On 30 Dec 2004, at 5:58 pm, Charles Yeomans wrote:
As I recall, PGP uses a symmetric algorithm for encryption -- CAST or
IDEA or something -- and uses public key encryption for the symmetric
key.
That's right. Until Diffie-Hellmann and RSA all ciphers were symmetric
- that is, the same key is used both to encrypt and decrypt the
message. The problem with any symmetric cipher is how you ensure that
only the sender and recipient know the key. That is why asymmetric
ciphers are so clever - by using the appropriate trapdoor functions
they ensure that although it is easy to get the public part of the key
from the private part, the reverse is infeasible. In the case of RSA,
finding the private key from the public key amounts to finding the
prime factors of huge numbers.
It was Phil Zimmerman (who wrote PGP) who had the insight that while
RSA was computationally intensive and so a little heavyweight for
encrypting an entire message, it was a very good way of encrypting a
short piece of text like a key. So in PGP the message itself is
encrypted using a symmetric cipher like IDEA, and the key used for that
encryption is itself encrypted using RSA. RSA is being used only to
solve the key-sharing problem rather than the encryption of the
message. Many people do not realise that the actual cryptographic
security of a message apparently encrypted with good strong RSA is only
as good as the algorithm used to encrypt the message, which is
therefore still susceptible to being cracked if that algorithm has
flaws.
Regards,
Ian.
--
Dr Ian M Piper
ianpiper at mac dot com
--
Where is the wisdom we have lost in knowledge?
Where is the knowledge we have lost in information?
_______________________________________________
Unsubscribe or switch delivery mode:
<http://www.realsoftware.com/support/listmanager/>
Search the archives of this list here:
<http://support.realsoftware.com/listarchives/lists.html>
|