We just love to mix things up. Well, yeah, and why not? When we get the best of both worlds, we can mix anything up. Even when it is so complex in itself like cryptography. In the last article, we learned about symmetric and asymmetric cryptography. It’s time to mix them both and explain the hybrid concept.
We need to go back and recapitulate some points before we can move forward and appreciate the hybrid concept. In symmetric cryptography, we understood that it is quite fast, however, the challenge was sharing the key between a large number of people. Everyone is required to keep the shared key as secret, and, if this gets compromised, the distribution of the key needs to be repeated again. What if we could find a way to quickly transfer this key amongst multiple people without the dangers of compromising it? Asymmetric key offers secure key distribution but uses a lot of resources when multiple people are involved. It’s also quite slow and mathematically intensive.
Hybrid cryptography’s recipe is very simple – Take the swiftness of symmetric key cryptography for encrypting bulk data and take the time-proven trustworthy aspect of asymmetric key cryptography for key distribution.
How does this work then? Alice and Bob as usual wish to communicate with each other. In this type, however, Alice wants to ensure that only Bob is able to read the message and no one else. Alice encrypts her message with a secret key, so he gets an encrypted message. She has two things now – an encrypted message + secret key. This secret key needs to be protected and distributed. For this distribution, Alice uses asymmetric key cryptography. This method has two keys – public and private. Alice will not know what is Bob’s private key, so she finds out about his public key and uses that. The public key of Bob is used to encrypt the secret key so that it can be sent across. The following diagram will help you understand this in a better manner.
When the complete package is received by Bob, he uses his private key to decipher the secret key. Once he gets the secret key, he uses it to decipher the message. Here, Alice has used asymmetric cryptography to transfer the secret key. The secret key or the symmetric key is then used to decipher the message as it is quite fast.
At this point, we need to clear some questions which may have cropped up in your mind. Why are we using 3 keys here – secret, public, and private? The secret key is the one that is used in symmetric cryptography while the public and private ones are a part of asymmetric cryptography. The next question is – Why did Alice use Bob’s public key to encrypt the secret key? She could have used her own public key or Bob’s private key. Hold your horses, let’s analyze, both of these scenarios. If she would have used her own private key, anyone with Alice’s public key would be able to get the secret key. The purpose of maintaining a secret key would have been defeated. If you have been paying close attention till now, Alice can never get hold of Bob’s private as it is the private key and no one can know about it except Bob.
I know this sounds too confusing the first time but read it, again and again, to get a hold of it. How can I let you go without answering some of the questions? Write down your answers in the comment section below:
1. If I encrypt the symmetric key with your public key, what would that help me achieve?
2. The sender’s private key is used to encrypt the symmetric key. How would that help the receiver?
3. Akshay uses his public key to encrypt a message. Is that possible?
4. Bauaa Singh uses his symmetric key to encrypt a message containing a symmetric key. Will, that work?
Comments ()