Notices
Results 1 to 12 of 12

Thread: Asymmetric encryption - e.g. https:

  1. #1 Asymmetric encryption - e.g. https: 
    Forum Junior
    Join Date
    Sep 2011
    Location
    Manchester, UK
    Posts
    236
    By asymmetric encryption, I mean any encryption method which uses both private and public encryption keys.
    Simply from curiosity, I have often wondered how https: (perhaps, the most common form of asymmetric encryption) works. For example, if Bank.com uses https: encryption, is the web page that it sends to your computer encrypted or not? If it is, then presumably it is encrypted by the private key used by Bank.com and decrypted using the public key which would be on your computer. I can't see any reason why it should be encrypted - but I don't know.
    However, there appears to be some confusion as to whether or not public keys allow decryption.
    For example, I have found the following two statements relating to asymmetric encryption.
    From Wisegeek:
    "This software uses two keys, known as a key pair. One is the public key, and can be freely shared or given to anyone because its only job is to encrypt."
    Message - public keys don't decrypt.
    From Microsoft:
    " Any message that is encrypted by using the private key can only be decrypted by using the matching public key."
    Message - public keys do decrypt!
    So, to add to the first question, can public keys decrypt, or can't they?


    Last edited by JonG; May 15th, 2014 at 02:38 PM.
    Reply With Quote  
     

  2.  
     

  3. #2  
    Forum Junior
    Join Date
    Sep 2011
    Location
    Manchester, UK
    Posts
    236
    Please ignore - I will have to figure out how to break that up into readable paragraphs. Apologies.


    Reply With Quote  
     

  4. #3  
    Forum Radioactive Isotope MagiMaster's Avatar
    Join Date
    Jul 2006
    Posts
    3,440
    Asymmetric key encryption (also called public key encryption) is accomplished by having the functions f(x) and g(x) such that:
    - f(g(x)) = x [So you encrypt with one and decrypt with the other]
    - given f (or g) it is very difficult to compute g (or f) [So it's computationally hard to break]

    You then hand out the function g freely. Then anyone that wants to send you a message can encrypt it, give you g(message) and you can then use f to get the message back. Anyone else that looks a g(message) won't be able to read it.

    Now, if g(f(x)) also equals x then either function can encrypt or decrypt (but you still don't want to give out f). In that case you can use the same set of keys to digitally sign something. To do that, you encrypt your message with your private key, f(message). Since anyone can get your public key, anyone can decrypt the message, but since only your public key can do that, only you could have encrypted it in the first place. If g(f(x)) isn't x, you'll need a second set of keys to do this (and then give out f' instead of g').

    For RSA encryption, the most common public-key system right now, the functions are simply raising the (numerical) message to large powers. By carefully choosing the powers you can make f and g work like you want. And in this case g(f(x)) also works, so yes, you can encrypt with your public or private key depending on what you want to do.
    Reply With Quote  
     

  5. #4  
    Forum Junior
    Join Date
    Sep 2011
    Location
    Manchester, UK
    Posts
    236
    Getting back to https: - if I am using an online banking site, I would expect that the web page that I type into would be encrypted using the public key before being sent back to the bank. However, when the web page is in transit from the bank's server to my browser, will it be encrypted then? This is the thing that puzzles me. If it is encrypted, then the public key would have to be used for decryption - contrary to what is implied by the Wisegeek comment above.
    Reply With Quote  
     

  6. #5  
    Forum Ph.D.
    Join Date
    Mar 2014
    Posts
    940
    Quote Originally Posted by JonG View Post
    contrary to what is implied by the Wisegeek comment above.
    Wow, that member spent the time to enter a response and that's how you treat him?
    Reply With Quote  
     

  7. #6  
    Forum Junior
    Join Date
    Sep 2011
    Location
    Manchester, UK
    Posts
    236
    Quote Originally Posted by Chucknorium View Post
    Quote Originally Posted by JonG View Post
    contrary to what is implied by the Wisegeek comment above.
    Wow, that member spent the time to enter a response and that's how you treat him?
    Sorry _ I don't understand what you are saying. "Wisegeek" is a website, not a member. I referred to it my original post. Please look here: wiseGEEK: clear answers for common questions
    Reply With Quote  
     

  8. #7  
    Forum Ph.D.
    Join Date
    Mar 2014
    Posts
    940
    Quote Originally Posted by JonG View Post
    Quote Originally Posted by Chucknorium View Post
    Quote Originally Posted by JonG View Post
    contrary to what is implied by the Wisegeek comment above.
    Wow, that member spent the time to enter a response and that's how you treat him?
    Sorry _ I don't understand what you are saying. "Wisegeek" is a website, not a member. I referred to it my original post.
    My fault then. I thought you were deriding the poster MagiMaster. Just forget what I posted. Sorry.

