Cryptographic Basic Methods in Information Security – Let me introduce you to Alice and Bob. Now Alice and Bob want to send each other encrypted data. Might be you have seen examples of encryption where we take some piece of piece of plain text we use a key and then we encrypt it with that key and then we decrypt it with the exact same key. That’s what we call symmetric encryption.
Basic Concepts Of Cryptography
Let say Alice wants to encrypt something she’s going to encrypt it with a key and then in order for Bob to decrypt it he’s going to need the same key. And that is a big problem with symmetric encryption. You see with symmetric encryption it’s easy to send the encrypted stuff from one person to another. But how do you send the key? And this is always a big problem. So the key that Alice and Bob are using right now to deal with this one particular bit of thing they’re doing is going to be called a session key.
Symmetric encryption is the primary way we encrypt data.
Big thing we use when we talk about these forms of symmetric keys is the words in-band out-of-band. When we say in-band we’re basically saying well I’m going to send the key with the encrypted data. Doesn’t sound very smart does it. Well it isn’t because if we were to send the key with the encrypted data assuming that Kirchhoff’s principle is involved somebody could figure out the algorithm and decrypt it on their own. So sending stuff in-band is risky. Now we could go to out-of-band.
For example Alice could get on her bicycle and ride over to Bob’s. But then we almost kill the whole concept of wanting to do encryption right? Because in that case she could just send a letter or something put it in her back pocket and hand it to Bob. So this is a big challenge that we run into with symmetric encryption.
A temporary cryptographic key. In this particular case, Alice can invent a key out of the blue and she’ll never use it again. In this way the key is simply temporary and never used. When you set up keys in such a way that knowledge of a key used in a previous session keeps you from being able to crack in a current session we call that perfect forward secrecy.
- Provides perfect forward secrecy
So the beautiful part about ephemeral keys assuming that Alice can generate keys that are arbitrary to the outside person. Is that an ephemeral key, done right, always provides perfect forward secrecy. So if somebody cracked a session six months ago it’s not going to do them any good today. So that’s an important concept. So we still have the problem though of how do we exchange a session key? And to do that we do something that’s absolutely fascinating. We do something that’s called asymmetric encryption.
The biggest advantage of this cryptographic technique is, it doesn’t use a key. It uses, you ready, a key pair. So Alice is going to do is on her computer she’s going to generate two completely separate keys. Now these two keys are known as a public key and a private key and the cornerstone of asymmetric decryption works like this. The public key is used by receiver. And the private key is kept by Alice. In fact it’s put on a protected part of her harddrive so that nobody can accidentally get to it. It’s very protected. They might use a different key later but for this one piece of encryption and decryption they’re going to have one session key.
- Uses a key pair (Public Key and Private Key)
How Public And Private Key Works
In fact it’s put on a protected part of her harddrive so that nobody can accidentally get to it. It’s very protected. The public key is only used to encrypt and the private key is only used to decrypt. So what’ll happen is that Alice will generate a key pair and then she will send this public key she can send it in-band, she can do anything she wants, over to Bob. Now Bob with that public key he can take whatever he wants to encrypt, he will encrypt it with Alice’s public key and the only person who can decrypt it is Alice because she has the private key.
- Ephemeral Keys provide perfect forward secrecy due to the temporary nature of the key.
- An Asymmetric encryption is slow, but very useful in exchanging session keys.