To solve the problem, cryptosystems have been developed. A popular one, called RSA, uses keys to encrypt or decrypt messages so that only the sender and receiver can understand the messages. The system requires that each person , the sender and receiver ,have a public key that is made available to anyone, and a private key that they keep only on their computer. Data or files encrypted with someone's private key can only be decrypted with their private key. This is an example of how a public-key system works.
We suppose X wants to send a confidential message over the Internet to Y . Y will need some way to decrypt the message-as well as a way to guarantee that the message has been actually sent by X , and not by an imposter. First, X runs his message through an algorithm called a hash function. This produces a number known as the message digest. The message digest acts as a sort of "digital fingerprint" that Y will use to ensure that no one has altered the message.
X now uses his private key to encrypt the message disgest. This produces a unique digital signature that only he, with his private key, could have created.
X generates a new random key. He uses this key to encrypt his original message and his digital signature. Y will need a copy of this random key in order to decrypt X 's message. This random key is the only key in the world that can decrypt the message- and at this point only X has the key.
X encrypts this new random key with Y 's public key. This encrypted random key is referred to as the digital envelope. Only Y will be able to de-crypt the random key since it was encrypted with her public key-and so only her private key can decrypt it.
X sends a message over the Internet to Y that is composed of several parts: the encrypted confidential message, the encrypted digital signature, and the encrypted digtal envelope.
Y gets the message.Decrypts the digital envelope with her private key-and out of it gets the random key that X used to encrypt the message.
Y uses the random key to decrypt X 's message. She can now read the confidential message that X sent to Y. Y can't yet be sure, however, that the message hasn't been altered en route-or that the message was in fact sent by X .
Y now uses X 's public key to decrypt his encrypted digital signature. When does this, Y gets his message digest- the message's "digital fingerprint."
Y will use this message digest to see whether the message was in fact sent by X and not altered in any way. Y takes the message that he had decrypted and runs it through the same algorithm-the hash function-that X ran the message through. This will produce a new message digest
Y compares the message digest that he calculated to the one that she got out of X 's digital signature. If the two match precisely, he can be sure that X signed the message that it was not altered after he composed it. If they don't match, then he knows that either he didn't compose the message or that someone altered the message after he wrote it.
Home
Contact Us
A leading provider of encryption technologies, ERUCES Inc., announced today its acceptance to the IBM Service Oriented Architecture (SOA) Specialty after successfully completing IBM's rigorous SOA technical and business requirements. ERUCES' Tricryption application, With this achievement, integrates with the IBM software and strategy for SOA.