    I wish I could help with your questions. It's an interesting subject though.
    Reply With Quote  
     

  9. #8  
    Forum Radioactive Isotope MagiMaster's Avatar
    Join Date
    Jul 2006
    Posts
    3,440
    I dunno, Wise Geek doesn't sound like a terrible thing to be called, to me, but anyway.

    As I mentioned, RSA encryption in particular can encrypt or decrypt with either key depending on what you want to do. For an asymmetric key system where that wasn't possible, you'd just have to double the number of keys you keep (one private encrypt, one private decrypt, one public encrypt, one public decrypt).

    For secure communications, both parties have their own private and public keys. So you encrypt your message to the bank with your private key and their public key and then they decrypt it with your public key and their private key. So no one else can read or spoof the messages. Of course, RSA encryption is pretty slow, so what often happens is that you use it to securely exchange details for a faster symmetric key system.
    Reply With Quote  
     

  10. #9  
    Forum Professor river_rat's Avatar
    Join Date
    Jun 2006
    Location
    South Africa
    Posts
    1,497
    An extra note - Asymmetrical encryption is usually used to pass the secret key for a symmetric cipher (like CBC-MAC) and then that cipher is used for communication. Its all a question of performance, asymmetric encryption tends to be really really slow.
    As is often the case with technical subjects we are presented with an unfortunate choice: an explanation that is accurate but incomprehensible, or comprehensible but wrong.
    Reply With Quote  
     

  11. #10  
    Forum Junior
    Join Date
    Sep 2011
    Location
    Manchester, UK
    Posts
    236
    Quote Originally Posted by MagiMaster View Post
    For secure communications, both parties have their own private and public keys. So you encrypt your message to the bank with your private key and their public key and then they decrypt it with your public key and their private key. So no one else can read or spoof the messages. Of course, RSA encryption is pretty slow, so what often happens is that you use it to securely exchange details for a faster symmetric key system.
    That sounds reasonable, but it is the first time I have seen that put forward as an explanation, and I have looked around on the internet.
    Reply With Quote  
     

  12. #11  
    Forum Professor river_rat's Avatar
    Join Date
    Jun 2006
    Location
    South Africa
    Posts
    1,497
    Quote Originally Posted by JonG View Post
    That sounds reasonable, but it is the first time I have seen that put forward as an explanation, and I have looked around on the internet.
    The use of symmetric encryption for the actual message flow or the use of two key pairs for communication in asymmetric encryption? The first is part of the SSL/TLS standard that HTTPs is built on. The second is part of the standard protocol, its what makes the system asymmetrical
    As is often the case with technical subjects we are presented with an unfortunate choice: an explanation that is accurate but incomprehensible, or comprehensible but wrong.
    Reply With Quote  
     

  13. #12  
    Forum Junior
    Join Date
    Sep 2011
    Location
    Manchester, UK
    Posts
    236
    Quote Originally Posted by river_rat View Post
    The use of symmetric encryption for the actual message flow or the use of two key pairs for communication in asymmetric encryption? The first is part of the SSL/TLS standard that HTTPs is built on. The second is part of the standard protocol, its what makes the system asymmetrical
    I was actually referring to two asymmetric key pairs. However, I understand little about these matters and I am looking at them simply from curiosity. (Please be aware that my understanding of encryption appears to be some way below yours. )
    Reply With Quote  
     

Similar Threads

  1. Quantum Computing - The end of modern day encryption/hashing?
    By ScienceNoob in forum Computer Science
    Replies: 4
    Last Post: March 23rd, 2014, 05:45 AM
  2. What Inteeligence Service is doing with unbreakable encryption?
    By Stanley514 in forum Criminology and Forensic Science
    Replies: 10
    Last Post: December 14th, 2012, 12:48 PM
  3. Quantum Encryption
    By JohnWB07 in forum Computer Science
    Replies: 1
    Last Post: July 29th, 2005, 02:33 PM
Bookmarks
Bookmarks
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •