Demystifying Encryption & Public Key Cryptography (Part 2)

Welcome to Penneo’s newsletter, where you'll find actionable advice to tackle the challenges faced by your business when it comes to data security & regulatory compliance.?

Today's read is ~13 minutes

In our last newsletter, Demystifying Encryption & Public Key Cryptography (Part 1), we went through what encryption is, how to encrypt data at rest and data in transit, and the difference between symmetric and asymmetric encryption.?

In case you missed it, go check it out here !?

Here is a recap of the concepts we focused on:?

• Public key cryptography is the process that uses a person’s public key to convert text into a form that is unreadable for anybody that doesn’t have that person’s private key.
• A person’s public key can be shared openly. It can be considered and treated as the physical address of a person’s home.
• A person’s private key must be kept secret and safe. It could be considered and treated as the key to a person’s home (but you only have one, you can’t make copies, you can’t lose it and change the door lock)
• To make a real-life example that comes close to the concept - when you buy a house, you have a new address (public key) and a key to access it (private key). It is in your interest to let people know your address so that they can send you messages by mail. Therefore you put it in the public phone book (or, in 2023, you update your address information on the Internet and Social Media). A message encrypted with a person’s public key is like a card sent by post to that person’s home address. Everybody knows (or can know) that address refers to a house that belongs to that person. But only the house owner, with their private “key”, can open the mailbox and get access to the card.?
• Intermediaries (such as computers, networks, internet or email service providers, etc.) can still see metadata while you are having an encrypted conversation: they can see who you are, who your recipient is, when you are sending a message, when the recipient is receiving it, what the message’s subject line is, and that you are encrypting the message.?Going back to the example above, the intermediary could be the postman, who can read the names of the sender and recipient on the letter envelope and is a necessary element to forward the message from the initial end to the final end. Still, the postman cannot read the message inside the envelope.

With this basic knowledge, we can now proceed to uncover how asymmetric encryption can be used to prove the authorship of a message. And, similarly, how it can be used to ensure the identity of a person signing a document digitally.?

How Asymmetric Encryption Becomes the Key for Digital Signatures?

Encryption can also be used to prove that a message came from a particular person and has not been altered. Let’s see how.

We clarified that the public key can be shared freely while the private key must be kept secret. This means that anybody that knows a person’s public key can use it to encrypt a message, but only the key’s owner can decrypt it with their private key. In the same way, if we turn the concept around, a person could encrypt a message via their private key, and everybody else (knowing that person’s public key) could decrypt it.?

How could this reverse function help, though? You might ask.?

How can we benefit from this??

Back to our previous example involving Bob and Alice , why would Bob want to encrypt a message with his private key and let anyone else decrypt it with Bob’s public key??

Because, in this case, Bob’s goal would not be to keep the message secret. His goal would be the exact opposite: to make the message decipherable by anyone. Still, while anyone will be able to decrypt it with Bob’s public key, only one person would be able to encrypt it with Bob’s private key: and that would be Bob.

Example:

Let’s suppose that Bob owes Alice €10, and Alice wants to make sure she’ll be paid this money by having proof of Bob’s debt.?

Bob sends a message to Alice to tell her “I’ll pay you €10”.?

Now what Bob and Alice want is not to have a confidential conversation. It’s to make sure that anybody can see and validate what Bob is promising.?

To do so, Bob can encrypt the message with his private key - that was in his sole custody, so nobody else could have used it to encrypt a message.?

On the other hand, Alice, and everybody else, can now decrypt the message using Bob’s public key.?

And the possibility of decrypting the message using Bob’s public key means that it was encrypted using Bob’s private key - ergo, Bob is undoubtedly the author of the message.?

In simple terms, what Bob does when he encrypts the message with his private key has the same purpose and value as if he had signed a message with a pen on a piece of paper and handed it over to Alice. Still, it prevents the possibility that Bob could deny having signed the piece of paper or that somebody else could impersonate Bob and hand-sign a document on his behalf. Those risks are avoided with public key encryption, as only Bob can use Bob’s private key.?

Furthermore, the message encrypted by Bob cannot be altered afterward.?

In the analog reality, Alice could take the message signed by Bob on paper and change the value of the amount to be paid from €10 to €100, and Bob would have no way to demonstrate that the message had been tampered with.

