We discussed a lot about the security application of public key encryption, how it realizes encryption and authentication. It plays a role in SSL, code signing, email and document signing, and personal identity verification. What we don't often talk about is the historical significance of public key encryption.
Today, we will discuss the difference between private key encryption and public key encryption, the historical significance of the latter, and how they combine to make SSL/TLS and similar encryption systems possible. Not much to say, let's get started.
What is private key encryption?Throughout history, there are countless examples of private key cryptography, dating back to around 1900 BC. In private key cryptography, both parties must hold a matching private key (or exchange the private key during transmission), and they can use the private key to encrypt the plaintext and then decrypt it. Famous examples are Caesar's Code, Mysterious Machine and Louis XIV's Big Code.
However, private key encryption has a major inherent flaw. Today, we call it key distribution. For 99.9% of people, this is an afterthought. But historically, key distribution is a big problem.
Think about it, both parties must have a physical key. If there is any distance between the two parties, you must entrust a courier to carry the private key or go there in person for the transaction. If the key falls into the wrong hands, it may go bankrupt. In the past, people fell a lot because of this type of private key problem.
Even in the digital age, private key encryption itself is struggling with key distribution. How do you know that you can send the private key (called the session key in SSL/TLS) to the correct recipient without an authentication mechanism?
Invention of Public Key Encryption TechnologyThe invention of public key encryption has actually made two major advances. In 1970, a cryptographer named JamesEllis worked at the British Government Communications Headquarters (GCHQ). He theoretically proposed a public key encryption system, but did not know how to implement it at the time. Three years later, in 1973, CliffordCocks came up with a practical implementation method, which was proposed together with RSA (in 1977 Ron Rivest, Adi Shamir and Leonard Adleman).
It was first announced in the United States in July 1987, when all three of them were working internships at the Massachusetts Institute of Technology. RSA is made up of the initial letters of their last names. Currently the most influential and most commonly used public key encryption algorithm, it can resist the vast majority of cryptographic attacks known so far, and has been recommended by ISO as a public key data encryption standard. ) Roughly equivalent algorithms are mixed together. The third person, the mathematician Malcolm Williamson, developed a key exchange system equivalent to the Diffie Helman key exchange.
This information was also passed to the National Security Agency, but neither organization understood its importance, and due to the nature of computers at the time, this technology was considered impractical and more like an interesting idea. experiment. It was declassified in 1997 for 27 years.
As far as we know, it has never been used by any party. Therefore, in 1976, the public key cipher was discovered again, this time jointly named by Whitfield Diffie and Martin Hellman.
A year later, RSA creators Ron Rivest, Adi Shamir, and Leonard Adleman are completing their work at MIT.
What is a public key password?Diffie-Helman key exchange and RSA are asymmetric encryption systems. So far, encryption has been symmetrical, and both parties can use the same private key for encryption and decryption. As we have already discussed, this creates a variety of problems for people.
As can be seen from the term "key exchange", the creators of these systems are already considering correcting a long-standing problem: key distribution.
Public key encryption uses a pair of keys. They are the public key that can be encrypted and the private key that can be decrypted. With public key encryption, communication can only go one way, so it is called "asymmetric". The idea is that the authorized party holds the private key, and the public key is the public key.
The private key in public key encryption is still as valuable as ever, so additional consideration must be given to how to ensure the security of the private key. But in the hands of bad guys, the public key is absolutely worthless. There is no risk of the public key being stolen. So how does public key encryption solve the private key problem?
By enabling more secure symmetric encryption.
Public key encryption is a key exchange mechanismObviously, the one-way nature of public key encryption makes it a special choice for communication. But this is not the real purpose. It is both an authentication mechanism and an encryption mechanism. This is to encrypt the information and ensure that it arrives at the correct location. One of the best encryption methods is the private key.
This is what you see in SSL/TLS. In a short moment, the client generates a symmetric session (private) key, encrypts it, and sends it to the server. If the server has the private key, it will decrypt the session key, and the client and server can start communicating using the symmetric key.
This also helps to authenticate the server, because without the correct private key, the server cannot decrypt the client's message.
Public key cryptography is a brilliant breakthrough, laying the foundation for the SSL/TLS protocol we use today. So far, even the most advanced encryption systems can only be as secure as their private keys. The same is true for public key encryption. However, as a key exchange mechanism, public key encryption eliminates a large number of attack vectors.
Due to its one-way nature, the private key used for public key encryption can be more robust. The strong symmetric private key is 256 bits. This is still a sufficient security measure. But it pales in comparison with the 2048-bit RSA private key. This makes it a better key distribution mechanism.
How does public key encryption work in SSL?In SSL, public key encryption facilitates authentication and key exchange. To explain this, I will use the TLS1.3 model, because this is where we are going. In early TLS versions, this was a bit complicated.
Let's start with ciphers and cipher suites. The password is the algorithm used for encryption. A cipher suite is a group of algorithms jointly used by the SSL/TLS protocol. Every server and every browser is configured to support certain cipher suites.
Traditionally, the cipher suite is composed of: key exchange/authentication algorithm _WITH_S.
TLS 1.3 combines encryption and authentication algorithms with associated data (Aead) algorithms. When the user (client) arrives at the website (server), it sends a ClientHello message containing a list of supported cipher suites sorted by preference. It also guesses which encryption algorithm will be used and sends the session key. All of these are encrypted using the server's public key.
The server uses its private key to decrypt the ClientHello message, and then returns the server Hello message and its certificate, the selected cipher suite, and the key. After receiving the server-Hello, the client and server begin to communicate using the symmetric encryption key they exchanged.
Now the quick message of the session key is often replaced. In some cases, it is not uncommon to use a different session key for each message. However, this is impossible to achieve without the ability to handle key distribution securely. This is also the historical significance of public key cryptography.
Plug-In Connecting Terminals,Insulated Spade Terminals,Cable Connector Double Spade Terminals,Vinyl-Insulated Locking Spade Terminals
Taixing Longyi Terminals Co.,Ltd. , https://www.lycopperterminals.com