What is this?

If you've received an email from me, then you may have seen something like this at the bottom of the email:

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFBQzn6fyFdFpJs/msRAh+gAKCvJ1XtreaNwn758bVPaaiNdIiRSwCcC7tx
+uVbS90fD772uwjlZ7WbrOg=
=yXUh
-----END PGP SIGNATURE-----

So now you're wondering, what is this gibberish, and what does it have to do with that block of gibberish above? Hopefully, this document will give you a better idea, so read on.

The gibberish you see is related to an encryption method used called public key encryption. But first, you might be wondering ...

What is encryption and why should I use it?

Almost everything you send out on the internet is sent in plain text. What this means is that if someone is intercepting your messages, they can easily read what you're sending. An analogy would be if you are talking on the phone to your friend. If someone in your house or your friend's house picks up another phone, they can hear everything you say. However, in the Internet world, anybody, anywhere in the entire world can pick up a phone and listen in on your conversation.To understand the security risks in sending data over the internet, lets create a hypothetical example. Let's say you want to send a letter to someone, but you're not going to use the post office. Instead you give the letter to your neighbor. Your neighbor, in turn, promises to give the letter to his neighbor, and so on until it reaches the destination (we'll assume the letter "knows" how to get to the destination, packet routing is a topic for another paper). So now we see the problem, even if we fully trusted our neighbor, we don't know who's hands the letter will pass through. Anyone in the chain from sender to reciever can be nosy and open the letter. Once that happens they can do all sorts of nasty stuff including reading the letter, changing the letter and resending it, or writting new letters that look like they came from you.

You may be wondering just how easy it is for someone to intercept your messages. The most common point is from your local network. This means that if you're at work, it's usually your system administrators or that weird guy that sits in the corner and mumbles to himself. At home, it's probably going to be your hacker children. The root of the problem is the nature of the internet in general. The internet is a loose collection of computers. Packets sent from your computer can take random paths to the destination, and you can't trust the machines that your data passes through.

If you want to keep your messages secret you need a way to make it impossible for anyone else to read, except for you and the person your message is intented for. This is what encryption is for. To go back to our telephone analogy, it's like you and your friend are speaking in a language that only you two can understand, other people can still listen in, but they have no idea what you are saying.

What do I need to start encrypting my email messages?

There are many programs out there that support a variety of programs. A good (and free) solution is Enigmail, a plugin for Mozilla Mail.

What is symmetric cryptography and why don't we use it?

In symmetric cryptography, the same secret key is used for both encryption and decryption. While the algorithms for symmetric cryptography are strong, its weakness is that both parties must have the same key. If the key is sent over the internet, you risk having the key intercepted and your messages compromised. The only secure way to do a key exchange is physically, which may be inconvinent. For a better explaination, lets introduce a little bit of math terminology (just a little, I promise). Ok, if we want to encrypt a message, we'll use this:

ƒ(k,m) ⇒ m'

and to decrypt the message, we'll use this:

γ(k,m') ⇒ m

All this is saying is we have some function, ƒ, that takes a key, k, and the plain-text message we want to encode, m. The function takes m and encodes it, resulting in m'. In order to get the original message back, we use another function, γ, that basiclly undoes ƒ using the same key and the encrypted message, resulting in our original message.

What is public key cryptography and why do we use it?

In public key (or asymmetric) cryptography, two separate keys are used for ecryption and decryption. The public key (that block of text given above) is given to anyone who wants to contact you and the private key is kept for yourself only. Note that both keys can be used to encrypt messages and both keys can be used to decrypt messaged encrypted by the other key.

Public key cryptography offers us the following properties:

• Secure communication - encrypted messages can only be read by the sender and the receiver.
• Integrity - messages can be verified to make sure they haven't been changed on its way to the receiver.
• Authentication - the receiver can check the signature of the message to ensure the sender really is who they say they are.
• Nonrepudiation - if a message has been signed, the sender cannot deny that they sent the message.

Next we will explain the extact mechanisms of public key cryptography that result in these properties:

• Secure communication - First the sender needs to get the receiver's public key. Usually, the sender and receiver will exchange public keys so that communications can go both ways. To send a message, the sender encrypts the message using the receiver's public key. If someone were to intercept the message after it has been sent, they cannot read it because it can only be decoded using the receiver's private key.
• Integrity - Before sending, the sender will pass the message through a cryptographic hash. A cryptographic hash is a function which converts an arbitrary string into a fixed sized value, with a low probability of collison (ie: no two strings will hash to the same value). Once the receiver gets the message and decodes it, he run the message through the cryptographic hash again and compares the values. If the values are the same, the message has not been altered.
• Authentication - Before sending the message, the sender encrypts the message with his private key. After the receiver gets the message, if he can decrypt the message with the sender's public key, then the message is authenticated.
• Nonrepudiation - In legal terms, if the receiver can decode the message using the sender's public key, they sender cannot deney that he sent the message, since it can only have been encrypted with his private key (which, remember, no one else has).

So just how secure is public key cryptography?

This is a fairly complex subject because it depends on the implementation. Generally the most secure algorithms are released to the public, so everyone can attempt to break it. If an algorithm is secret, them someone may secretly break it and you would never know (ex: Germany's Enigma during WWII).

In general, public key cryptography can be considered "pretty good", meaning not totally secure. The basis of public key cryptography is the relative difficulty of factoring very large prime numbers. Meaning if given enough time, any message can be decrypted. With computers increasing in power every year, what was considered secure a few years ago may not be secure today.

What are some other types of cryptography?

By far the simplest is called a Caesarian cipher, named after Julius Caesar. To use this, the sender and receiver first agree to shift the alphabet forward or back a certain number of letters. The problem with Casesarian codes is their vulnerability to attack, just create at most 25 substitutions and it's broken, arduous if done by hand, but a cakewalk for today's computers.

The most secure type of ecnryption is called a one-time pad. If done correctly, one-time pads are impossible to break. This is what the government uses to launch nuclear missles and such. To create a one-time pad, you would randomly choose a letter for every letter of your message, this is your encryption key. Make a copy of the key and give it to the receiver. When you create your encrypted text, add the value of the random letter to the value of your text. To decode, simply subtract the value.