Symmetric and Asymmetric Ciphers (Diffie-Hellman Key Exchange)

In the previous installment, we defined public encoding algorithms and the reasons behind their use. Today we will define their subsequent division into symmetric and asymmetric ciphers. A good example of symmetric ciphers are “classic” substitution ciphers. The key may be a simple table (e.g.  A=C, B=F, C=D, D=A…) If I want to encode the original message, I will use this key “from the left to the right”. And vice versa, if I want to decode the encoded message (to obtain the original message), I will use the same key, just “from the right to the left”. The same principle, though a signature is somewhat more complicated, is true for more complex substitution ciphers, e.g. those used by the Enigma – both parties, the sender and the recipient, use the same key.

This arrangement has a fundamental disadvantage, as proven by the Enigma-related events. The key must be exchanged securely. If the enemy (the correct cryptographic term is “attacker”) obtains it, the secrecy is breached. Cryptologists asked themselves a seemingly absurd question: is there a way to find a public encoding method which would allow us to publish the key in the media? And after years of research, they have answered: yes!

The trick consists in using not one key, but two interrelated keys. One key is called “public”, and just as its name suggests, we can make it public. The second key is called “private”; it is not shared, but kept secure by the person who generated both keys. The cipher principle lies in the fact that the original message, encoded by one of the keys (whether the “private” or the “public” one), becomes an illegible, encoded text. To decode it, one must encode it again, this time with the second key. This methodology is called an asymmetric cipher (encoding and decoding are not symmetric; each uses a different key).

Therefore if every man generates two keys and publishes the public key in the media (paper or website), we can proceed two ways: either we encode our message with someone else’s public key, in which case the only person who can read it is the intended recipient (the only one who knows the private key) or we encode our message with our own private key (which we know, naturally), and in that case anyone who is able to decode it with our public key (from the media) can be certain that the message has come from us (the popular name for this method is “electronic signature”). Moreover, in both cases the encoded message cannot be edited without becoming a nonsensical text after decoding, therefore this encoding also serves as a protection against subsequent text editing.

Combinations of several different methods are often used in real-life communications, e.g. encoding with our private key and after that with the recipient’s public key, so that only the recipient can decode our message and, at the same time, verify that the text has come from us (plus, in the unedited version). As a concluding anecdote, let us mention that there is a whole set of other methods and combinations. For instance, the Diffie–Hellman key exchange allows the communicating parties to agree on a shared private key (the same for both parties) with no prior  information exchange between those parties. This process is often used to generate a short-term private key for encoding with the symmetric encoding method.