Page 250 - DCAP311_DCAP607_WIRELESS_NETWORKS
P. 250
Wireless Networks
Notes be used on the entire message. It needs to be part of the process that "locks" and "unlocks" the
information. As long as the message is unreadable until the private key is presented, the goal of
message encryption is met.
As noted in "How Public Key Cryptography Works" earlier in this topic, public keys use strong
algorithms to compensate for being publicly known. These strong algorithms mean that they
are larger, and thus computations that use them are slower, than the older symmetric keys.
Because a private key is only used to unlock information before it is viewed, and not on the
entire message, it is more economical to use a key pair on as little information as possible and use
a faster, symmetric key on as much information as possible while ensuring that the information
cannot be used until the private key is presented.
Symmetric keys use a secret key, which both parties must know. This process is sometimes called
"key negotiation." With key pairs, there is no key negotiation because one public key can be used
by many people. Key pairs can also be used in conjunction with symmetric keys to handle key
negotiation. A symmetric key can be chosen and that key can be encrypted, using the public key
of a key pair, and sent to the owner of the private key. When sending to multiple recipients, the
same symmetric key can be used for all recipients, and then encrypted using the public key of
each specific recipient. Because only the private key owner can decrypt the symmetric key, the
symmetric key remains a secret shared among authorized people. You can generate symmetric
keys for a one-time use during a particular operation or session. These are referred to as "session
keys". Public key encryption can enhance rather than replace symmetric key encryption.
The goal of message encryption is to ensure that a message is unreadable until the private key
is presented. The private key can be used in symmetric key negotiation to securely transmit a
symmetric key. Because a symmetric key can be securely transmitted to a recipient, you can use a
symmetric key to encrypt a message and then encrypt that symmetric key using the public key in a
key pair. Only the private key holder can unlock the symmetric key, which is then used to decrypt
the message. This operation functions as if the entire message had been encrypted and decrypted
using the key pair. However, because it uses a faster, symmetric key on most of the information,
the operation is faster than it would otherwise be. Throughout this process, the message remains
protected until the presentation of the private key, thus providing confidentiality, which is the
fundamental service of message encryption. Because of the encryption and decryption process,
any alteration of a message after it has been encrypted will cause the decryption operation to fail,
providing for data integrity.
Although the use of a symmetric key may be unexpected and its benefit not immediately
obvious, it enhances message security by making the process of message encryption faster
without sacrificing the security of the message. The following figure 14.14 shows the sequence of
encrypting with the supporting elements of public key cryptography.
Figure 14.14: Sequence of Encrypting Public Key Cryptography
Source: http://technet.microsoft.com/en-us/library/aa998077(v=exchg.65).aspx
244 LOVELY PROFESSIONAL UNIVERSITY
