limit each customer's access to only his or her own account using conventional encryption, the bank would have to create millions of encryption algorithms and keys. This solution is impractical, particularly with old customers leaving and new customers joining the bank all the time. On the other hand, if the bank were to give the same encryption algorithm and key to every customer, it could not guarantee the privacy of any customer.

The solution is public key encryption. With this method, every user has the same encryption algorithm and key. The decryption algorithm and key, however, are kept secret. Anyone can encrypt information, but only an authorized receiver can decrypt it. The decryption algorithm is designed in such a way that it is not the inverse of the encryption algorithm. The encryption and decryption algorithms use completely differ­ent functions, and knowing one does not enable a user to know the other. In addition, the keys are different. Even with this encryption algorithm and encryption key, an intruder still will be unable to decipher the code (at least not easily).

With public keys, the encryption algorithm and key are publicly announced. Every customer can use them. The decryption algorithm and key are kept secret and used only by the parties involved. The RSA technique (in the following section) provides an example of the steps involved with public key encryption.

One public key encryption technique is called Rivest, Shamir, Adleman (RSA) encryption. The RSA algorithm was invented in 1977 at the RSA laboratories (http://www.rsa.com/rsalabs/node.asp?id=2146). The encryption algorithm got its name from its founders: Ronald L. Rivest, Adi Shamir, and Leonard Adleman (hence the name).

Here is an example of RSA algorithm: In this method, one party (a bank customer, for example) uses a (public) key, Kp. The other party (a banker) uses a secret (private) key, Ks. Both uses a number, N.

The encryption algorithm method follows these steps:

1. Encode the data to be encrypted as a number to create the plaintext P.
2. Calculate the ciphertext C as C = PKP modulo N (modulo means divide PKP by N and keep only the remainder).
3. Send C as the ciphertext.

The decryption algorithm follows these steps:

1. Receive C, the cipher text.
2. Calculate plain text P = C^K modulo N.
3. Decode P to the original text.

Here is another explanation with the pseudo code to do it: http://java.sun.com/developer/onlineTraining/Programming/BasicJava2/crypto.html#rsa.

Note: RSA is the de-facto standard public key encryption algorithm. It provides asymmetric encryption, which means anyone can encrypt messages using the public key. When compared to other types of encryption techniques, the RSA is much slower and needs more computing power than symmetric shared secret encryption.

Another type of encryption uses Conventional Methods.

A few encryption tools that provide public key autnetication are GnuPG/GPG, PGP, and OpenSSH.

Advice: When it comes to authentication, "Choose Encryption Wisely."

Public-key Ciphers: http://www.gnupg.org/gph/en/manual.html#AEN196