click here to find out more about us













Going public

PUBLIC-key cryptography or asymmetric cryptography is a relatively recent phenomenon, first developed by Whitfield Diffie and Martin Hellman in 1975.

The two leading e-mail encryption protocols, PGP and S/MIME, use public-key cryptography (see PGP vs S/MIME).

In addition to scrambling e-mail, public-key cryptography is widely used for other applications such as e-commerce, digital certificates, digital time stamps, anonymous remailers and secure Telnet connections.

Public-key cryptography gets past the major drawbacks of conventional cryptography and also adds important features that prevent forgery and tampering.

How it works

Public-key encryption makes use of two ``keys'' -- a public key and a private key, in contrast with conventional cryptography which uses a single key. The two keys are generated using complicated mathematical algorithms that involve the use of prime numbers.

The public key can be thought of as a lock, and the private key as the key that opens the lock.

To send a secure message to someone, you need to encrypt it with their public key (fasten the lock), and the receiver will use the private key to decrypt the message (open the lock).

The public key cannot be used to decrypt the message, and it cannot be used to generate the private key either.

To illustrate how public-key cryptography works, let's assume there are two users, Jake and Elwood. If they want to communicate with each other securely, they must first obtain their public and private keys.

If they use PGP, the program will generate the keys for them. If they use S/MIME, a certificate authority will generate their keys for them.

Jake and Elwood then exchange their public keys and also distribute their public keys as widely as possible. This is usually done by sending the keys to a public key server, through e-mail, or by posting it on a website.

If Elwood wants to send a secure e-mail message to Jake, he would use Jake's public key to encrypt the message. When Jake receives the encrypted message, he uses his private key to decrypt it.

Alternatively, if Jake wants to send a secure e-mail message to Elwood, he uses Elwood's public key to encrypt the message.

Although it may seem counter-intuitive to reveal the public key to everyone, note that public-key encryption is a one-way routine, and it is not reversible.

If you're interested in the technical details of public-key cryptography, consider getting a book on cryptography, refer to the PGP documentation, or surf to some of the websites mentioned in this focus.

Lock and key

Public-key cryptography solves the inherent problems in other cryptography systems that have held them back. This system allows other users to send encrypted messages to another person without having to determine a password beforehand. There is no need for a secure communications channel either.

Also, the fact that a private key is held by only one person greatly diminishes the chances of a security breach.

There is no chance the another party will inadvertently reveal the password or worse, betray you. With public-key cryptosystem, only you have the ``password.''

Plus, there is no need to memorise a whole bunch of different passwords or to keep track of them.

In addition, public-key cryptosystems support user authentication and digital signatures, which protect against forgery and message tampering.

However, public-key cryptography is also slightly harder to implement than conventional cryptography, and it entails more responsibility from users.

In addition, S/MIME users would need to pay an annual fee to a certificate authority.

© In.Tech, Star Publications (M) Berhad.
All Rights Reserved
e-mail intech@thestar.com.my