This chapter briefly explains the terms and principles used in FileCrypt. You can either read the chapter from start to end or look up the words you want to know more about.
You will find explanations on the following:
For more detailed information , we refer to the book "Protect Your Privacy" by William Stallings, published by Prentice Hall PTR and to the information on PGP available on the internet. Parts of this chapter are based on "Protect Your Privacy".
ENCRYPTION
Encryption is the transformation of data into a format that can be safely transmitted, without fear of anyone intercepting and reading the message. Once encrypted, data must be decrypted to be read.
CONVENTIONAL ENCRYPTION
A useful analogy to conventional encryption is a strongbox with a single lock and two copies of the key (Figure 1). Say Bob wants to send a secure message to Alice and suppose that Bob and Alice each have one of the two keys. Bob places the message in the strongbox and locks it with his copy of the key. The strongbox is then transported to Alice. Anyone can be trusted to do the transporting, since the box is locked. When Alice gets the box, she unlocks it, using her copy of the key.
Now let us look at conventional encryption. Again, Bob wants to send a message to Alice in such a way that no one else except Alice can read the message (Figure 2). The original message is referred to as plaintext. To thwart potential eavesdroppers, Bob scrambles the message using an encryption algorithm, producing ciphertext. Anyone reading the ciphertext would see an apparently random string of nonsense. For this scheme to work, the key must be kept secret, known only to Bob and Alice, and so we shall call this a secret key. Once the ciphertext is produced, Bob transmits the message to Alice. Alice can then transform the ciphertext back to the original plaintext by using a reverse version of the same algorithm with the same key that Bob used.
There are two requirements for communication by conventional encryption:
PUBLIC-KEY ENCRYPTION
Public-key cryptography involves the use of two separate keys, in contrast to conventional encryption, which uses only one key.
A useful analogy to public-key encryption is a strongbox with a special kind of lock that accommodates two types of keys (Figure 3). One key, a lefty key, turns the locking mechanism to the left and the other key, a righty key, turns it to the right. When the mechanism is unlocked, it is in a center position. If it is turned to either the left or the right, it is locked and the box cannot be opened. So an unlocked box can be locked with either a lefty key or a righty key; however, if the box is locked with a lefty key, the only way to unlock it is with a righty key and, similarly, if it is locked with a righty key, the only way to unlock it is with a lefty key.
Now, say that Bob wants to send a secure message to Alice and suppose that he has the righty key for a strongbox and Alice has the matching lefty key. Bob places the message in the strongbox and locks it with the righty key. The strongbox is then transported to Alice. Anyone can be trusted to do the transporting, since the box is locked. When Alice gets the box, she unlocks it using the lefty key.
This special kind of strongbox opens up all kinds of possibilities. For example, let us say that we have a community of people who want to exchange messages in strongboxes. Everyone in the group can buy their own personal strongbox with unique lefty and nghty keys. Each member of the group maintains exclusive possession of his or her righty key but all lefty keys are shared. This could be done, for example, by having everyone write their name on their lefty key and depositing these keys with a locksmith. When anyone wants someone else's lefty key, they can go to the locksmith, who will duplicate the requested key.
Consider the following scenario (figure 4): Bob wants to send a message to Alice and make sure that no one but Alice can read it. Here's how: Bob gets a duplicate of Alice's lefty key and of her strongbox, puts the message in the box, and locks the box. Since only Alice has the righty key for this box, only she can open the box.
Another scenario: Bob wants to send a message to Alice and, although it isn't important that the message is kept secret, he wants Alice to be certain that the message is indeed from him. In this case Bob uses his own strongbox and locks it with his righty key. When Alice receives the box she finds that she can open it with Bob's lefty key, thus proving that the box must have been locked by Bob.
Now let us look at public key encryption. A general-purpose public-key cryptographic algorithm relies on one key for encryption and a different but related key for decryption. Furthermore, these algorithms have the following important characteristics:
The essential steps are the following:
With this approach, all participants have access to public keys, and private keys are generated locally by each participant and therefore need never be distributed. As long as a user protects his or her private key, incoming communication is secure. At any time, a user can change the private key and publish the companion public key to replace the old public key.
As an example of public-key encryption, Bob encrypts a plaintext message with Alice's public key, producing ciphertext. The ciphertext depends on the encryption algorithm and also on the key. When Alice receives the ciphertext, she can decrypt it using her private key.
Public-key encryption provides us with tremendous flexibility to
perform a number of security-related functions. Two areas in
particular stand out: key management
and authentication.
