Asymmetric Cryptography and its variants have always been difficult for an average user to understand. This barrier has led to security mistakes on the user’s behalf, resulting in compromised data, etc.
In this entry, I’m going to take a stab to simplify asymmetric cryptography, aka public-key cryptography, using a simple metaphor:
In a magical town where it’s Christmas all year long, the citizens of this town all have their unique scissors, wrapping paper, and ribbons for tying bows. What makes this world unique is that only a citizen’s scissors can cut his own wrapping paper, not others!
In the central part of this world, there’s a universal store where everyone’s individual wrapping papers are available for others in case they want to deliver a present.
Specifically, Bob has a present for Sally. Bob enters the universal store to find Sally’s wrapping paper; once he returns home, he wraps his present for her using her wrapping paper. Once done, Bob ties his ribbon into a unique bow on the present and delivers the present to Sally!
However, nosy Dan is curious to see what’s inside the package, so he tries to use his scissors to cut through the wrapping paper! Yet he fails…
Eventually, Sally receives the present, recognizes Bob’s ribbon style, and cuts off the wrapping paper with her pair of scissors to find a shiny, gold trumpet!
Now that the story is out of the way, let me explain the story and each item:
- In the story, every individual has their own wrapping paper, scissor, and ribbon for a bow; moreover, only their scissor can cut their own wrapping paper! They can’t go around cutting other people’s wrapping paper. The wrapping paper represents the public key, the scissor represents the private key, and the ribbon for the bow represents the individual’s digital signature.
- Bob enters the universal store, essentially a server that contains people’s wrapping paper–the public keys– and wraps the present in it (encryption)! After Bob wraps the present using Sally’s public key, he ties a bow to indicate that the present came from him. Otherwise, nosy Dan could have wrapped a present using Sally’s wrapping paper himself and pretend it was from Bob.
- When Sally receives the present from Bob, only her scissor (the private key) can decrypt the contents of the message! Plus, the bow on the present confirms that it was from Bob!
- As mentioned, the purpose of the bow is to act as a digital signature. If nosy Dan did manage to unwrap Bob’s present for Sally, he would not be able to tie the bow the same way Bob did! If nosy Dan just tied the bow however and sent it to Sally, she would know her present was tampered with!
The end. Asymmetric cryptography simplified.