Most people have a vague idea how symmetrical encryption works: A message, for example an email, is made unreadable with the help of a key, e.g., a number unknown to outsiders. Only those who know the key are able to make the email readable again. Thus, it is important to make the key only available to those who should have access to the e-mail. Passwords and “your personal secret code” work with methods of this type. As encryption and decryption work with the same key, we call these methods symmetrical.
An important problem of symmetrical encryption methods is: If one cannot send the message to the recipient without fearing it may be intercepted (that’s the reason why we encrypt it in the first place), how do we get the key undetected to the recipient? Send another email with the key? (This is called the “key exchange” problem.) Of course: One can meet ahead of time and agree on a key for every day of the coming year. Or one can send the keys for the next 100 emails in a letter. But these are complicated ways, and the administration and secret storage of all these keys is then another problem.
In the 1970s, mathematicians discovered the possibility of asymmetrical cryptography:
This opens up the following possibility: I generate such a key pair for myself. I send one of the keys (which will be my "public" key from now on) to everyone who wants to send me encrypted messages, e.g., secure emails. Whoever wants to send me an email uses this key for the encryption. I can send this key through an open email or on postcards. I can also deposit this key at a publicly accessible place, e.g. on a "key server" on the Internet, with the instruction: "Hi, this is my public key. Whoever wants to send me a secure email, please use this key." But I keep the other key of the key pair strictly to myself, STRICTLY TO MYSELF. This is my "private" or "secret" key.
When someone wants to send me a secure email, he (she) uses my public key for encryption and sends it to me; as only the owner of the secret key is able to decrypt it, only I can read it; it does not matter that my public key is public knowledge. People who have never seen me or met me or whom I do not know can send me such an email, because a secret key exchange is not necessary. They just have to get my public key somehow. (Caution: Not even the sender of such an email is able to decrypt it; the sender may want to make a copy for himself *before* the encryption takes place.) This way, the problem of the key exchange is solved.
Asymmetric cryptography also opens the possibility of signing emails and other messages cryptographically or, as it is sometimes called, "electronically" or “digitally”:
Usually, when we get an email, we trust that the person named as the sender actually sent the email. But any hacker worth his money is able to forge the sender's email address. Asymmetric encryption enables us to do the following:
I can send my email twice:To check if this email is from me, people have to:
Thus, a hacker can send an email to my bank, saying, "Please transfer $100,000.00" to John Smith (John Smith being the hacker, of course). But (unless the hacker has been able to hack my secret key beforehand), the hacker would not be able to encrypt this email in a way that, decrypted with my public key, it says the same.
One can combine encrypting and signing:
If you want to know what you are doing while using public-key cryptography, you do not have to know more than discussed in 1. through 4. The computer reliably does the rest. However, some details are worth mentioning:
There are a number of asymmetrical or public-key encryption methods (which are based on mathematically closely related principles):
Symmetrical encryption methods use the same key for encryption and decryption. The advantage compared to asymmetrical methods is that they encrypt and decrypt considerably faster. The following are well known symmetrical encryption methods:
The methods from Triple-DES onward are considered safe at this time. (With accelerating computing speeds of new computers, previously safe methods are becoming unsafe over time.)
In practical public-key cryptography, as for example in PGP, symmetrical and asymmetrical methods are used in combination in order to use the advantages of each method, namely, the faster encryption/decryption times of symmetrical methods and the capability of signing and ease of key exchange of the asymmetric methods. Both methods are combined like this:
The longer a key, the safer it is, i.e., the more computing power and computing time one needs to crack the encryption.
Symmetrical and asymmetrical keys have very different key lengths to provide the same amount of security. For example, a symmetrical key of 128 bits corresponds roughly to an asymmetrical key of 2304 bits key length. Thus, if someone claims that a key length of 256 is safe (or unsafe), one has to clarify which method is spoken about.
Hash functions condense a message of any length into a unique definite single number of fixed length. (Sometimes this resulting hash number is called a "message digest.") The idea is that knowing the hash number does not give anyone any hint regarding the original message and that a slightly modified message, e.g., by adding just a blank space anywhere in the text, will result in a totally different hash number. Whoever has the hash number has no way (within a reasonable amount of time) to find a reasonable message that corresponds to this number, but whoever has the original message can compute the corresponding hash value easily. If two people want to know if two messages are the same, they can, instead of comparing the messages themselves, calculate the hash numbers of these messages: if the hash numbers are the same, it is very, very, very, ... (you can a lot more "verys" here) unlikely that the messages are different.
In practical applications, the above-mentioned cryptographic signatures use such a hash number.Well-Known Hash-Algorithms are:
As far as I know, there are currently two camps which, although they use the same encryption methods, use different implementations of them: the PGP standard und the X.509 certificate standard.
PGP stands for "Pretty Good Privacy". The developers of PGP had a sense of mission and made the PGP programs publicly accessible from the very beginning (also outside the U.S.), as they felt that everyone had the right to privacy. Non-commercial users could even download the PGP programs for free and only commercial users had to license them. One of the key figures was Phil Zimmermann, who developed this standard in the 1990s. He got into a long and expensive legal struggle with the US federal government. The US government was of the opinion that encryption was of high military importance, and that someone who distributes encryption methods, especially outside the U.S., is legally equivalent to an arms dealer. The U.S. government finally dropped the charges against Phil Zimmermann, but only after he had incurred high costs for his legal defense. He became a hero of the privacy movement.
From the very beginning, PGP developers published the source code of the core encryption software and have not claimed a copyright on it. (However, specific applications that use this basic encryption software are copyrighted.) This has led to a "PGP community", and other programs were developed that use the same encryption standard and that, at least theoretically, can all exchange secret emails with each other (There can be incompatibilities with certain methods due to minor variations and between different versions of the same program). Other programs using the PGP standard are, among others, OpenPGP and GPG (also called GnuPG). The commercial version of PGP has changed hands a number of times and is owned today by the PGP Corporation. Their newest version is PGP 9.5 (as of Spring 2007). Private users can use a slightly limited version for free (download it from www.PGP.com); those who want full functionality or are commercial users have to buy the program. GPG and OpenPGP are available in public license, i.e., one can use these programs commercially or non-commercially without charge.
X.509 is a standard of the computer industry and is used for Internet browser encryption and Internet browser security. A "X.509 Certificate" is a public key tied to an identity of a person, corporation, website, or email address. The certificate authorities issue these certificates and guarantee that the certificate's owner (to be more exact: the owner of the corresponding private key) is really the one the certificate says he/she is. Internet browsers (Microsoft's Internet Explorer, Netscape, and all the others), some email-programs, and some other programs can work with these certificates. The certificates use the same encryption methods as PGP, but the data formats are different. Programs that work with PGP keys cannot (i.e., only with a special "translation") work with X.509 certificates and vice versa. PGP 9.0, however, is able to use X.509 certificates; this is one of its new features.
PGP and X.509 standards are in competition in the field of emails and messaging; it is not clear at the moment which one (or none or both?) will prevail in the end.
InstantCrypt uses GPG as its encryption engine, which uses the PGP standard. Thus, InstandCrypt should be capable of exchanging mails with the other PGP programs (e.g., any application using GPG, OpenPGP, PGP 9.0 and PGP's previous versions), but this has not been extensively tested.