Public key cryptography has been around for a long time. Whitfield Diffie and Martin Hellman invented it in 1976. It sometimes goes by the name Diffie-Hellman encryption as well as symmetric encryption as it uses to keys instead of one (this is called symmetric encryption).
Cryptography uses two kinds of encryptions: A public key which is known to everyone and a private key, which is just known by the recipient of a message. An example of cryptography in motion: imagine you want to send a secure message to your colleague. You use your colleague’s public key to encrypt the message and then your colleague uses their private key to decrypt it.When learning about key systems, it is important to know that in a public key system, the public and the private keys are related in such a way that that only the public key can be used to encrypt messages and only the corresponding private key can be used to decrypt them. In addition, if you know the public key it is very difficult to decide the private key.There are a variety of public key systems that are very secure, easy to use and able to transmit information via the Internet. One of these is called the Pretty Good Privacy (PGP) system. The one drawback with public key systems is that you need to know the recipients public key to encrypt a message for them.These keys are generated using algorithms called a cryptosystem and involves lengthy computations. Two popular public key systems are:RSA: Users create and then publish a public key based on two large prime numbers with an auxiliary value. The numbers must be kept secret and anyone can use the public key for message encryption.Digital Signature Algorithm (DSA): generates keys in two phases. The first is a choice of algorithm parameters which may be shared between different users of a system. The second phase computes public and private keys for a single user.In today’s modern workplace where information is transmitted across oceans and continents, cryptography works with the following objectives in mind:
- Confidentiality: The information can only be understood by the intended recipient
- Integrity: the information cannot be altered in transit between sender and recipient without the change being detected.
- Non repudiation: neither the sender nor the recipient can later deny his or her intentions regarding the transmission of information.
- Authentication: both the sender and receiver can confirm the source of the information
Knowledge of cryptography is integral for today’s IT security professional as it safeguards the integrity of important information. There are many free resources available to learn about this important field. Want to learn more about the key points of cryptography?
Click here for the complete Cryptography online class