When we hear the word Cryptography, we think of an invincible out of world concept which is NOT TRUE. This article will destroy all the fear from your soul and make you feel like King Leonidas.
Every information which is private to us and to our partner should not be exposed to the world. This idea has got nothing to do with Information Security but it dates from the reign of Gods and Kings when they ruled the world. In short, the information between the sender and receiver should be confidential and cannot be read by any middle man.
In this modern era, information is generally send between two or more parties using devices like computer, mobile etc. while keeping the data confidential.
So enough with the chit-chat done above and let’s get to the basics. Cryptography are of two types:
• Symmetric Cryptography
• Asymmetric Cryptography
In Symmetric Cryptographic, sender and receiver uses the same key to encrypt and decrypt the data. Let’s see an example.
Here we can see that Bob and Alice already having the same key. So Bob encrypts the data using the secret key and Alice decrypts the data using the same secret key.
Now you might ask how this encryption is happening. Well there are many algorithms which are specifically designed for Symmetric Cryptography. AES is one such algorithm. AES is mostly used and recognized algorithm by NIST. It is considered highly safe and unbreakable.
Still not clear. Well let’s dive more deep into it.
When Bob is sending the message “Hello Alice” to Alice, he puts the message first into an algorithm like AES.
In modern cryptography, key is a secret known only to (or supposed to be) the concerned parties, the sender and the receiver. It is usually a string of 0s and 1s of length dependent on the cipher being used. Algorithm is the process used to make use of this secret and apply a series of mathematical/logical operations encrypt/decrypt the data. In modern cryptography, this algorithm is public and heavily scrutinized by eminent cryptographers to identify potential weaknesses that can reveal information to an attacker.
Why We Need To Use Asymmetric Cryptography And What’s Wrong With Symmetric Cryptography?
Well there is nothing wrong with Symmetric Cryptography. Only problem is both sender and receiver should share the key and there is lot of chances that it might get tapped or read by any person who is listening to this conversation. So Asymmetric Cryptography is used to transfer this key between the two parties.
What is Asymmetric Cryptography?
In Symmetric Key cryptography , there was only one key between sender and receiver . However, in Asymmetric cryptography, sender will have 2 keys and receiver will also have 2 keys. The name of the two keys :
- Public key
- Private key
Public Key = “This key is known to the world”
Private Key = “As the name suggest, this key is known either to sender and receiver”
Like Symmetric Encryption Algorithm called AES, Asymmetric Cryptography also used algorithms like DH(diffie hellman). Chick this link if you want to know more about DH
Let’s see our first example:
Bob wants to send a message to Alice using Asymmetric Cryptography. READ CAREFULLY WHAT I AM GONNA WRITE NOW.
Bob has his own pair of Public and Private key Pair. Alice also has his own pair of Public and Private key pair. A message encrypted with Public key can only be decrypted with the corresponding private key and vice-versa. It means message encrypted with Bob public key can only be decrypted with Bob private key and vice-versa.
So with this theory, Bob uses the public key of Alice to encrypt the message. Now Alice after receiving the encrypted message will use her private key to decrypt the message
PICTURE SPEAKS LOUDER THAN WORDS
So what’s wrong with Asymmetric Cryptography?
Asymmetric cryptography is DAMM SLOW. On the other hand, Symmetric Cryptography is FAST AS HELL but both the sender and receiver has to know key prior to sending messages.
How can we use both this Encryption scheme for our benefit ?
We know Asymmetric is slow but user and sender does not have to know the key prior to sending the message. Below are the steps which actually takes the goodness of both symmetric and asymmetric cryptography and makes the communication completely secure and fast.
- Bob will generate the symmetric key and encrypt the key using Alice public key
- Alice will receive the encrypted key and decrypt the key using her private key. Now she will get the Bob symmetric key. This way Bob and Alice now share the same symmetric key.
- From now on all the communication between them will be encrypted using the symmetric key.
In short, we use Asymmetric Cryptography to transfer the Symmetric key from sender to receiver. From now on, sender and receiver will use Symmetric cryptography to communicate because it’s faster.Now you should feel like this guy below..even if you don’t have those abs .
Please give your comments and spread this article.. Coming Up Next …. How easy is PKI and SSL working