The words encryption and decryption
are familiar to us. You have countered these words in your in digital field as
well as in daily life. What is encryption and why do we need it?
Let’s find.
How does our message travels through
internet?
A local internet service provider communicates with a regional
service provider along with network service provider and at last destination. We
know that the data transfer takes place in form of packets and it can take any route to
reach destination via router. Normally we thought ISP and NSP don’t track us. When
we connect our smart phone with public Wi-Fi or restaurant hotspot, we need to
keep security in mind. The agency/person who installed the Wi-Fi cannot know
that what we are accessing. Many of you have noticed the words HTTP or HTTPS in
URL which you are accessing, these are protocols for internet communication. The
letter ‘s’ in HTTPS represents communication is secured. Access point providers
can only access the site. They cannot use our logins or the webpage which we
are accessing. All these are connections are encrypted. In the cellular
communication data is encrypted between communication tower and mobile phone.
 |
| Encryption & Decryption |
Let understand how this important encryption is done?
Encryption is a process to
convert plaintext into cipher text. For example word ‘HELLO’ in ASCII code
will be 072 069 076 076 079 (Message) and its encryption can be done by adding
+1 to the code which will result in 073 070 077 077 080 (Encrypted Message). Here +1
is called as encryption key. Only the receiver who knows the key can decrypt the
message by -1 to 072 069 076 076 079 (Decrypted Message). An intruder cannot
decrypt the message. It can be understood as a confidential message locked in a
briefcase and only the person who has key can access the briefcase. A responsible
‘key distribution center’ takes responsibility to transfer key from center to
receiver and if the receiver uses same key to access data the encryption is
called symmetrical encryption and if opening key is different from locking the
key the encryption will be called asymmetrical key. What happens if key has stolen?
Let design an intelligent locking system to solve the issue.
In intelligent system every user
will have two keys and the users will submit one key to the key distribution
center means these keys are available in public and let name it as ‘public key’,
and the second key which is held by users are kept private and no one shares
and we called it private key. Interesting part of this intelligent system is a
lock. This lock can be locked with any public key and the same key cannot open
the lock, to unlock the lock you will need use private key corresponding to
lock. Private or public key of other users cannot unlock. With this system data
is transfer is highly secured.
Let see how data transfer is safe?
Suppose your friend wants to send
you some confidential documents. He will demand your public key from key
distribution center and will lock the briefcase with your public key, when the briefcase
will sent to you only you can open the briefcase with the private key you have.
You can relate this example with digital
communication, here the message ‘hello’ is encrypted with your public key and
only the private key of you will decrypt
the message ‘hello’.
 |
| Security |
Let take a look at peculiar properties of this lock.
We have already seen that this
lock is locked with a public key and opened with corresponding private key. In this
digital world relation between used keys should be kept in mind otherwise
algorithm will not do anything at all. The secure connection between these keys
is prime numbers. Public and private keys are obtained by product of two prime
numbers. These example is only representative. In real world prime numbers are
not used to generate these keys. A popular algorithm used in generation of
Public/Private key is RSA (Rivest-Shamir-Adleman). How RSA uses two prime numbers
to generate public and private key. Look below.
Public key generation
Let us take prime numbers be p=3
and q=11
Product n = pq = 33
Euler Totient Function = (p-1) x
(q-1) = 2 x 10 = 20 = φ(n)
Choose an encryption key e, such that
gcd(e, φ(n))=1 gcd (3,20)=1
Public
Key = 3
Private
key generation
Such that ( 3 x d) modulus 20 = 1
3xd = minimum (21)
d = 21/3 = 7
Private
key = 7
Let take prime numbers p = 3 and q = 11 to encrypt
and decrypt ‘H’
ASCII for H is 104.
Encryption
Cipher text = (104)3 mod 33
= (104 x104 x 104) mod 33
= (5 x 5 x 5 ) mod 33
= (125) mod 33
= 26 (Encrypted)
Decryption
= (26)7 mod 33
= (26 x 26 x 26 x26 x 26 x 26 x 26)
mod 33
= ( -7 x -7 x -7 x -7 x -7 x-7 x -7)
mod 33
= ( 49 x 49 x 49 x – 7 ) mod 33
= (-17 x-17 x 17 x -7) mod 33
= ( 289 x 119 ) mod 33
= (-8 x -13) mod 33
= 104 (Decrypted message)
The detailed explanation to the above algorithm
is beyond this article.
Why we use only prime numbers and why not other numbers?
The process of finding the factors of
any number is called factorization. A hacker always tries to factorize present
numbers in encryption, he can succeed to get private key. When prime numbers
are not included to encrypt, factorization method works very fast and if prime
numbers are used the method is slow especially when prime number used are
greater. By this method hacker will try to steal your private key using RSA
method.
Asymmetric encryption has replaced
symmetric encryption method. The problem with asymmetric encryption is that it
is computationally intensive. RSA will stop hacking only if prime numbers used
are very large, means if we directly use RSA, time taken to data transfer will
be large. To overcome this problem a smart solution is taken in use called
Advance Encryption Standard. In using private and public key cryptography one
key is exchanged in form of message this key is called session key and this key
will be a symmetric key. By using this symmetric key, two parties can exchange
data without any further key transfer. Session is updated on basis of communication
protocols.
For example in whatsApp for every
message there is a new session key. In https it is valid only for a session. Key
size for private and public key is 2048 Bits and it takes great time in comparison
with asymmetric and symmetric system which uses key size about 256 bits. Message
encrypted by 256 bits are more secure than 2048 bits keys and these are less
computationally intensive.
Public private key system also
establishes an authenticated communication
0 Comments