Ive recently started to get into the JSSE API and after reading a little about symmetric/asymmetric keys i am a bit confused.

Here are some excerpts from a book i am reading.

In traditional secret key(symmetric) encryption, the same key is used bolth to encrypt and decrypt the data. Bolth the sender and the receiver have to possess the single key. Suppose Angela wants to send Gus a secret message. She first sends Gus the key they'll use to exchange the secret. But the key can't be encrypted because Gus dosen't have the key yet, so Angela has to send the key unencrypted. Now suppose Edgar is eavesdropping on the connection between Angela and Gus. He will get the key at the same time that Gus does. From that point forward, he can read anything Angela and Gus say to each other using that key.

Now if Angela wants to send Gus a secret messsge but first must send him the key unencrypted how does she encrypt her message if Gus now has possession of the key? I would think that the message that Angela sends would be encrypted and sent to Gus with the key so he can then decrypt the message.

In public key(or asymmetric) encryption, different keys are used to encrypt and decrypt the data. One key, called the public key, is used to encrypt the data. This key can be given to anyone. A different key,called the private key, is used to decrypt the data. This must me kept secret but needs to be possessed by only one of the correspondents. If Angela wants to send a message to Gus, she asks Gus for his public key. Gus sends it to her over an unencrypted connection. Angela uses Gus's public key to encrypt her message and sends it to him. If Edgar is eavesdropping when Gus sends Angela his key, Edgar also gets Gus's public key. However, this dosen't allow Edgar to decrypt the message Angela sends Gus, since decryption requires Gus's private key. The message is safe even if the public key is dectected in transit.

Now if Gus sends Angela his public key to encrypt her message then she sends that encrypted message back to him he can decrypt that message using his private key. What if he changes the message, encrypts it and sends it back to Angela. He still has to send his private key so she can decrypt his message. How can this scheme be secure?

Now if Angela wants to send Gus a secret messsge but first must send him the key unencrypted how does she encrypt her message if Gus now has possession of the key?
Why would that be a problem? I'm not sure I understand what you mean...



Now if Gus sends Angela his public key to encrypt her message then she sends that encrypted message back to him he can decrypt that message using his private key. What if he changes the message, encrypts it and sends it back to Angela. He still has to send his private key so she can decrypt his message. How can this scheme be secure?
If he wants to send it back to Angela, he would have to use Angela's public key to encrypt the message. Then Angela decrypts it with her private key.

Posted by CreoN

Why would that be a problem? I'm not sure I understand what you mean...


I think what is confusing me is this. Does bolth the key and the data being sent get encrypted? It seems that they are impyling just that in the first paragraph. If that is in fact the case, if Angela must send the key unencrypted to Gus(because he dosent have the key yet) how does she encrypt her message. Because if she passes the key to Gus unencrypted she needs the key to encrypt her message which she dosent have now because she gave it to Gus and if she encrypts the message with the key and sends it to Gus he has no way of decrypting. If the message is encrypted and the key is not then it makes sense(at least to me :p) because Angela just encrypts the message, sends the encrypted message and the key to Gus. He decrypts the message, changes it encrypts it back with the key he receive from Angela and passes the new encrypted message back with the key to Angela so she can decrypt and read.


Posted by CreoN

If he wants to send it back to Angela, he would have to use Angela's public key to encrypt the message. Then Angela decrypts it with her private key.

Yes but they are saying that the private key used to decrypt the data needs to be possessed by only one of the correspondents. So if there is only one private key shared by bolth parties it has to be passed.

Just for my sig. ;)

If the message is encrypted and the key is not then it makes sense(at least to me ) because Angela just encrypts the message, sends the encrypted message and the key to Gus. He decrypts the message, changes it encrypts it back with the key he receive from Angela and passes the new encrypted message back with the key to Angela so she can decrypt and read.
Couldn't agree with you more. But still, anyone in the middle can get the key from Angela, which is the problem with only one key instead of private/public.


Yes but they are saying that the private key used to decrypt the data needs to be possessed by only one of the correspondents. So if there is only one private key shared by bolth parties it has to be passed.
But then the whole meaning of using private/public keys is lost, if they still would have to share it. Which they wouldn't if it's used correctly. Gus has his private/public key pair, and Angela has hers.
Gus can only decrypt messages with his private key. If he wants to send a message to Angela he would use her public key. So you would have to have a lot of public keys.

Sorry about the somewhat confusing answer.. it's only 8:30 AM, and I'm tired :)

The first case (symmetric):
There is one key. Angela has it. She sends it to Gus unencrypted for lack of choice. But it is not a real key - it's a computer key! She sending it to Gus doesn't mean she doesn't have it anymore. From what you said in your last post you seem to think that by sending the key to Gus Angela can't use it anymore. That's incorrect.
However, Angela then uses the key to encrypt a message, sends it to Gus and Gus decrypts it using the key he got (the same key). The key is not in the message, it was transferred seperatly.

