• Researching for public-key cryptography

      0 comments
      7th Jul 09
      WILD ARTIST

    Transferring data is like a broadcasting. In the other words, security plans don’t prevent sniffing clearly. You and I know that there’s no absolute solution for security. Actually it’s a big problem not to reveal the message to others but intended target. Recently I’ve studied about public-key cryptography algorithm which encrypts data so that sniffers can’t understand the message or packets. Why does it works? The secret is, in equivalence of arithmetical formulas.

    checkmate

    I couldn’t find any solution but a key structure. If you find some method that suffices the condition, you may get one of the most beautiful working solutions in the world. The simple is this: from randomly generated server-side private key Ks = { s1, s2, …, sk }, compose server-side public key Kf(s1, s2, …, sk). Client receives it and make a client-side private key Kc = { c1, c2, …, ck }. Lastly, client-side public key Kg(c1, c2, …, ck) should be bound to initial packet to server. The key solution is, a function list H = { H1, H2, …, Hk where Hi(Kg, si) = ci }. Now we can regulate it as below.

    • Server generates server-side private key Ks and public key Kf.
    • Client receives Kf and compose client-side private key Kc and public key Kg.
    • Server gets client-side public key and takes Kc from Kg and Ks with function list H.

    Let x be an original data packet. Then we can encrypt it into a cipher E = Encrypt(Kc, x). (Function Encrypt should be reversible and its reversed function may be Decrypt) If server knows or gets Kc (as both server and client have Kf, and Kg and server is able to compose Kc from H), then server can decrypt the message by calculating x = Decrypt(Kc, E). Then the transfered message is safe from sniffing and eavesdropping.

    Here’re some preconditions each key generation must keep in.

    • Client-side public key Kg must not be decrypted to private key Kc by public keys.
    • Ks should not be predictable from public keys.
    • Encrypt function should not leave any clue to be decrypted.

    Famous algorithms like RSA, Diffie-Hallman exchange protocol also have this rule. I’ll keep researching for the algorithm and hope to find a great solution so that every web solution may have secure interactions between server and client. For more information about this issue, see http://en.wikipedia.org/wiki/Public-key_cryptography.

      SECURITY

    Write a comment

    You must be logged in to post a comment.