asymmetric cryptography

Witfield Diffie & Martin Hellman, researchers at Stanford University, first publicly proposed asymmetric encryption in their 1977 paper, New Directions In Cryptography. (The concept had been independently and covertly proposed by James Ellis several years before when he was working for the British Government Communications Headquarters.) An asymmetric algorithm, as outlined in the Diffie-Hellman paper, is a trap door or one-way function. Such a function is easy to perform in one direction, but difficult or impossible to reverse. For example, it is easy to compute the product of two given numbers, but it is computationally much harder to find the two factors given only their product. Given both the product and one of the factors, it is easy to compute the second factor, which demonstrates the fact that the hard direction of the computation can be made easy when access to some secret key is given. The function used, the algorithm, is known universally. This knowledge does not enable the decryption of the message. The only added information that is necessary and sufficient for decryption is the recipient's secret key.

In cases where the same algorithm is used to encrypt and decrypt, such as in RSA, a message can be securely signed by a specific sender: if the sender encrypts the message using their private key, then the message can be decrypted only using that sender's public key, authenticating the sender.

This also allows for the exchanging of securely signed and one-to-one messages, as follows. The sender encrypts the message using the common algorithm and his own secret key. They then sign the result, encrypt it again (with their signature in cleartext) using the recipient's public key, and send it. The recipient decrypts the received message using their own secret key, identifies the sender from their now-cleartext signature, and then decrypt the result using the sender's public key. This ensures the recipient that whoever composed the message had access to the sender's private key, and that nobody tampered with the message or read it along the way.

In symmetric cryptography, the same key is used for both encryption and decryption. This approach is simpler in dealing with each message, but less secure since the key must be communicated to and known at both sender and receiver locations.

Learn more about Email Security Guidelines, Encryption and Appliances

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

More resources from around the web: - The University of Texas maintains a 'Cryptography Defined/Brief History' page. - Simon Singh has a lengthy explanation of PKI and asymmetric cryptography in 'The Code Book.'

FILE EXTENSION AND FILE FORMAT LIST File Extension and File Format List: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

RELATED CONTENT Information security book excerpts and reviews Visit the Information Security Bookshelf for book reviews and free chapter downloads. How to confirm the receipt of an email with security protocols Many websites try to ensure secure registrations by sending email confirmations. But how is it possible to confirm receipt of that email by the... Best Email Security Products Readers vote on the best antispam, antiphishing, email antivirus and antimalware filtering, software and appliance products, as well as hosted...

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary challenge-response system  (SearchSecurity.com) cryptographic checksum  (SearchSecurity.com)