## EncryptionThe RSA algorithm itself only encrypts numbers. What usually happens is that RSA is used to encrypt a key for a symmetric cipher, such as Rijndael, and then the message is encrypted using this key. In interactive uses, the first step is called the 'key exchange' and after that, network traffic can flow in both directions using the same symmetric key. Often this will be combined with authentication of client. All computer data is ultimately just binary numbers, so you could just break this into suitable chunks and apply RSA to each chunk. However, this puts you at some risk of being cryptanalysed, as plaintexts are often predictable to some extent. For example, if an attacker knows you will say either 'attack by land' or 'attack by sea', they can try encrypting both messages with the public key, and compare these ciphertexts to the intercepted ciphertext. You can mitigate this somewhat by including random junk in each encrypted chunk, but there are other attacks. Another reason is that RSA is slow compared to symmetric ciphers. ## Digital SignaturesWith RSA, the encryption and decryption techniques are very similar. In fact it is possible to reverse them - encrypt a message using the private key. The ciphertext produced is a digital signature. When decrypted with the public key it reproduces the original message. This process is secure, because the only way to produce a something that decrypts to a chosen message is to know the private key. Like encryption, you don't in practice sign the whole message. The usual approach is to take a hash of the message, and sign that. The hash is a kind of fingerprint that is (almost) unique to that particular message. It is important to use a secure hash algorithm, so it's impractical for an attacker to find another message that produces the same hash. The chance of a collision occurring randomly is minuscule. There's more information about hashes on my JavaScript MD5 page. ## CertificatesCertificates provides a secure way of relating a real world identity to a public key. They rely on the concept of a widely trusted central authority. Everyone knows the public key for this central, certification authority (CA). The core parts of a certificate are the person's name, their public key, and a digital signature of the whole certificate, using the CA's private key. As there is more than one CA in the world, certificates also include the name the CA. They can also include other details like the person's email address, and can apply to things other than people - e.g. companies or computers. The CA's public key must be distributed securely. In practice they come with software like web browsers. This means that you should take extra care downloading browsers off the Internet - CDs are a safer bet. |