KEY
A key is the code which is used to encrypt or decrypt a text. In conventional encryption, the same key is used to encrypt or decrypt. In public-key encryption, different keys are used to encrypt and to decrypt.
SECRET KEY
In public-key encryption, secret keys are used to decrypt or sign messages only. It is not possible to encrypt messages using a secret key. Because you use the secret key to decrypt messages people send to you and to authenticate the mesages you send, this key is for your personal use only, and must never be disclosed to the public.
PASSPHRASE
A passphrase is a word or phrase, or even just random characters, which allows you to use your secret key. Your passphrase should be more than one word, and never ever something which a person who knows about you could guess, i.e., your name, your middle name, your pet's name, your kid's name, your birthday, your anniversary, your girl/boyfriend's name, your spouse's name, your address, your favorite band, etc. It should contain irregular capitalization, e.g. tHe, $mith. It should also be easy to type quickly, without error, and without your needing to see it on the screen. It is also recommended to change your passphrase regularly.
PUBLIC KEY
In public-key
encryption, public keys are
used to encrypt messages only. A public key is always associated with
a secret key and messages encrypted with a public key can only be
decrypted with the associated secret key. Your public key is used by
everybody who want to send you encrypted messages and can be
distributed to the world at large, through any channel, secure or
insecure.
KEY RING
A key ring is a document which holds a collection of keys
SECRET KEY RING
A secret key ring is a document which contains secret keys only.
PUBLIC KEY RING
A public key ring is a document which contains public keys only.
KEY MANAGEMENT
With conventional encryption, a fundamental requirement for two parties to communicate securely is that they share a secret key. Suppose Bob wants to create a messaging application that will enable him to exchange e-mail securely with anyone who has access to the Internet or to some other network that the two of them share (e.g., an on-line service such as Compuserve). Suppose Bob wants to do this using only conventional encryption. With conventional encryption, Bob and his correspondent, say, Alice, must come up with a way to share of a unique secret key that no one else knows. How are they going to do that? If Alice is in the next room from Bob, Bob could generate a key and write it down on a piece of paper or store it on a diskette and hand it to Alice. But if Alice is on the other side of the continent or the world, what can Bob do? Well, he could encrypt this key using conventional encryption and e-mail it to Alice, but this means that Bob and Alice must share a secret key in order to encrypt this new secret key. Furthermore, Bob and everyone else who uses this new e-mail package faces the same problem with every potential correspondent: Each pair of correspondents must share a unique secret key.
How to distribute secret keys securely is the most difficult problem for conventional encryption. This problem is wiped away with public-key encryption by the simple fact that the private key is never distributed. If Bob wants to correspond with Alice and other people, he generates a single pair of keys, one private and one public. He keeps the private key secure and broadcasts the public key to all and sundry. If Alice does the same, then Bob has Alice's public key, Alice has Bob's public key, and they can now communicate securely.
It is only fair to point out, however, that we have replaced one
problem with another. Bob's private key is secure since he need never
reveal it. However, Alice must be sure that the public key with Bob's
name written all over it is in fact Bob's public key. Someone else
could have broadcast a public key and said it was Bob's. We explore a
number of ways to overcome this problem when we discuss PGP in the
following chapters.
AUTHENTICATION OR MESSAGE SIGNATURE
Suppose that Bob and Alice share a secret key for conventional encryption and that Alice receives an encrypted message that is allegedly from Bob. Alice decrypts the message and recovers intelligible plaintext. Conclusion: This is a genuine message from Bob, since Bob is the only person other than Alice who knows the shared secret key.
One weak spot in this arrangement is that Bob can send Alice a message and later deny it. What would be the point? Well, suppose Bob is an investor and Alice a broker. On Monday Bob sends Alice a message with instructions to buy a thousand shares of Speculative Unlimited. On Tuesday the stock drops 10 points on bad news. On Wednesday Bob gets a written confirmation of the Monday trade and promptly denies that he ever gave such instructions. Can Alice prove otherwise? No, because Alice could have easily generated the buy order, encrypted it with the key she shares with Bob, and then decrypted her own message!
Public-key encryption solves this problem. This time, let us say
Bob sends a message to Alice encrypted with his private key. Alice
decrypts the message, using Bob's public key, but also retains the
encrypted version. If Bob later denies he sent the message, all Alice
has to do is present a judge or other arbitrator with the ciphertext,
the plaintext, and Bob's public key. The arbitrator can confirm that
the ciphertext translates into the plaintext in question with Bob's
public key, and that the ciphertext must therefore have been created
by Bob with his private key.
