The Encryption Key
Therefore, the core of current encryption technologies is the ‘encryption key,’ a parameter that specifies the transformation from plaintext (data given before encryption) to ciphertext (a cryptogram, or encrypted data), and vice versa.
Operation of a key is based on the ‘exclusive OR’ operation in mathematical logic. The bitwise exclusive OR is the result of addition and subtraction calculation of each bit of a binary number. The bitwise exclusive OR is the reverse of a specific bit. Therefore, it becomes the original value by repeating the operation. In other words,
If the P is operated with the key value K a cryptogram P + K is created.
If this cryptogram is operated with the key value, K, then
(P + K) + K = P
… and it can be decrypted to the original P.
While a simple concept, there is a certain standard in the specifications of a key, resulting in different key types from the point of view of key management.
There are different types of encryption: one-way (also called “hashing”), symmetric, and asymmetric.
One Way (Hashing)
Passwords used for identification use the One-way Encryption algorithm. For example, before saving a password, the password is encrypted. And when a password is ‘password,’ it is encrypted and saved as ‘WaBauZ2.Hnt2.’ There should be no similarity between the plaintext ‘password’ and the cryptogram ‘WaBauZ2.Hnt2.’
The one-way encryption cannot be reverse-converted. There is no way to reverse the cryptogram into plain text. It does not decrypt the password to verify whether the entered password is valid; it encrypts the entered password again and compares it with the saved password to verify the ID.
Symmetric Key Encryption
For this method, the encryption and decryption keys are the same. Both sides must have the same, symmetric key, to receive the proper and secure communication.
A cryptogram is created by operating the plaintext with the encryption key value as a binary. The recipient who received the cryptogram substitutes the identical encryption key value reversely to decrypt the cryptogram. Therefore, the sender and the recipient must know an identical encryption key. When a person sends an encrypted message to another person, the recipient should receive the key.
Asymmetric Key Encryption
Asymmetric, or public key, encryption using two different keys, is different from symmetric key encryption because it uses two keys: a private key and a public key. It encrypts with a public key and decrypts with a private key.
Just as its name implies, a public key is an open key, and anyone can encrypt plaintext. However, only the person who has a private key can decrypt the ciphertext.
When the locations of private key and public key are switched, it becomes an ‘e-signature.’
The encryption method is determined based on the environment.
According to different needs, methods and formats are selected, and the encryption process is designed and the system is implemented. From a simple format to a complex format, users can select one according to the economical decision for security. For example, a public key is higher than the private key; the private key cannot be replaced with a public key because the two key methods are different ways that are selected according to the need.
- Choose the private key method if there is no problem in key distribution and management, and if quick execution speed is required.
- Choose the public key method if there is a problem in key distribution and management, and if transfer non-repudiation is required.