Differences between version 4 and predecessor to the previous major change of PublicKeyAuthentication.
Other diffs: Previous Revision, Previous Author, or view the Annotated Edit History
Newer page: | version 4 | Last edited on Sunday, August 31, 2003 6:18:36 pm | by JohnMcPherson | Revert |
Older page: | version 2 | Last edited on Sunday, August 10, 2003 9:35:29 pm | by zcat(1) | Revert |
@@ -1,18 +1,9 @@
-Public key authentication works like this: I create a 'keypair',
a public and a
private key
.
Anything that is
encrypted with my public
key can only be decrypted with my
private key [1]
.
+Public key authentication works by creating
a key pair. One of the keys is
public, the other must remain
private. Anything encrypted with one
key can only be decrypted with the other. Thus, for other to send messages to the owner, they only need to know the public key. After they encrypt their message, only the recipient can reconstruct it. In the same way, only a message encrypted using the
private key of a key pair, and therefor by the pair's owner, can be decrypted by the public key. Thus, everyone can verify whether the message really originated from him
.
-So
, I keep my private key private and give everyone my
public key. Then, for example, if
you want to email me in private
, you encrypt your email
to me
with my
public key; that way
only I
can decode
it.
+PublicKeyAuthentication exploits this to avoid having to send passwords over a network. Instead
, your
public key is copied to the machines
you want access
to. When a machine needs to verify your identity
, it sends you a block of random data and asks
you to sign it, then it checks whether it can be decrypted
with your
public key. Because
only the person with the matching private key
can generate valid encrypted replies, the machine can then be certain of your identity. The machine usually identifies itself the same way. Should the machine be compromised,
it is still impossible for an attacker to pretend to be you, because they can grab your public but not your private key, which was never transmitted
.
-Every time I send my password over the network, I open myself to risk that I'm going to have it stolen. Instead
of this you generate a key pair on your own computer,
and you copy the public key to the server. Then
, when the server wants you
to prove who you are
, it sends you a block of random data
and asks you to sign it. Then it checks that you generated a valid signature. The server had your public key, and knows what it sent you. Only a person with the matching private key could correctly sign the data, and any future logins will be given a different chunk of data to sign. You'll usually get the server to validate itself the same way.
-Now if the server is hacked or spoofed, the attacker does not gain your private key or password; they only gain a few signed blocks of random data which will never be used again
.
+Some well-known applications
of PublicKeyAuthentication include [PGP] or [GPG] (for signing
and encryption email and files)
, [SSH] for securely logging in
to remote machines
, and [SSL] for secure connections such as for internet banking
.
+The way PublicKeyAuthentication magic works is clever math. In a lot of situations going one way is easy (like multiplying together two large prime numbers a x b = c) but reversing the operation is much harder (finding the two prime factors of the number we just generated). In another class of algorithms, a parameter c is used to mangle data using a function that appears to be one way and doesn't even allow recostructing the original message with knowledge of c. However, there are correlated parameters a and b (that are kept secret) which make it possible to reconstruct the message using a different function.
-
-[1] Don't ask why at this point, its about large prime numbers[2]; just take it as read that it is in fact the case.
-
-[2] Actually it's about "one way trapdoor" functions.
-
-There's a lot of situations in maths where going one way is easy (like multiplying together two large prime numbers a x b = c) but going the other way is much harder (finding the two prime factors of the number we just generated.)
-
-Then there's another class of functions; there's a formula that involves a number based on 'c' that people can use to mangle data. These functions also appear to be 'one way' and you can't get back the original data even if you know what 'c' was, unless you happen to know what 'a' and 'b' were, in which case there's another formula you can use to figure out what the original data was.
-
-
The maths involved is still pretty
complicated, cpu
intensive, and not as secure as conventional cryptography so in the real world these functions are mostly
used to transfer conventional cypher keys, which are then
used to protect
the actual data being
sent.
+The maths involved is still complicated, [CPU]
intensive, and not as secure as conventional cryptography. In practice, therefore, PublicKeyAuthentication is
used to transfer the key for a
conventional symmetric cryptographic algorithm
used to encrypt
the actual message
sent.