However this is only hypothetical. It is not done, because of the problem that anyone eavesdropping gets the key. If you want to encrypt with symmetric encryption you must exchange the key in a different way, maybe by meeting and doing the exchange personally where nobody can eavesdrop.


The second case (assymmetric):
You can create very many key pairs. Everyone who wants to use this encryption must create one for him.
Gus creates a key pair, let's call it Gpu and Gpr for Gus public and Gus private. Gpu can decrypt what Gpr encrypted and vice versa.
Angela creates a key pair too, called Apu and Apr.
Gpu and Apu are known to everybody or can be retrieved via the internet (e.g. parksie had his in his sig for some time).
Gpr and Apr are kept secret.

If Angela wants to send a message to Gus she takes Gpu and encrypts it. Then she sends it to Gus. Gus takes Gpr and decrypts it. If he wants to reply he takes Apu and encrypts his reply. Angela can decrypt it using Apr.

In real life, because assymmetric encryption/decryption is quite slow for much data, something different is done for sessions (SSL works that way):
Angela wants to initiate a connection to Gus. She creates a random symmetric key for the connection. Then she takes Gpu and encrypts it. She sends the key to Gus, who decrypts it using Gpr. Now they have a symmetric key nobody else can have. They can communicate with symmetric (fast) encryption.



Assymmetric encryption for security uses the fact that Gpr can decrypt what Gpu encrypted but Gpu cannot. There is a second use that uses the fact that Gpu can decrypt what Gpr encrypted: digital signing.
Suppose Gus wants to send a message to Angela. The content of the message is not secret, but Angela is not sure whether the message is really by Gus (e-mail address faking is easy). She can ask Gus to sign it. To do this, Gus takes some known string (like "I am Gus") and encrypts it using Gpr. Angela gets the message and decrypts the signature using Gpu. If the result is the original text she knows the message was by Gus, as no one else could have encrypted the text with Gpr.




More questions?

Ok i think i am getting it now. So in an assymmetricial scheme you would have four keys represented as Ae/Cd - Bd/De. C and B being private keys. So if passing of keys is a no no then i guess the keys are generated and passed out by by a third party such as VeriSign?


Now for SSL(Secure Sockets Layer).Ive been reading about sessions(as you had mentioned in your post). Since web connections are transitory(every page requires a separate socket). So my guess is that SSL allows sessions to be established which minimize the handshaking between two hosts for secure communications.

Now lets say i am doing a web site for a client that wants data to be transmitted in a secure fashion. Now i would need the server side to set up the session? The first socket should endure the overhead of key generation and exchange. So only two keys should be passed to the client right? The private key and the public key. Now if someone intercepts the public key there should be no problem but interception of the private key should render the transaction insecure. So is SSL used with a third party such as VeriSign to generate the and exchange the keys?

Thanks for the help. :)

A private key is never passed. It is always kept local. Every assymmetric secure transaction requires two pairs of keys, one for each way of communicating. Transfer from A to B will always be encoded with one key pair, from B to A with the other.

I don't know the exact workings of SSL. I know that a SSL tty connection is persistent, it keeps up. The same for SecureFTP. I don't know about https though, I think a new secure connection is initiated every time there is a transfer.

Keys are generated locally, that's the only way to guarantee that the private key never was exposed. Once you create one key pair you keep it, you don't create new ones unless you have reason to believe that your private key has leaked.

A huge security leak in OpenSSL (now patched) gave an attacker a way to peak at your private key the moment you initiated a connection somewhere. This leak was absolutly fatal, and whoever has an old version of OpenSSL risks exposing all encrypted data he has ever sent.

Posted by CornedBee

A huge security leak in OpenSSL (now patched) gave an attacker a way to peak at your private key the moment you initiated a connection somewhere.


That dosen't sound too good. :eek:










The topic of secure data transfer is very interesting even though there is a lot of information one has to absorb. :p

I don't really care about it, I'll let the Java classes handle it :)

But I have to learn that stuff at the university.

Originally posted by CornedBee
Assymmetric encryption for security uses the fact that Gpr can decrypt what Gpu encrypted but Gpu cannot. There is a second use that uses the fact that Gpu can decrypt what Gpr encrypted: digital signing.
Suppose Gus wants to send a message to Angela. The content of the message is not secret, but Angela is not sure whether the message is really by Gus (e-mail address faking is easy). She can ask Gus to sign it. To do this, Gus takes some known string (like "I am Gus") and encrypts it using Gpr. Angela gets the message and decrypts the signature using Gpu. If the result is the original text she knows the message was by Gus, as no one else could have encrypted the text with Gpr.


Just to elaborate on that. What is normally done is a hash (something like md5) is taken of the entire message and this is then encrypted with the private key. Encrypting some simple text lie "I am Gus" would not be useful as the spoofer can still just cut and paste this encrypted part into the new message.

That was the bit I didn't remember :)