Differences between current version and predecessor to the previous major change of PublicKeyAuthentication.
Other diffs: Previous Revision, Previous Author, or view the Annotated Edit History
Newer page: | version 9 | Last edited on Friday, July 7, 2006 6:39:18 am | by AristotlePagaltzis | |
Older page: | version 2 | Last edited on Sunday, August 10, 2003 9:35:29 pm | by zcat(1) | Revert |
@@ -1,18 +1,14 @@
-Public key
authentication works like this: I create a 'keypair'
, a public and a private key. Anything
that is encrypted with my public key can
only be decrypted with my private key
[1
].
+In conventional password
authentication, you prove you are who you claim to be by proving
that you know the correct password. The
only way to prove you know the password is to tell the server what you think the password is. This means that if the server has been hacked, or spoofed (another machine takes the
[IP
], for example), an attacker can learn your password
.
-So
, I keep my private
key private
and give everyone my
public key. Then
, for example
, if you want to email me in
private, you encrypt your email to me with my
public key; that way only I
can decode it
.
+PublicKeyAuthentication works differently. It uses key pairs
, of which one
key is public
and the other must remain private. Anything encrypted with one key can only be decrypted with the other (See PublicKeyEncryption for a fuller description). Others need the
public key to send messages to the owner of the private
key. After they encrypt their message
, only the recipient can reconstruct it. In the same way
, only a message encrypted using the
private key of a key pair
, and therefor by extension the pair's owner, can be decrypted by the
public key. Thus, everyone
can verify whether the message really originated from him
.
-Every time I
send my password
over the
network, I open myself to risk that I'm going to have it stolen
.
Instead of this you generate a key pair on
your own computer, and you copy the public key
to the server. Then, when the server wants
you to prove who you are
, it sends you a block of random data and asks you to sign it. Then
it checks that you generated a valid signature. The server had
your public key, and knows what it sent you
. Only a
person with the matching private key could correctly sign
the data, and any future logins will
be given a different chunk
of data to sign
. You'll
usually get the server to validate
itself the same way.
-Now if
the server
is hacked or spoofed
, the attacker does
not gain
your private key or password; they only gain a few signed blocks of random data
which will
never be used again
.
+PublicKeyAuthentication exploits this to avoid having to
send passwords
over a
network. Instead,
your PublicKey is copied
to the machines
you want access
to. When a machine needs to verify your identity
, it sends you a block of random data and asks you to sign it, then
it checks whether it can be decrypted with
your PublicKey
. Because only the
person with the matching PrivateKey can generate valid encrypted replies,
the machine can then
be certain
of your identity
. The machine
usually identifies
itself the same way. Should
the machine be compromised, it
is still impossible for an attacker to pretend to be you
, because they can grab your public but
not your private key,
which was
never transmitted
.
+Some well-known applications of PublicKeyAuthentication include [PGP] or [GPG] (for signing and encryption email and files), [SSH] for securely logging in to remote machines, and [SSL] for secure connections such as for internet banking.
+The way PublicKeyAuthentication magic works is clever math. In a lot of situations going one way is easy (like multiplying together two large prime numbers <i>a ยท b = c</i>) but reversing the operation is much harder (finding the two prime factors of the number we just generated). In another class of algorithms, a parameter c is used to mangle data using a function that appears to be one way and doesn't even allow recostructing the original message with knowledge of c. However, there are correlated parameters a and b (that are kept secret) which make it possible to reconstruct the message using a different function.
-[1] Don't ask why at this point
, its about large prime numbers
[2
]; just take it
as read that it
is in fact
the case
.
+The maths involved is still complicated
, [CPU
] intensive, and not
as secure as conventional cryptography. In practice, therefore, PublicKeyAuthentication
is used to transfer the key for a conventional symmetric cryptographic algorithm used to encrypt
the actual message sent
.
-[2] Actually it's about "one way trapdoor" functions.
-
-There's a lot
of situations in maths where going one way is easy (like multiplying together two large prime numbers a x b = c) but going the other way is much harder (finding the two prime factors of the number we just generated.)
-
-Then there's another class of functions; there's a formula that involves a number based on 'c' that people can use to mangle data. These functions also appear to be 'one way' and you can't get back the original data even if you know what 'c' was, unless you happen to know what 'a' and 'b' were, in which case there's another formula you can use to figure out what the original data was.
-
-The maths involved is still pretty complicated, cpu intensive, and not as secure as conventional cryptography so in the real world these functions are mostly used to transfer conventional cypher keys, which are then used to protect the actual data being sent.
+----
+Part
of CategoryCryptography