|
-
May 9th, 2003, 08:37 AM
#6
The first case (symmetric):
There is one key. Angela has it. She sends it to Gus unencrypted for lack of choice. But it is not a real key - it's a computer key! She sending it to Gus doesn't mean she doesn't have it anymore. From what you said in your last post you seem to think that by sending the key to Gus Angela can't use it anymore. That's incorrect.
However, Angela then uses the key to encrypt a message, sends it to Gus and Gus decrypts it using the key he got (the same key). The key is not in the message, it was transferred seperatly.
However this is only hypothetical. It is not done, because of the problem that anyone eavesdropping gets the key. If you want to encrypt with symmetric encryption you must exchange the key in a different way, maybe by meeting and doing the exchange personally where nobody can eavesdrop.
The second case (assymmetric):
You can create very many key pairs. Everyone who wants to use this encryption must create one for him.
Gus creates a key pair, let's call it Gpu and Gpr for Gus public and Gus private. Gpu can decrypt what Gpr encrypted and vice versa.
Angela creates a key pair too, called Apu and Apr.
Gpu and Apu are known to everybody or can be retrieved via the internet (e.g. parksie had his in his sig for some time).
Gpr and Apr are kept secret.
If Angela wants to send a message to Gus she takes Gpu and encrypts it. Then she sends it to Gus. Gus takes Gpr and decrypts it. If he wants to reply he takes Apu and encrypts his reply. Angela can decrypt it using Apr.
In real life, because assymmetric encryption/decryption is quite slow for much data, something different is done for sessions (SSL works that way):
Angela wants to initiate a connection to Gus. She creates a random symmetric key for the connection. Then she takes Gpu and encrypts it. She sends the key to Gus, who decrypts it using Gpr. Now they have a symmetric key nobody else can have. They can communicate with symmetric (fast) encryption.
Assymmetric encryption for security uses the fact that Gpr can decrypt what Gpu encrypted but Gpu cannot. There is a second use that uses the fact that Gpu can decrypt what Gpr encrypted: digital signing.
Suppose Gus wants to send a message to Angela. The content of the message is not secret, but Angela is not sure whether the message is really by Gus (e-mail address faking is easy). She can ask Gus to sign it. To do this, Gus takes some known string (like "I am Gus") and encrypts it using Gpr. Angela gets the message and decrypts the signature using Gpu. If the result is the original text she knows the message was by Gus, as no one else could have encrypted the text with Gpr.
More questions?
All the buzzt
 CornedBee
"Writing specifications is like writing a novel. Writing code is like writing poetry."
- Anonymous, published by Raymond Chen
Don't PM me with your problems, I scan most of the forums daily. If you do PM me, I will not answer your question.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|