introduction-to-cryptography.htm

The Open–source PKI Book Version 2.4.6 Edition Copyright &copy 1999, 2000 by Symeon (Simos) Xenite

<HTML
><HEAD
><TITLE
>Introduction to Cryptography</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.55"><LINK
REL="HOME"
TITLE="The Open&#8211;source PKI Book"
HREF="ospki-book.htm"><LINK
REL="PREVIOUS"
TITLE="Purpose of this document"
HREF="this-document.htm"><LINK
REL="NEXT"
TITLE="Message Digests"
HREF="digests.htm"></HEAD
><BODY
CLASS="CHAPTER"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>The Open&#8211;source PKI Book: A guide to PKIs and Open&#8211;source Implementations</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="this-document.htm"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="digests.htm"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="CHAPTER"
><H1
><A
NAME="INTRODUCTION-TO-CRYPTOGRAPHY"
>Chapter 2. Introduction to Cryptography</A
></H1
><DIV
CLASS="TOC"
><DL
><DT
><B
>Table of Contents</B
></DT
><DT
><A
HREF="introduction-to-cryptography.htm#WHATISCRYPTO"
>Cryptographic Algorithms</A
></DT
><DT
><A
HREF="digests.htm"
>Message Digests</A
></DT
><DT
><A
HREF="signatures.htm"
>Digital Signatures</A
></DT
><DT
><A
HREF="certificates.htm"
>Certificates</A
></DT
><DT
><A
HREF="ca.htm"
>Certification Authority</A
></DT
></DL
></DIV
><P
>	Communication is an essential part of life. We can say that
	it marks the progress of human beings.
	Traditional media for communication are the sending of letters through
	the Post Office, talking over the phone through the Telecommunications
	company, or -- more commonly -- to speak directly with the other person.
	These traditional media have existed for a long period of time and 
	special provisions have been made so that people can communicate in a
	secure way, either for personal or for business communication. 
	For face&#8211;to&#8211;face communication, people can recognise
	each other's physical characteristics or they can compare hand&#8211;written
	signatures with that of official documents like an ID card.
	Mimicking all of the physical characteristics of a person is
	difficult.  People can accept with a
	high level of certainty the identity of their colleague.
	Signature forging is difficult and there are laws
	that define forging as a crime.
	The bottom line is that for each communication medium, there
	is a transitional period when specific laws and technologies are set
	in order for people to communicate securely and transparently.
  </P
><P
>	The Internet, as a network that interconnects networks of computers
	around the world, is a new communication medium that
	is substantially different from existing ones. For example, 
	on the Internet, the communicating parties do not have physical 
	contact. It is rather more difficult for one to disguise oneself
	to someone else, immitate the voice and other aspects behaviour and
	get information on prior common experiences. On&#8211;line transactions
	do not impose such barriers for illegitimate transactions.
	Additionally, on the Internet, one can automate the same type of fraud 
	bringing higher gains and a bigger incentive.
	The law and the technologies to let transparent and secure communication 
	have not been fully defined or set yet. 
  </P
><P
>        Cryptography has provided us with digital signatures that resemble
	in functionality the hand&#8211;written signatures and digital certificates
	that relate to an ID card or some other official document.
	However, in order to use these technologies, we need to 
	make the necessary provisions so that their usage is
	equally transparent and secure.
  </P
><P
>  	The Public Key Infrastructures along with the Priviledge Management 
	Infrastructure are candidates to aid this transparency and security
	of applications of the Internet. Both of these concepts are described in
	<A
HREF="pkix.htm"
>Chapter 6</A
>.
  </P
><P
>	Big parts of the following introduction to cryptography has been taken from
	the <A
HREF="http://www.ultranet.com/~fhirsch/Papers/cook/ssl_cook.html"
TARGET="_top"
>	SSLeay Certificate Cookbook</A
>, written by 
	<A
HREF="http://www.ultranet.com/~fhirsch/Papers/cook/ssl_intro.html"
TARGET="_top"
>Frederick J. Hirsch</A
>.
  </P
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="WHATISCRYPTO"
>Cryptographic Algorithms</A
></H1
><P
>	Cryptography has several differences from pure mathematics.
	One of these is that cryptography is more descriptive in 
	its textbooks.
	While a mathematician may use A and B to explain an algorithm,
	a cryptographer may use the fictious names Alice and Bob.
	Thus, in the next sections, the names Alice and Bob are not randomly
	chosen; they can be found in almost all cryptography textbooks.
  </P
><P
>	Suppose Alice wants to send a message to her bank to transfer 
	money. Alice would like the message to be private,
	since it includes information such as her account number 
	and transfer amount. One solution is to use a cryptographic
	algorithm, a technique that would transform her message into 
	an encrypted form, unreadable except by those for whom it is
	intended. When encrypted, the message can only be 
	interpreted through the use of the corresponding secret key. 
	Without the key the message is useless: good cryptographic 
	algorithms make it so difficult for intruders to decode the 
	original text that it isn't worth their effort. 
  </P
><P
>	There are two categories of cryptographic algorithms: 
	conventional and public key. 
  </P
><P
>	Conventional cryptography, also known as symmetric cryptography, 
	requires that the sender and receiver share a key: a secret piece 
	of information that is used to encrypt or decrypt a message. 
	If this key is secret, then nobody other than the sender or receiver 
	can read the message. If Alice and the bank each has a secret key, then
	they may send each other private messages. The task of privately 
	choosing a key before communicating,
	however, can be problematic. 
  </P
><P
>	Public key cryptography, also known as asymmetric cryptography, 
	solves the key exchange problem by defining an algorithm which 
	uses two keys, each of which can be used to encrypt a message. 
	If one key is used to encrypt a message, then the other must be 
	used to decrypt it. This makes it possible to receive secure messages
	by simply publishing one key (the public key) and keeping the other 
	secret (the private key). 
  </P
><P
>	Anyone may encrypt a message using the public key, but only the 
	owner of the private key is able to read it.
	In this way, Alice may send private messages to the owner of a 
	key&#8211;pair (the bank) by encrypting it using their
	public key. Only the bank can decrypt it. 
  </P
><P
>  	Examples of public&#8211;key algorithms can be found at
	<A
HREF="appendix-pkc.htm"
>Appendix C</A
>.
  </P
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="this-document.htm"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="ospki-book.htm"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="digests.htm"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Purpose of this document</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Message Digests</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>