Thursday, December 13, 2012

How Encryption works

en = make | crypt = secret

Encryption is making something secret so unauthorized parties cannot read it.

Encryption algorithms are used to encrypt/decrypt the data, and a specific value named Key is used in these algorithms. This value is named as such because it's the key for locking and unlocking the encrypted data.

When encrypting, these algorithms take the data (in plain-text) and a key as the input and output the cypher-text (data in an unreadable format).

When decrypting, they take the cypher-text and a key as the input and output  plain-text data.

Encryption algorithms are publicly available and the only thing an unauthorized party requires to access the data is this key.

There are two key based encryption mechanisms...

1. Symmetric Encryption

Symmetric = both sides equals. 
So, Symmetric Encryption = encryption/decryption by the same key.

This is also called the shared key encryption. The key is known by both the originating and the intended receiving party, and it is used for both encryption and decryption.

Advantage : Fast
Disadvantage : Delivering shared key securely to the other party is no easy task.
    2. Asymmetric Encryption

    Asymmetric = two sides are not equal.
    So, Asymmetric Encryption = encryption done by one key...decryption by a different key.

    This is also called as Public Key Encryption. In this method a key pair is used. A Private Key and a Public Key. Private key is...well...private...it is known only by you! Public key is given to the other party. If data is encrypted using the private key it can be decrypted only by the public key, and vice versa. Same key cannot do both.

    The public key will be distributed to the other communicating parties. If someone in-between plucks it...no harm! Let's see why...

    When A wants to send data to B, A will encrypt it using the public key he  received from B. Remember, data encrypted by a public key cannot be decrypted by the same key. So even if an unauthorized person takes the data from the wire he cannot read it. It can be opened only by the private key of B! When B sends a response back, he will do the same...encrypt using the public key of A.

    Wait! What if A encrypts the data using his private key...anyone having the public key can read it right? Yes. It won't be secure, but it will guarantee the receiving party that the data was sent by A...no middle-man messed with data. This is a digital signature.

    Advantage : It removes the secure key distribution problem.
    Disadvantage : Slower. Best suited for small sizes.

    In message exchanges, usually a combination of above two methods are used. The data itself is encrypted using symmetric encryption, and that shared key is then encrypted using asymmetric encryption.

    Ref:
    [1] http://computer.howstuffworks.com/encryption.htm 
    [2] http://www.productivity501.com/digital-signatures-encryption/4710/
    [3] http://www.tatanka.com/bionic_buffalo/original/archive/document/technote/tn0035.html 
    [4] http://stackoverflow.com/questions/5478952/difference-between-asymmetric-and-symmetric-encryption-methods 

    1 comment:

    Jimmy Jarred said...

    I recently got an assignment to explain how digital signature and encryption works. Thanks to you for explaining and providing such a wonderful detail for both these topics.
    what is a digital signature