To play these puzzles requires Shockwave and either Netscape 3.0, 4.0 or Internet Explorer 3.0, 4.0. For Internet Explorer, you will need the ActiveX control for Shockwave rather than the Netscape plug-in.

Asymmetric Algorithms (Public Key Encryption)
What's Going On Here?

One of the most common ways to provide secure communications is through the use of public keys. Here are the steps involved in using keys:

1. A user chooses a private key
2. A mathematical algorithm is applied to that key to create a public key
3. The public key is distributed to people wishing to send the user encrypted messages
4. Messages are encrypted using the public key and sent to the user
5. The user applies the private key to the encrypted message to decrypt it

If you know a user's public key, can't you use that knowledge to decrypt messages? No. Only the private key, which is kept secret, can be used to decrypt messages.

EXPERIMENT: Try this

Each of the color balls at the top of the diagram represents three bits of data. We'll use public key encryption to encrypt them.

1. Enter in the public key values of 62 81 and 37 (from left to right)
2. Notice the values of the encrypted message
3. Try to enter a private key that will decrypt that message resulting in the balls at the bottom being the same colors as the balls at the top
4. Try entering the public key values in the private key area
5. Try any combination of numbers in the private key area and see what happens
6. How easy is it for you, knowing the public key, to decrypt the message?

Explanation

The algorithm used for creating the public key was simple. We took each number in the private key and multiplied it by 31, divided the product by 105, and determined the remainder. Knowing this very well known and published algorithm should help you reverse engineer the private key from the public key, shouldn't it?

Well, no. That's the secret of why this is an excellent method for secure communications in an unsecure world. The computation on the private key to obtain the public key is simple, but it is very difficult to invert the function.

The algorithm shown here is a simplification of algorithms known as "knapsack" algorithms. These types of algorithms have, in fact, been broken by clever hackers over the years and that is why today, we use more complex variants of these schemes. Similar to the DES algorithm, security is dependent on the length of the key sequence we use and the number of permutations applied to each segment of data.

By the way, the private key for the above problem is: 2 6 52

Featured Book of the Quarter!

Firewalls and Internet Security, Repelling the Wily Hacker
Readers of the first edition, which was outstanding, have anxiously awaited thsi update. Now (April 2003) it is finally here and you can have it for 30% off the list price by ordering through our Amazon link. (All of our proceeds from book sales go to the Ecumenical Hunger Program and America's Second Harvest. For more books, visit our library.