Public Key Crypto For the Enterprise - page 2
Hiding In Plain Sight
The solution is to use an ingenious cryptographic system called public key cryptography (PKC). The fundamental part of PKC is that the encryption key is split into two separate keys--let's call them key A and key B. If you encrypt some plaintext with key A, you can't decrypt the resulting ciphertext with key A to get back to your original plaintext. To decrypt ciphertext produced using key A, you need to use key B. In fact--and this turns out to be very useful--the reverse is also true: if you encrypt some plaintext with key B, you can't decrypt it again with that key. You can only decrypt it with key A. If you encrypt a message with one key in the key pair, you can only decrypt it with the other one.
To send that message to a colleague now, all you need is their public key. There are a number of ways that you might get might get hold it, which we will look at in a future article. The important thing is that this public key doesn't have to be kept secret, so even of you called your colleague and the phone line was being tapped it wouldn't matter. Anyone overhearing the conversation and writing down the public key couldn't use it to decrypt the message that you encrypt with it.
Now remember how we mentioned earlier that your private key can also be used to encrypt a message that can only be decrypted using your public key. You may well ask what would be the point of encrypting a message if the key needed to decrypt it is publicly available.
The answer is quite surprising. Let's imagine you receive a message from your colleague, and you believe that it is encrypted with his private key. If you use their public key to decrypt the message successfully then that means that the message must indeed have been encrypted using your colleague's private key (which only your colleague has access to.) No other key could have been used to encrypt the message. So encrypting a message with a private key acts as a digital signature: If you can decrypt a message with John's public key, it must have been encrypted using John's private key, so it must have been written by John.
Using double encryption, it's possible to send an encrypted, digitally signed message to anyone who has made their public key available. Here's how:
Imagine you want to send a message to your colleague Bob at head office. First you write your message (the plaintext) and encrypt it with your private key to produce the ciphertext--a message which is effectively digitally signed as coming from you and no-one else. You then encrypt this ciphertext a second time using Bob's public key. Finally, you e-mail the resulting gobbledegook to Bob.
When Bob receives this message he decrypts it using his private key to get the ciphertext message that you encrypted with your private key. Bob then decrypts this using your public key. If he gets a message (rather than gobbledegook) he knows that the message definitely came from you (because otherwise he couldn't have decrypted it with your public key) and he knows that no one else could have read the message, because no one else has his private key.