What Is Cryptography?
In this section we will give you a brief description of what cryptography is, the
basic terminology, etc. and explain how iSafeguard™ works.
Cryptography is the science of mathematical manipulation of data for the
purpose of securing the data so that the information is hidden from any one for
whom it is not intended, even those who can see the manipulated data.
Data in its original form is known as plaintext or cleartext. The
manipulated data is known as ciphertext. The process for producing ciphertext
from plaintext is called encryption or encipher. The process for producing
plaintext from ciphertext is called decryption or decipher.
Now that you know the basic terminology let's look at an example.
Shared Secret Cryptography
Let's assume that you have a very important message you want to send to your best
friend, Bob, "Hello, Bob, how are you doing?" You want to send it securely; even
people who intercept the message won't be able to read it. So you figured out an
algorithm to encrypt the message. Here are the algorithm details: you replace letter
"A" with letter "D", letter "B" with letter "E" and so on, the whole encryption
table looks like this:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
After encrypting, your message reads like this "Khoor, Ere, krz duh brx grlqj?"
You tell Bob the secret and Bob can read the message. Of course you must find a
way to tell Bob the secret securely; otherwise anyone who knows the secret can read
your message. This is a very simple encryption and decryption algorithm (known as
Caesar Cipher). You can imagine how important it is to keep the secret.
Since the same key is used for encryption and decryption in shared secret cryptography
it is also known as symmetric cryptography and the key is called symmetric
Public Key Cryptography
In contrast, public key cryptography doesn't count on this shared secret to communicate
securely. You create an encryption key and a decryption key. When a message is encrypted
using your encryption key, it can only be decrypted using your decryption
key. You make your encryption key public (thus public key), list it in the directory,
email it to other people, whatever. But you must keep your decryption key private
(thus private key). The decryption key (or private key) should never leave your
If someone, say, Bob, wants to send you a secret message he can use your encryption
key to encrypt his message, only you, with your decryption key, can decrypt the
message. There is no shared secret between you and Bob to allow you to communicate
securely. This is the key advantage of public key cryptography.
Since you now understand that an encryption key is a public key, a decryption key
is a private key, we will use the terms public key and private key
when we mean encryption key and decryption key from now on. The public key and private
key are related - they are a pair, called key pair. When we say a key pair
we mean a public key and the related private key.
Since different keys are used for encryption and decryption in public key cryptography
it is also known as asymmetric cryptography.
Note: Since a private key is always
stored with the corresponding public key we sometimes use private key and key pair
interchangeably if that does not cause confusion.
Modern Cryptographic Algorithms
The above discussion about shared secret cryptography and public key cryptography
is overly simplified - but it does give you the ideas. In modern cryptography much
more complex systems are used.
The following lists some of the algorithms commonly used in industry and government:
- RC4 - symmetric algorithm
- RC2 - symmetric algorithm
- DES - symmetric algorithm
- 3DES - symmetric algorithm
- AES - symmetric algorithm
- MD5 - hash algorithm
- SHA1 - hash algorithm
- RSA - public key algorithm
Public key system has great advantage over shared secret key system because it solves
the key distribution problem - a key issue in shared secret cryptography. However
public key algorithm such as RSA is very slow while shared secret algorithms are
much faster. Therefore in real cryptosystems they are used together.
Encryption: How iSafeguard™ Works
iSafeguard™ is a hybrid cryptosystem. It takes advantages of both shared secret
and public key algorithms. Here is how it works.
When encrypting a random symmetric key is generated to encrypt the message. Then
the intended recipients' public keys are used to encrypt the random symmetric key.
Finally the encrypted random symmetric key and the encrypted message are sent to
When decrypting one of the recipients' private key is used to decrypt the random
symmetric key. And then the random symmetric key is used to decrypt the message.
iSafeguard™ supports three symmetric algorithms RC2, RC4, 3DES, two hash algorithms
MD5 and SHA1, and one public key algorithm RSA.