4/01/2011

Public key authentication


 
Authentication Using Keys
When we log into our bank's website, how can we make sure that it is indeed the original site? How can the browser know if it is not a bogous site. If you are using firefox, you might have seen a warning "The certificate of this site cannot be verified, Add exception" or something like that.
There is a Certificate Authority (Eg.Verizon) that issues certificates to web sites. When we log onto a web site, our browser verifies the certificate provided by the website with the certificates stored inside the browser. If it does not match, or the certificate has expired or if it is self signed, the browser gives us a warning.
The whole process makes use of Public Key Authentication method to make this happen.

Why do we use keys? Why not passwords?
Using keys are much more secure than passwords. Someone could break our password but they cannot gain access to our information if they don't have our key.


Symmetric And Asymmetric key cryptography
In symmetric key cryptography, also known as private key cryptography, both the sender and reciever use the same key. In other words, the same key is used for encrypting as well as decrypting data. This is less secure when compared to assymmetric key cryptography.
In assymmetric or public key cryptography, 2 different keys are used, one for encrypting and the other for decrypting. There is a public key and a private key for both the sender and reciever. The public key can be accessed by anyone but the private key cannot be accessed by anybody other than the key holder.
-Sender encrypts the data by using his public key
-Sender sends the data to the reciever by checking his public key.
-The reciever decrypts the data using his private key.
So, the encrypted data can be decrypted only by the reciever's private key which can only be accessed by the reciever.

2 comments:

  1. Thank you so much for defining the method of public key authentication. I have been searching for a nice amount of detail so that I can learn about it. This blog post helped me.
    public key infrastructure

    ReplyDelete