Introduction
History
How it Works
Applications
Key Verification
Future
See Also
Those Involved
Bibliography
Glossary
References
Group Members
To Do
Encrypt Data
Q & A
Search:  

Public Key Encryption

Questions and Answers

Questions:

1. What method of encryption came before public key encryption?

2. Who invented PKE?

3. How many keys does PKE use?

4. If I encode a message using another person’s public key, can I decode it?

5. If I know someone’s public key, is there any way of calculating their private key?

6. What is the purpose of authentication?

7. Which key is used to encode the message when authenticating?

8. Who can read an authenticated message?

9. Can I encrypt and authenticate a message?

10. What is key verification?

11. Is my certificate valid forever?

12. What is TRUST?

13. What is SSH?

14. Does SSH use PKE for all data sent?

15. What is SSL and does it use PKE for all its data?

16. What is PGP?

17. What are quantum computers?

18. Why are quantum computers a threat to PKE?

19. Why should PKE not be used for persistently secret information?

 

 

 

 

 

Answers:

1. What method of encryption came before public key encryption?
Symmetric encryption, each party used the same key and encryption algorithm to encrypt and decrypt data.

2. Who invented PKE?
PKE was proposed in 1975 by Whitfield Diffie, but he did not create an algorithm for executing it. In April 1977 Rivest, Adleman and Shamir created the RSA encryption algorithm which implemented Diffie’s idea.
NSE was first proposed in 1969 by James Ellis. His idea was basically the same as PKE but he called it non-secret encryption, and the algorithm for it was implemented by Clifford Cox. Therefore James Ellis and Clifford Cox first invented PKE.

3. How many keys does PKE use?
Two. One key is your public key and can be distributed freely, it is used to encode messages sent to you. The other is your private key and only you should know this; it is used to decode messages which you receive.

4. If I encode a message using another person’s public key, can I decode it?
No. Once you have encoded a message, you cannot then decode it, even if you know what the message contains.

5. If I know someone’s public key, is there any way of calculating their private key?
It is possible to calculate someone’s private key from their public key, but the process it very time-consuming ( it could take many millennia to calculate.)

6. What is the purpose of authentication?
It allows the receiver to be relatively confident that the sender is who they claim to be.

7. Which key is used to encode the message when authenticating?
The private key is used to encode the message and the public key is used to decode the message. Therefore the receiver can deduce that the message was sent by someone with access to the private key of the person they claim to be (ie they are the person they claim to be)

8. Who can read an authenticated message?
Anyone can read an authenticated message, as the decoding is to be done using the sender’s public key (which is freely distributed).

9. Can I encrypt and authenticate a message?
A message can be encrypted and authenticated by running the message through the encryption algorithm twice. On the first pass the message is encrypted with the public key of the receiver and on the second pass the message is encrypted with the sender’s private key. Thus the message is encrypted and authenticated.

10. What is key verification?
Key verification allows you to be reasonably confident that the public key you hold, is the public key of the person you wish to communicate with (ie they are not an impostor).

11. Is my certificate valid forever?
A certificate is only valid for a certain period and after this period it cannot be relied on.

12. What is TRUST?
The Trust network is a way of “transferring” trust from one person to another. I.e. If I trust Bob and he trusts Alice then I can therefore trust Alice.

13. What is SSH?
A secure shell that transmits information over an encrypted channel.

14. Does SSH use PKE for all data sent?
PKE uses a lot of system resources and encrypting a constant stream of information would be computationally costly, therefore after a connection is setup private key encryption is used.

15. What is SSL and does it use PKE for all its data?
SSL is the most popular method for sending and receiving confidential information via websites. The information sent is usually a small amount so PKE is used for all the data sent.

16. What is PGP?
PGP is a very popular utility for encoding and decoding messages. It uses PKE and authentication.

17. What are quantum computers?
Quantum computers manipulate elemental particles of the physical world (electrons, neutrons) to perform computation.

18. Why are quantum computers a threat to PKE?
Quantum computers can perform highly mathematical calculations in a fraction of the time a “conventional” computer would take. Therefore they can quickly and easily calculate the private key given someone’s public key.

19. Why should PKE not be used for persistently secret information?
Information which could be harmful when-ever it were decoded should not be sent using PKE because the message is easily intercepted. This message could be stored and decode later.