iTP Secure WebServer System Administrator's Guide (iTPWebSvr 5.1+)

Security Concepts

iTP Secure WebServer System Administrator’s Guide—522659-001

D-4

Public Key Systems

Encryption

For encryption, public key systems work as follows: To send a private message to Juliet,

Romeo looks up Juliet's public key in a public directory. Using this public key, he

encrypts his message and then sends it to Juliet across a normal (nonsecure)

communications channel. Upon receiving Romeo’s message, Juliet uses her private key,

which is uniquely associated with her public key, to decrypt it.

Because only Juliet has access to her private key, no one else can decrypt Romeo’s

message. Hence, even if Capulet, Juliet’s father, intercepts Romeo’s message, he cannot

read it – unless he gains access to Juliet’s private key.

Session Keys

In practice, encrypting data with a public key system is computationally slow and

therefore expensive. Secret key systems, based on a technology such as the Data

Encryption Standard (DES), are much faster.

To save time, instead of encrypting his message with Juliet’s public key, Romeo could

generate a random key on the basis of a secret key technology, then use this key (called a

session key) to encrypt his message. After using Juliet’s public key to encrypt his

session key, Romeo would send Juliet both his encrypted message and the encrypted

session key. Upon receiving the encrypted message and key, Juliet would use her private

key to decrypt Romeo’s session key, and then use the session key to decrypt Romeo’s

message. The net result is more steps, but less time.

Figure D-2. Public-Key Systems

Romeo Juliet

Key

Pair

Public

Key

Secret

Key

CDT009.CDD