Part two of our Cryptography Series
As discussed in a previous blog post, cryptography is the science of scrambling and unscrambling a message while it is in transit. The primary purpose of this is to keep the message content safe, in case it is intercepted by a malicious third party.
It is important to remember that the message is scrambled by the sending party, and then unscrambled once it is safely in the hands of the receiving party.
How does this all actually work? Well, it happens using a mechanism known as the “key.” In a way, this is very similar to a traditional key – you use it to lock your door when you leave and unlock it when you return home. In the world of Cryptography, this kind of key is known specifically as a “Digital Key.”
The key is based upon a mathematical value and is stored on the computers of both the sender and the receiver. So, if Party A (the sending party) wishes to compose and send a message to Party B (the receiving party), they would write the message, and then paste that in the body of the email.
Before sending it off, Party A would then hit the “Encrypt” key in their email package. From there, the message would be decomposed into its garbled state. Once Party B receives this message, they would then unscramble it into a readable and decipherable format by using the “Decrypt” function in their email package. Nowadays, most email systems automate this entire process.
In the above example, the digital key being used is technically known as the “Private Key.” In this case, both Party A and Party B are using the exact same kind of key to both scramble and unscramble the message.
While this provides an extra layer of security, there is one inherent flaw. If either Party A or Party B accidentally reveal the secrecy of this key to an outside entity, then the value of using it is totally eradicated. This kind of key is used in what is known as a “Symmetric Cryptography” system, because the same Private Key is being used.
In order to alleviate this issue, a newer system was created in which a combination, or a pair of keys, is utilized. In this case, the new key is called the “Public Key” and is used in conjunction with the Private Key. So, when Party A wishes to scramble the content of their email message to Party B, they would use the Public Key to do this.
The Public Key is also digitally based and is created by using a complex mathematical algorithm. It is important to note that there is nothing really secret about the Public Key. Anybody who wishes to can use the same one, and there are no limits to how many times it can be used.
When Party B gets the garbled email message, they follow the same process to render it back into a readable state. They still use the private key, but the difference this time is that only they know about it, nobody else does, not even Party A.
The Public Key/Private Key combination offers a second layer of security and is commonly referred to as an “Asymmetric Cryptography” system and is widely deployed in Corporate America today. A future blog will cover this in more detail.
Part one: An Introduction to Cryptography