Difference between revisions of "Pretty Good Privacy"

From Wiki | LUG@UCLA
Jump to: navigation, search
Line 32: Line 32:
'''Public-key (asymmetric) cryptography'''—
'''Public-key (asymmetric) cryptography'''—
== Links ==
* [http://www.gnupg.org/gph/en/manual.html The GNU Privacy Handbook]
* [https://en.wikipedia.org/wiki/Symmetric-key_algorithm Symmetric-key algorithm – Wikipedia]
* [https://en.wikipedia.org/wiki/Public-key_cryptography Public-key cryptography – Wikipedia]

Revision as of 10:58, 25 June 2013


Secret-key (symmetric) cryptography—Alice wants to send Bob a secret message. They both agree on a single secret password to use as an encryption/decryption key. Alice can use that key to encrypt data to send to Bob, and Bob can use that key to decrypt data received from Alice. Mathematically, a symmetric cipher is just a one-to-one function that is easily invertible—apply the function to encrypt data, or apply its inverse decrypt data. The key describes the characteristics of the function; without the key, one cannot determine the function or its inverse.

Symmetric cryptography has some disadvantages:

  • At the very beginning, when Alice and Bob initially exchanged the key, the exchange could have been transparently intercepted by a third party (assume Alice and Bob were not using a secure channel to exchange the key because that is precisely what we are trying to build!). With a stolen key, a third party can eavesdrop on Alice or Bob, and even pretend to be Alice or Bob.
  • It is unwieldy for large groups of people to communicate privately, since the number of keys is polynomial with the number of people (recall the number of edges in a complete graph of n nodes):
    # people # keys
    2 1
    3 3
    4 6
    5 10
    6 15
    n n(n-1)/2
    A series of complete graphs from n=2 to 15. Each edge represents a secret key that has been exchanged between two people (nodes).

Public-key (asymmetric) cryptography