World Telecommunication Day 1999 |
Commerce, the exchange of goods and services for value, is heavily reliant on trust, security and authentication. Electronic commerce is no different. Today, these are most commonly provided by public-key cryptography.
Public-key cryptography uses two algorithms, or keys, one for encryption and one for decryption. The mathematical foundation is a ''one-way function,'' which transforms a message in such a way that it is impossible to recover the original unless one has the ''trap door'' to the function, the private key. Instead of being kept secret, the encryption key can be made public. It cannot be used to decrypt messages.
One application is secrecy (encryption and decryption). If Alice wants to send a secret message to Bob, she encrypts it with Bob's public key. Now, only Bob can decrypt it because only he possesses his private key. To respond, Bob encrypts his reply with Alice's public key, knowing that only she can decrypt it with her private key.
Another application of the algorithm is authentication. Because of the inverse nature of the keys and the one-way function, the process also works in reverse. A message ''encrypted'' with the private key can only be ''decrypted'' with the public key, which is used for digital signatures. If Bob can decrypt (or ''verify'') a message using Alice's public key, he is certain that it is really from Alice, because it could only have been encrypted (''signed'') with Alice's private key.
A combination of these techniques is used to provide security (encryption) and authentication (digital signature), just like bank vaults and conventional signatures. The digital version has the added advantage of providing integrity (verification that the message has not been altered since it was signed) and, using time stamps, non-repudiation (Alice cannot later deny having signed a certain document at a certain time).
Charles Tobermann