home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Shareware Grab Bag
/
Shareware Grab Bag.iso
/
090
/
pkscrypt.arc
/
CRYPTO1.ART
< prev
next >
Wrap
Text File
|
1986-01-22
|
4KB
|
99 lines
* Encryption, Public Keys and Otherwise
PART One.
If you know what "Public Key Encryption" is then feel
free to skip to part two.
Public Key Encryption is a special form of encryption
which uses different keys for encryption (or scrambling) of
a message and decryption (unscrambling, the reverse
operation).
The separate keys for each operation have several
advantages. The first is that the encryption key can be
distributed much more easily by less secure means without
compromizing the security of future encrypted messages.
Simple knoledge of the encryption key does not enable
decrption of encrypted messages. The decryption key is
reqired to recreate the original message. For this reason
the encryption key is commonly called the "public key" and
the decryption key is the "private key".
In operation, everyone who wants to recieve secret
messages creates their own pair of keys, one private and one
public. The public key is them communicated to everyone who
may want to send them a secret message. Perhaps a central
key distribution center could be established. The private
key is kept secret and never told to anyone.
For example ... Art wants to send Beth a secret message.
He would look up Beth's public key or ask her to send him
one (in the clear). He would then use Beth's public key to
encrypt his message and send her the encrypted message. Beth
recieves the message and decodes it with her private key. No
one else can decrypt the message even if they get a copy of
the encrypted message AND the public key. They need the
private key.
In 1978 the CACM journal published a way of doing this
on computers. The system they described has come to be known
as the "RSA" cypto system.
The RSA system has an additional property beyond the
general Public Key Encryption system described so far. With
the RSA system the keys are interchangeable so you can use a
private key to encrypt a message and then only the
coresponding public key will unscramble the message. This is
in effect a "digital signature" which "signs" a message
showing that the encrypted message could only have been
created with knowlege of the private key.
Messages can also be ecrypted more than once. For
example you can sign a message with your private key and
then encrypt the result again with the intended receiver's
public key to make a signed, secret message. The receiver
would then need to do the reverse two steps in the reverse
order to get the original message back.
Even more complex interaction can be used for special
purposes. Articles have appeared on how to play poker over
the phone and how to hold a secret ballot election over the
phone and others.
PART Two.
I have recently completed a Public Key Encryption system
based on the RSA system. It runs on MS-DOS using files for
keys and messages. I am distributing the system as
freeware/shareware. (PKSCrypt 0.0 or 0.01)
There may be some legal or political considerations in
this.
I have heard roumors that this sort of stuff comes under
certain restritions for export of high tech (or something)
from the USA. I don't think this quite applies to me because
I am exporting the system TO the USA. (I live in Canada).
I have also heard roumors that some intelligence
organization (unnamed) is discouraging public discusion (let
alone utilization) of these systems. I have trouble
believing this because I had no trouble finding all the
inforamtion I could ever desire on the subject. There was
even an article in Byte magazine and a couple follow-up
letters.
Anyone who has any solid info on this, I would like to
hear from you. I especially would like to hear directly from
any government organization(s) (in any country) who may
think they are involved.
Interested parties may contact me via Fido node 134/1.
Lloyd Miller
Calgary, Alberta
1986 Janualry 16
