Message cryptography can be approach by using a symmetric or an asymmetric encryption model.
This are quite different and complementary approaches, in the first one there is a single key that allows to encrypt and decrypt the data in the message to be encrypted.
On the second method there two different keys: a public key and private key. Data encrypted with a private key can be decrypted with any public key. On the other hand data encrypted with a public key can only be decrypted with a private key which is unique.
Symmetric cryptography
- There is a single key cypher that is shared between all sender and receivers (or for what it matters shared among server and client).
- The same key cypher is used to encrypt and decrypt the messages.
- This approach is used to do the actual data exchange on a client server model as it allows better performance.
Asymmetric cryptography
- A message cyphered using a public key and can only be deciphered and read by the owner of a private key
- A message cyphered using a private key can be deciphered and read by anyone with a public key
- Public keys are distribute to everyone to whom we want to establish an encrypted communication channel - these would be the clients
- Private keys are held only by one entity - normally the server
- Certificates are based on a model of asymmetric key - a private and a public key
- Asymmetric is slower and normally used for Authentication and Key exchange
- It is computationally infeasible to compute the private key based on the public key.
- A sender with a single private key can communicate to various recipients
- Anyone owning a public certificate that intercepts the message!! -> Man in the middle attack -> Hence the use of certificates to be discussed in next blog entry.
