Encryption

Introduction
Encryption is the method of encoding data using some form of algorithm.

Symmetric Encryption
Symmetric encryption is a simple technique whereby the same key is used to encrypt and decrypt the message. The following trivial example shows how symmetric encryption might work. The message is converted to ASCII (numeric) codes. A key is used to convert the codes to a different value (in this case by adding 1). The encrypted message is then sent and can be decoded by the recipient assuming they have a suitable key.


 * Original Message: Good Morning
 * Code: +1 to ASCII value
 * Encrypted message: Hppe Npsojoh
 * Key to decrypt: -1

Task
Can you work out the key which has been used to encrypt this message?

Umpjb Ugbc Ucz

The problem with symmetric encryption is that the recipient requires the key. But it's not possible to send the key over the Internet because clearly it could be intercepted along with the encrypted message.

RSA Asymmetric Encryption

 * Alan uses Asymmetric Encryption to send a message to Bob
 * Bob generates a key pair, one public and one private (only Bob knows the private key). These keys are are very large random numbers.
 * Alan encrypts the message using the public key
 * Bob can decrypt the message with the private key

Note that public and private keys are related, such that:
 * only the public key can be used to encrypt messages
 * only the corresponding private key can be used to decrypt the messages
 * it is virtually impossible to guess the private key from the public key

The disadvantage of RSA is that it is complex and slow to decrypt messages asymmetrically. This is because both keys are excessively long and complicated. It is only really used by large organisations and government agencies.

This video shows...how to encrypt data in a tennis ball.

media type="youtube" key="Ex_ObHVftDg" height="390" width="640"

Pretty Good Privacy (PGP)
PGP uses a combination of symmetric and asymmetric encription.


 * PGP creates a symmetric session key which is used to encrypt the data.
 * PGP then uses an asymmetric method with the intended recipient's public key to encrypt the session key.
 * The recipient then uses PGP and their private key to decrypt the session key, which PGP then uses to decrypt the rest of the data.

Note that only the session key is encrypted asymmetrically, but the message itself is encrypted by the symmetric session key. This makes the encryption process much faster, but at the data remains extremely secure.

This video shows how easy it is to use PGP software to encrypt files for sending across the Internet.

media type="youtube" key="LkSe6IdauUY" height="390" width="480"

Task
In your own words, describe RSA and PGP encryption

Further Reading / Homework
Read this site on encryption from [|How Stuff Works] Now describe the following terms in your own words:
 * Cipher
 * Symmetric-key encryption
 * Public-key (or asymmetric-key) encryption
 * Digital certificate
 * SSL