7. The Bedrock of Cybersecurity: Cryptography 167 Figure 7.12 Bob generates a key pair, keeps the private key secret, and advertises the public key to the world. If Alice has a message that she would like to send securely to Bob using public key cryptography, she would encrypt her message with Bob’s public key. We assume that she has or can obtain Bob’s public key even if they have never met because public keys are publicly available. After she encrypts her message with Bob’s public key, the only way to decrypt it is with Bob’s private key. Public key cryptography assumes that private keys are secure, so this means nobody other than Bob can decrypt the message, not even Alice. After Alice’s message is “locked” with Bob’s public key, only Bob’s private key can “unlock” it (see Figure 7.13). An adversary that observes the encrypted message and has the key it was encrypted with (i.e., Bob’s public key), would still be unable to decrypt it. Figure 7.13 Alice encrypts a message to Bob using Bob’s public key and Bob decrypts it with his private key. 7.2.2.1 Message Signing “‘If you didn’t sign it,’ said the King, ‘that only makes the matter worse. You must have meant some mischief, or else you’d have signed your name like an honest man.’” - Alice’s Adventures in Wonderland by Lewis Carroll Because public and private keys are inverses, it is also possible for a person to apply their private key to a message. This results in message signing. Signing a message does not keep the message confidential, since the public key needed to “unlock” the message is not a secret, but it does mean that if the message is successfully “unlocked” with a person’s public key, then it must have been signed by that person’s private key. This pro-
RkJQdWJsaXNoZXIy MTM4ODY=