The first post in our series about new secure network protocols concerns the most important concept required for understanding security, encryption.
Encryption is the process of encoding information in such a way that only parties who are authorized to read the encrypted information are able to read it. Its goal is to keep information secure from eavesdroppers, or secret.
The unencrypted information is known as the plaintext, while the encrypted information is called the ciphertext. To obtain the plaintext from the ciphertext, an encryption key is required, and only authorized parties have a copy of the encryption key. The encoding process is known as the encryption algorithm. The algorithm is designed such that decrypting the plaintext without the key is not practically possible.
There are two main types of encryption – symmetric key encryption and asymmetric, or public key encryption.
Symmetric key encryption
In symmetric encryption, the key used to encrypt the plaintext and the key used to decrypt the ciphertext is the same. This means that the two parties (the sender and receiver) must share the key (which itself must be kept secret). Of course, working out how to share the key securely is another instance of what encryption is designed for – sharing information securely. So how do the two parties share their secret key? Fortunately, this can be achieved by asymmetric (or public key) encryption, explained below. Popular symmetric key algorithms include AES, Blowfish, RC4 and 3DES.
Public key encryption
Public key encryption is based on a special set of algorithms that require two separate keys. One key, known as the private key, is kept secret, and the other key, the public key, is made widely available. Together they are known as the keypair. The public key is used to encrypt information, and the private key is used to decrypt it. So anyone can use the public key for encryption, but only the owner of the private key can decrypt it.
Public key encryption can be used to solve the key distribution problem associated with symmetric encryption. The sender needs to make sure the receiver has their symmetric key so the receiver can decrypt their message. So the receiver generates a keypair, and sends the public key to the sender. It doesn’t need to be secret. Now the sender can encrypt their symmetric key and send it to the receiver. The receiver is the only party that can decrypt it, using their private key. Now both sender and receiver share the same symmetric key.
Popular public key algorithms include RSA, Diffie–Hellman, ElGamal and DSS.