Table of Contents
v. 1.0 by Erin Spiceland
A Simple Guide to Encryption
Introduction
The Definition of Encryption
Why Encryption is Important
Basic Encryption Theory
Types of Encryption
Symmetric Key Encryption
Asymmetric Key Encryption
Hash Functions
Instructions
SSL for the Web
Apache
cPanel
PGP for Email
PGP for Windows
PGP for Linux
Hashes for Small Data
Other Resources
Articles
If you still have questions after consulting our articles, please post to our
service and support forum
.
Article List
Web Hosting How-To
Scripts FAQ
Scripts on Windows
Templating Our Scripts
Simple Encryption Guide
SSL Tutorial
PGP Tutorial
Using MD5 Hashes
A Simple Guide to Encryption
Asymmetric Key Encryption
Asymmetric key encryption requires two different unrelated keys. The public key is used to encrypt the data and the private key is used to decrypt the data. The basic idea behind this type of encryption is that the public key is freely distributed to anyone who wants it, but the private key is kept secret. Anyone can encrypt a message using a person's public key, but only that person can decrypt it because only he possesses the private key. One benefit of asymmetric key encryption over symmetric key encryption is that the key that must be communicated between parties will not decrypt the message. It will only encrypt the message. Because only one of the keys can decrypt the message, each person involved in the exchange must have a private and public key. We can consider the example of two people communicating via letter. Bob and Alice both have a lock and a key. Bob sends Alice his unlocked lock but keeps the key. Alice writes a message, puts it in a box, and locks it with Bob's lock. She sends Bob the box and her own unlocked lock. Bob opens the box with his private key, writes a message, places it in the box, and locks it with Alice's lock. Alice can unlock the box with her own private key upon receipt of the box.
However, as mentioned in
Symmetric Key Encryption
, asymmetric key encryption can be up to one thousand times slower than symmetric key encryption. To combat this rift between efficiency and security, the two are often used in tandem. The author combines his private key with the recipient's public key, and the recipient does the same with his own private key and the author's public key. The result is the same key, a shared secret key that does not need to be communicated. After this initial calculation, the dialogue can continue using the faster symmetric key encryption without the worry that an adversary can capture the key during transmission.
One common method by which asymmetric key ciphers can be compromised is a man-in-the-middle attack. This type of attack occurs when an adversary obtains Bob's lock as it is being transported to Alice. The adversary then sends Alice his own lock and keeps Bob's for himself. When Alice sends the locked box back, the adversary opens it with his own private key, reads the message, and locks the box back with Bob's lock. Neither Bob or Alice suspect anything, because they can both still lock and unlock the box.
Back - Symmetric Key Encryption
Next - Hash Functions