Progress
on the Web
The Development of Digital Signatures
This section summarizes existing ciphers, their shortcomings, the invention of asymmetric ciphers, and how they provide digital signatures.
Existing Ciphers
Until the mid 1970s, the only ciphers available used a single key to encrypt and to decrypt — hence the name symmetric ciphers. An example is the Data Encryption Standard (DES), developed by IBM in 1977 and adopted soon after by the United States National Institute of Standards and Technology (formerly known as the National Bureau of Standards). Each DES-encrypted message uses one of 72 quadrillion (72 x 1015) keys. In the hope that cryptologists would study it, try to break it, and uncover any weaknesses it might have, its developers published its algorithm, a practice common in cryptology. The security of DES rests in the belief that although you could crack a DES-encrypted message by trying all 72 quadrillion keys, doing so would take an unreasonably long amount of time, given the hardware and software available.
Shortcomings of Existing Ciphers
Since the development of DES in 1977, hardware and software have become so much faster that cryptologists now believe cracking a DES-encrypted message by trying all the possible keys within a reasonable amount of time is now possible. For this reason, NIST is currently soliciting proposals for a replacement for DES that is significantly stronger.
Symmetric ciphers in general have additional problems:
- As you increase the number of people in a group using a particular symmetric cipher, the number of keys required increases exponentially, since a unique key is required by each unique pair of people who wish to communicate. In other words, symmetric ciphers do not scale well.
- To use a symmetric cipher to communicate with someone you have never met, the two of you must first exchange keys, which can be difficult — as countless spy novels attest to.
- Storing keys conveniently and securely can be difficult. Storing them centrally might make them convenient but vulnerable to attack, while storing them in distributed locations might make them secure but inconvenient to retrieve.
Asymmetric Ciphers
To get around these problems, researchers in the mid 1970s developed asymmetric ciphers, which use different keys to encrypt and to decrypt. With asymmetric ciphers, each person within a group is assigned a unique pair of keys consisting of public key and a private key, where each public key is known to everyone, while the corresponding private key is known only to its owner. After a message is composed, it is encrypted by a process that uses the recipient’s public key. In order for the recipient to read the message, it is decrypted by a process that uses the recipient’s private key. The security of this arrangement rests on the belief that if a message is encrypted by a process that uses a particular public key, decrypting the message without using the corresponding private key, which is known only to the recipient, is computationally unfeasible — that is, not possible within a reasonable amount of time using available hardware and software.
Digitally Signing Documents
Some PKI software allows a document to be digitally signed, a process that involves applying the signer’s private key. A digitally-signed document can be verified by anyone by following a process that involves applying the signer’s public key. The security of this arrangement rests on the belief that if a digitally-signed document can be verified by a process that involves applying a particular public key, it would be computationally unfeasible to create the digitally-signed version except by a process that involves applying the corresponding private key, which is known only to its owner.
The overall system required to provide public-key encryption and digital-signature services is called Public Key Infrastructure (PKI). The PKI software WebClient uses, which employs Microsoft Authenticode Technology, allows documents to be digitally signed.
The Need for Trust
But public keys, private keys, and digital signatures alone do not ensure security. Consider an intruder who impersonates a legitimate member of a group. Suppose the intruder represents her own public key as the public key of the victim. And suppose the intruder digitally signs, with her own private key, files purporting to be from the victim. If you download these files, using the public key the intruder supplies and represents as the victim’s, you might unknowingly install software that sends confidential information on your computer to the intruder, or that even destroys vital information on your computer. To avoid this, PSC recommends that you accept a public key only when you trust its authenticity and integrity.
Public-key Certificates
One way to distribute a public key while ensuring its authenticity and integrity is to package it in a public-key certificate, a document that contains a public key and that is digitally signed by a trusted certificate authority (CA). Before digitally signing a public-key certificate, the CA verifies the public key’s authenticity and integrity. By using public keys, private keys, digital signatures, public-key certificates, and certificate authorities, members of a group can communicate with confidence that the messages they receive, whether email messages or downloaded files, have authenticity and integrity.
Copyright © 2004 Progress Software Corporation www.progress.com Voice: (781) 280-4000 Fax: (781) 280-4095 |