Suppose we wanted to have a conversation in complete, guaranteed privacy. You and I aren't within whispering distance. Instead we're communicating online, a public forum. Cryptographers call this an insecure channel.
Suppose also that we trust each other enough not to leak details of the conversation, whether accidental or not, to a third party without permission. We would have two options:
- arrange to meet somewhere we both trust is totally private
- use cryptography
Scenario 1 is tricky to guarantee if we're making arrangements over insecure channels (e.g. phone or email). Somebody could tail us or bug the meeting location. The other option is to use cryptography.
Cryptography isn't magic--it's just math. Don't worry, though. We don't need to know exactly how the math works to understand what it depends on and what it can do.
You may have cracked small substitution ciphers when you were a kid. These are the puzzles where each letter of the alphabet decodes to some other letter, and you have to work out the hidden message by finding the substitution mapping. Common tactics include substituting the most frequent letters in the code with the most common letters in English. The mapping between encoded and decoded letters is known as the cipher's key.
Your knowledge of the key gives you two powers:
- to decrypt anything that was ever encrypted with that key
- to encrypt whatever you want
If anyone else knows this key, they too have the same powers.
Pretend for a moment that substitution ciphers aren't very easy to crack. If it helps, there are similar ciphers that are much more difficult to crack. You create a key, and encrypt the message you want to send me. Now you can send me that message over Facebook, Twitter, email, phone or any other insecure channel and know that anyone else who sees it can't decrypt it because they don't have the key. One problem, though: I don't have the key either, so I can't decrypt it.
A Loud Whisper
How do we establish a secure line of communication over an insecure channel? If we both need to know the same key, while ensuring nobody else knows that key...well, we're back where we started trying to send a secure message over an insecure channel. But all is not lost.
Substitution ciphers and the like are known as symmetric ciphers, which just means there's exactly one key, and with it comes the power to both decrypt and encrypt. As you might have guessed, there's another category of ciphers called asymmetric ciphers, and they can fix our problem. Rather than both of us encrypting and decrypting messages using the exact same key (symmetric), we'll do it using different keys (asymmetric).
You want to use an asymmetric cipher to send me an encrypted message over an insecure channel. Let's walk through the steps:
- You obtain a copy of my public key from a trustworthy source.
- You encrypt the message using my public key.
- You send me the encrypted message over an insecure channel.
- I decrypt the message using my private key.
Anyone with access to my private key can decrypt the message you sent me. Everyone else can see the encrypted message, but can't make sense of it. Astonishingly, that's true even if they have access to the public key you used. The math makes it really computationally expensive to reverse the encryption process if all that's known is the public key and the message. Anyone can mix them together, but you need the special secret wedge to pry them apart. My friend Jackson put it well:
Sounds like a house key turning a lock to lock a house, but when locked, something else falls into place so it can't be unlocked with that key.
Exactly. The only way to unlock the door is to use a special unlock key. By design, nobody has the time or resources to reconstruct the unlock key, even if they have unrestricted access to both the lock and the lock key. The security of your message, and other encrypted messages people send to me using the same public key, depends on my ability to keep my private key private.
Okay, now I want to send you a secure message over an insecure channel. We'd do the same thing, but with your keys instead. I encrypt the message using your public key, and you decrypt it using your private key. My public and private keys play no role in encrypting secrets sent to you (or anyone else, for that matter).
There's at least few issues we haven't resolved yet:
- How do each of us create our own public and private keys?
- Where do we publish our public keys?
- What prevents somebody from changing my published public key to their own, so messages intended for me are visible to them instead?
There are good answers, but I'll save those for a follow-up post. We've already covered a lot of ground. Reach out to me on Twitter at @mekajfire if you have any other questions.