Encryption and Authentication

Messages sent across a network often contain sensitive information, such as credit card numbers. Unscrupulous people might try to intercept these messages. Preventing the interception is not always possible because the message might pass through nodes that are not under the control of the sender or the receiver. For security, some mechanism must be in place so that intercepted messages are useless to the interceptor.

Encryption refers to encoding a message so it can only be read by the intended receiver. Encryption works by processing the data with a special value called the “key,” which results in a new message. The new message cannot be returned to the original (cannot be decrypted) without the use of a key. The entire process is referred to as cryptography.

There are two categories of cryptography. In private-key cryptography, the encryption key is the same as the decryption key. This approach means that for the sender to transmit an encrypted message, the receiver must already have the sender’s secret key. The sender cannot transmit the key to the receiver because then any possible interceptor of the encrypted message could intercept the key also. That would defeat the purpose of encryption.

In the second category, public-key cryptography, the encryption key and decryption key are different. Each receiver maintains a private key, which it does not share. Each private key generates a public key, which is then “published,” which means it’s shared with any node that asks for it – by posting it on a public Web site, for example. Messages that are encrypted with a public key can only be decrypted using the matching private key.

For instance, if node A wants to transmit to node B, node A uses B’s freely available public key to encrypt the message. The resulting message can only be decrypted by B’s private key. Thus, no matter who intercepts the message, only B can decrypt it. What makes public-key cryptography work is the mathematical relationship between a private key and public key. The public key can easily be computed from the private key. However, the reverse computation, though possible, is so time-consuming that it is believed to be intractable even for a computer.

Public-key cryptography solves the problem of safely getting the keys to the right nodes, but it introduces another problem, authentication, which means confirming the sender’s identity. Even if messages can only be read by the receiver, it doesn’t mean they were all sent by the expected sender. An imposter could hijack a conversation by sending messages using the receiver’s public key, confusing the receiver. For example, if someone could send messages to your bank that your bank thought came from an ATM you were using, the messages could tell the bank to transfer money from your account to the imposter’s.

Thankfully, authentication can be achieved in several ways. One solution is to give the sender a private key also and have it publish a public key. The sender then encrypts messages, first with its own private key and then with the public key of the receiver. Remember that a message locked with one key of a public/private pair must be unlocked with the other member of the pair.

Thus, when the receiver runs the message through its private key, the resulting message must be processed again with the sender’s public key. Because the message decrypts in the end with the sender’s public key, it proves it was originally encrypted with the sender’s private key, which only the sender has; hence, it proves the sender sent the message.

Authentication works well when the senders and receivers all know each other and where to find each other’s public keys. If you want to make a purchase over the Internet, though, the merchant can’t find your public key even if you had one. In those cases, a combination of public-key and private-key cryptography is used. A form of public-key cryptography is used initially, and through this the sender and receiver create a temporary shared secret key. The secret key is used until the sender is done sending messages and then it is discarded.