Public-key encryption: always comes at a price

View previous topic View next topic Go down

Public-key encryption: always comes at a price

Post  Wong Morea on Tue 24 Aug 2010 - 14:01

When entering into online trade forex software platforms now offer security even though it comes with a hefty price tag. Unlike 'secret-key encryption', 'public-key encryption' has two keys that are mathematically related. These key pairs can be used either to provide privacy or authentication. As the name suggests, the private-key is kept a closely guarded secret by the owner and the public-key is freely circulated. This technique is referred to as RSA (named after Rivet, Shamir, Adolman of MIT). It is very secure even though the algorithm makes it expensive to implement. Most often, since security comes with a price, and because data security is very important, the modern traders do not mind implementing such a complex algorithm.

The use of the keys and their role in encryption/decryption can be explained with an example. Suppose, 'A' and 'B' wish to communicate with each other so that the communication is private and authentic. 'A' generates a private and a public key pair from a seed number. 'B' similarly generates its key pair using another seed number. 'A' provides his public-key to 'B' and receives 'B's public-key. The private keys are kept a closely guarded secret by both 'A' and 'B'. 'A' can send a private message to 'B' by encrypting the message using 'B's' public-key. Only 'B' can decrypt this message using his own private key. This ensures that only 'B' can decrypt the message, but does not guarantee that 'A' has sent it.

To authenticate the message source namely 'A' and 'B' to be authentic and private, 'A' first encrypts the message using his private-key. 'B' first decrypts the message using his private-key and then further decrypts it using 'A's' public-key. Since the public-key is comparatively slow to use and requires a lot of processing, they can cause significant delays in encryption and decryption. When public-key is used for authentication, it is undesirable to encrypt the complete message, particularly if it is long. Digital signatures come to the rescue here. A digital signal that is once saved in the system will crosscheck the data from a particular source and will transmit it only if it is genuine.

Wong Morea

Posts : 1
Join date : 2010-08-24

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum