Professional Documents
Culture Documents
Encryption Our explanation of PKE includes two keys and three people. We call them Alice, Bob and Eve. Bob wants to send Alice a message, but it contains sensitive information and he doesnt want Eve to be able to read it. Bob retrieves Alices public key and, using an algorithm, such as RSA, encodes the message. Bob then transmits it to Alice. Alice receives the message and, using her private key that only she has access to, decodes the message back into clear text and is able to read Bobs sensitive information. Unfortunately, Eve intercepted the message and wants to know what it says. Eve, thinking she is quite clever gets hold of Alices public key and tries to decode the message. Since the algorithm used to encode the message is a one way algorithm, only the second key can decrypt the message and so when Eve attempts to decrypt the message, all she gets is garbage.
Authentication Authentication works like Encryption does but in the opposite way. This time the sender encodes the message with their private key and anyone wanting to view the message can decode it with the senders public key. We will use the same actors as above to demonstrate this. So, Bob now wants to send Alice a message but it contains some important information about a critical decision he has made. Bob uses his private key and encodes the message using the encryption algorithm. He then sends this to Alice as coded text. Alice receives the message and retrieves Bobs public key and uses this to decode the message. Looking at the message she sees that everything looks ok and can now assume that since only Bob has the other key, the private key, only he could have sent it and hence she has authenticated the message is from him. If Eve tried to send a message to Alice claiming to be Bob then since she does not have Bobs private key she cannot encode the message correctly. If Alice received a message from Eve claiming to be Bob then after attempting to decode the message from Eve, Alice would find that the message is not proper text and so can safely assume that the message is not authentic and not from Bob.
With authentication though the message is readable by anyone as the only key that can decrypt the message is made public and so people intercepting the message can read it.
The methods of Encryption and Authentication can be combined to allow for a message to be sent from a single source to someone else and it can be guaranteed to be from that source and also be unreadable to anyone except the appropriate receiver. The sender must first use their private key to encode the message and then encode this coded text again using the receivers public key. When the receiver gets the message, they use their private key to unravel the first layer of encoding. They then obtain the senders public key and decode the next layer of text to reveal the decoded text and if it is readable then they can be sure that it did indeed come from the sender they thought. Since one of the keys is kept private for encrypting and one is kept private for decryption then it can be guaranteed that the message is encrypted and only one specific sender could have sent it and only one specific person could receive it and understand it.