Wednesday, July 11, 2007


This is not your father's cryptography!

Traditional cryptography systems work under the condition that both the sender and recipient each have a copy of the cipher key. The sender sends an email that was encrypted using his copy of the cipher key. Once received, the recipient decrypts it using her copy of the same cipher key. This system works because each party has a copy of the same cipher key.

But what if the recipient did not have a copy of the cipher key?


Cryptographers came up with several ingenious solutions. The one most widely used employs a public and a private key. Only the recipient needs to create these keys. It works like this:
  • The recipient sends her public key to the sender.
  • The sender uses her public key to encrypt the message and then sends the encrypted message to her.
  • The recipient uses her private key to decrypt the message.
Notice the following:
  • The public key is given to anybody who wants to send encrypted mail to the recipient.
  • The private key is the only key that can decrypt any message that was encrypted with its partner public key.
This method, called Public-Key Encryption, has one major weakness. That weakness arises from the public key. A third party could create its own private & public pair and send its public key to the sender. The public key is sent under the guise that it came from the recipient. If the sender uses the bogus public key and sends the encrypted message and that message is intercepted by the third party, the latter will be able to decrypt the message using the private key it generated.

This weakness can be avoided in two ways:
  • the public key is personally handed to the sender; or
  • have an independent and trusted third party, called a Certificate Authority (CA), authenticate the recipient's identity and, thus, the authenticity of her public key. Authentication is done through a digital certificate.
The recipient and the CA are the two primary parts that form what is called the Public Key Infrastructure (PKI). Numerous articles explain this so you may click here to read an explanation of the process.


What about casual users? Is there a simpler way to exchange encrypted emails? There is and it's as simple as sending the cipher key to the recipient in one email and then following it up with a second email that contains the encrypted message.

This is a weak system but it's adequate for casual users.


I had a discussion about cryptography with an information security specialist recently. He described a method that uses private keys and doesn't involve a third party. He had no name for it but it works! Each party has a private key that never leaves the owner's possession.

The method solves the conundrum (raised at the beginning of this article) of sending an encrypted message to a recipient who doesn't have a copy of the cipher key.
First, the sender encrypts his message using his private key. He then sends it.

Second, the receipient receives his encrypted message and then proceeds to encrypt it again using her private key. She then sends the double-encrypted message back to him.

Third, the sender decrypts his message. His message is now in clear text. He sends it back to her.

Finally, she decrypts the email using her private key and reads the clear text message.
Take note of the following. Each party has a private key. And there is no third party. I can't see any discernible flaws, can you?

It does require one thing and that's cryptographic software that can encrypt and decrypt a message that's already been encrypted without damaging it. I have not had the opportunity to investigate and find one yet. If you know of any, please contact me.
Sphere: Related Content

No comments: