 |
|
|
How does it work?
|
For Geeks!By Nicolas de Pomereu, Guillaume Rigal and Alexandre Becquereau, Associates of SafeLogic and eternal computer Geeks. A serious encryption solution We wanted cGeep to provide a serious solution for encrypting emails. That is why cGeep is based on the principle of public key encryption, currently the only technology to guarantee maximum security (as opposed to exchanging passwords, PINs or similar). An open system In order to offer an open solution, compatible with as many existing software systems as possible ('paid for' and 'open source') and to be recognized by security experts as solid, we have adopted the OpenPGP standard, which provides an open public key encryption platform. Encryption solution - The double key principle The principle of public key encryption is based on the existence of a pair of keys for each user (two large numbers generated together and dependent on one another).
All about asymmetric encryption solution This procedure is asymmetric. Anything encrypted using the public key can only be decrypted with the private key! (Hence the name asymmetric encryption which is sometimes used to describe this technique). Here is a simple analogy: I give you a padlock to which only I hold the key. You use it to lock a box into which you have placed a message. You can send me the box in the post. You can be sure that only I can open the box. Another interesting characteristic of the asymmetric encryption solution with key pair under the public key system is that the public key is the only one that can decrypt something that was encrypted using the private key. Why would you use the private key to encrypt here when the public key is accessible to everyone???? This process is, in fact, the digital signature: if you can decrypt a message with my public key, you can be certain that it was encrypted using my own private key which only I can use. So you can identify me for certain, and be certain of the nature and the provenance of the data you have just received. One of the problems with asymmetric cryptography encryption solution is the slow speed of the encryption algorithms due to the size of the keys used, which are huge in order to ensure they can resist every attack (2048 bits, i.e. a number equivalent to 2 to the power of 2048): This slow speed is just as annoying in that the message has to be encrypted using the key for every recipient, which means as many times as there are recipients! To deal with this problem, the OpenPGP encryption solution combines the mechanisms described above with the techniques of symmetric encryption. To be completely secure, symmetric algorithms merely require 128 bit keys, so they are much faster. These algorithms are called symmetric because the same key is used to encrypt and to decrypt. This key therefore has to be kept secret because it can be used to decrypt data it had previously encrypted. This is the limitation of this technique used on its own (a secret has to be shared - the key - and how to share it...) So, let us recap to ensure we fully understand how OpenPGP encryption solution works:
|
||||||||||||||||||||||||||||