Public Key Cryptography
Cryptography is the study of data protection through the use of codes and encryption. In its simplest form, a code is a process of sequential change of information so that it is unreadable by third parties.
The process of changing the information in a code is known as encryption, and the reverse action as decryption. The original message is known as “plain text”, while the modified message is called “encrypted text”. The information that is used to change plain text to cipher text is called a key, while the particular way in which a key changes the information is called an algorithm.
Public key cryptography represents a major innovation because it fundamentally alters the encryption and decryption process.
Instead of a single shared secret key, it suggests the use of two keys. One of them, called “private key”, remains a secret. Instead of being shared between the parties, only one party has it. Another one, called “public key”, is not a secret and can be widely shared.
These two keys, or “key pair”, are used together in encryption and decryption operations, and have a special reciprocal relation, so that each can only be used with the other key in the pair. This relation binds the keys exclusively to each other: a public key and its corresponding private key are paired and are not related to any other key.
This pairing is possible due to a special mathematical relationship between the algorithms, so that using them together achieves the same result as using a symmetric key twice.
The keys must be used together, since a private key cannot be used to undo its own operation, which always has a one-way character. In addition, the algorithms used by both keys are designed so that one cannot be used to determine the other in the pair, therefore, the private key cannot be determined from the public key, as the public key uses mathematical complexity and its one-way nature to compensate for the fact that it is known.
Because of the special relation between the private key and the public key in the key pair, it is possible for an entity (person, user, device) to use the same key pair with many other entities, instead of using a different key with each one individually.
As long as the private key remains secret, the public key can be given to any number of people and used securely. This feature represents a major advance in cryptography because it makes it substantially more useful by significantly reducing key management requirements.
Digital Signature Support
The core of Digital Signature is the ability to uniquely identify the sender of a message, where the reciprocal nature of the relationship in the public key cryptography key pair makes this possible.
Because the private key belongs to a single entity, each time it is used, it can be assumed that only its owner has used it. This way, its use behaves like a signature on a piece of paper because only its owner can do it, which confirms its authenticity.
If a particular public key is successfully used in an encryption and decryption operation, it can be assumed that the corresponding private key was used for part of the operation. Since only the key owner can use the private key, this means that just the key owner could have performed that part of the operation.
The use of a private key to establish identity shows that the entire encryption and decryption operation was successful. Performing a complete operation means that the plain text should be encrypted in cipher text with a private key and then decrypted with the corresponding public key.
To prove a complete successful encryption and decryption operation, the sender's message text must match the text received by the recipient after decryption. Both text messages must be directly compared and absolutely match, so there is a need for a control element to be used for comparison and validation.
For e-mail, the element of control and validation of the data exchange between a sender and a recipient is the message itself, because if the operation is successful, it is available on both sides.
To be used in this comparison operation, the message is converted into a hash, which is a numerical representation of the complete text. Identical message text will produce identical hash values.
By taking the hash value of the message and combining it with the private key at the time of sending, the owner of the private key proves that only he sent the message.
Combining the message with the private key is achieved by encrypting the hash value with the sender's private key, which creates the digital signature itself. Depending on how the sender's Email system is configured, the Digital Signature is either appended to the end of the message, creating a “clear-signed” message, or the result is combined with the original message in a binary attachment, creating an “opaque-signed” message, the latter primarily used for secure Email (S/MIME).
Clear-signed messages can be read by all email clients (S/MIME compliant or not), and their main disadvantage is that there is a greater chance that the mail gateways involved in the communication will alter the message and therefore invalidate the signature. In practice, this type of signature acts like an unsigned message.
Unlike clerar-signed messages, in opaque signed messages, the text and Digital Signature are treated as a single binary attachment, so they are much less likely to be altered in transit; however, only secure email clients (with S/MIME support) will be able to read the message.
The recipient, after receiving a message, can obtain the digital signature and apply the sender's public key in a decryption operation, obtaining the original hash value of the message. Then, the recipient must compare the obtained hash value with the hash value of the received message.
Because only a private key can correspond to a public key, and only the owner of the public key could use it to successfully encrypt the hash value, decrypting the hash with the public key shows that the owner of the private key has actually encrypted the hashed value.
Since the hash value is a numerical representation of the message text, its comparison proves that the sent message text matches the received text and has not been modified in transit. Combined with the fact that only the owner of the private key could have sent the message, the result is that the recipient is sure about who sent the message, which proves its authenticity and, consequently, non-repudiation.
It also shows that the message has not changed, which provides data integrity, because if the hash values do not match, the recipient knows that the message has been modified in transit or that the public key used does not match the private key used; in both cases, it is assumed that the message is invalid.
The logical sequence of digital signature with the supporting capabilities of public key cryptography can be described as follows:
- The (unsigned) message is captured.
- The hash value of the message text is calculated.
- The sender's private key is obtained.
- The hash value is encrypted with the sender's private key.
- The encrypted hash value is added to the message as a digital signature.
- The signed message is sent.
The verification sequence on the recipient’s side would be as follows:
- The signed message is received.
- The message and the digital signature containing the encrypted hash value are obtained.
- The hash value of the message text is calculated.
- The sender's public key is obtained.
- The hash value is decrypted with the sender's public key.
- The decrypted hash value is compared with the hash value of the received text. If the values match, the message is valid.
Public key cryptography provides the features that provide a digital signature with its main security services: authentication, non-repudiation and data integrity.