On the contrary, a digital message encrypted via Bob’s private key cannot be altered by Alice because she does not have Bob’s private key, so she cannot change and re-encrypt (or re-sign) the message.

In conclusion, a digital message signed and encrypted via a person’s private key ensures the identity of the signer and the tamper-proofness of the content.?

And this is what digital signatures are all about.?

Digital signatures are built on public key cryptography, which guarantees the authenticity of the signer and the non-alteration of documents and signatures.?

That’s what they owe their popularity and trust to. And that’s also why they are safer than traditional handwritten signatures.

When using digital signatures, what are the private and public keys?

To create a digital signature, you need to use a public-private key pair.

How will you get one, though?

Chances are you already have it and have been using it all along for digital authentication and signing in your daily life, as your public-private key pair is included in your electronic ID (your Itsme if you live in Belgium, your MitID if you are based in Denmark, your BankID in Sweden or Norway, and so on).?

When you were issued a digital ID, a digital certificate was created for you, and public and private keys were generated. The public key is included in the certificate (eID), while the private key is securely stored and kept secret.

When you sign a document with your eID, you are using your private key. Here’s what happens (what the digital signing software does), from a technical perspective:

• A hash value of the document at the time of signing is generated.
• The hash value of the document is then signed with the signer’s private key.

When somebody wants to verify the validity of a document you signed, they (or, more precisely, the program used for the verification) will use your public key. Here is how the signature validation process works.

• A hash value of the signed document is generated. A digital signature is only valid if the hash value of the signed document and the hash value of the document at the time of signing are the same. If the two hash values are different, it means that someone has made changes to the document after signing.
• The digital signature is validated using the signer’s public key (included in their digital certificate).

Can end-to-end encryption be hacked?

Although end-to-end encryption may seem flawless, it has weaknesses too. There are three potential risks to consider:

1. You can hide the content of your conversation but not the existence of the conversation itself

Intermediaries (computers, networks, internet, chat service providers, etc.) are indispensable for the conversation itself. They cannot be removed - otherwise, there would be no way to forward a message from one device to another. And although end-to-end encryption makes the content of the messages illegible for intermediaries, they would still know that an encrypted conversation is taking place between two people on a certain day.?

Therefore, the first limitation of end-to-end encryption appears in the event that you want to hide the existence itself of your communication.

2. All bets are off if you only encrypt data in transit and not data at rest as well

Even a perfect end-to-end encrypted conversation is vulnerable in the two moments/places where the message is readable - the ends - which are none other than your device and the recipient’s device.?

If your device is not secured, in case somebody gets hold of your phone, for instance, they would be able to read all of your conversations and even write and send messages on your behalf. That’s why such endpoints need to be protected.?

Here’s how you can do it:

• Device encryption: A common protection mechanism is enabling a passcode lock screen. By granting access after typing a password or using your fingerprint, if somebody takes over your smartphone, they will not be able to unlock it, read your correspondence, or impersonate you.?
• Antivirus software: Although effective in protecting your device when others take physical possession of it, device encryption is not enough to shield it in the case of virtual attempts of data breach by hackers. To mitigate that risk, devices must be protected with anti-virus and -malware software.
• Backup encryption: But that’s not all. The weakest link in the chain is the storage point, and often your device is not the only storage point. For instance, you might store automatic backups of your encrypted conversations in the cloud. In that case, you should check your cloud backup settings to make sure it’s encrypted too.?

In conclusion, combining multiple protection methods to ensure both your data in transit and your data at rest are encrypted will let you enjoy a greater level of privacy and defense against unauthorized eavesdroppers.?

N.B.: Just as the conversation involves two people, so must the two people take care of its safety. Although you may have done everything possible to protect your devices, servers, and networks, you cannot be sure that the recipient of your messages has done the same with theirs. If your recipient’s endpoint has been compromised - their device stolen, their Internet connection hacked, etc. - there is nothing you (or the encryption system) can do to protect the confidentiality of your conversation.

3. End-to-end encryption is virtually unbreakable, but sometimes hackers can find their way

As explained above, a person that wants to send encrypted messages to another person must obtain that person’s public key. At first glance, there seems to be no problem or risk in this exchange of public keys, as they can be freely distributed on whatever channel.?

However, as end-to-end encryption might be virtually impossible to break, hackers might try instead to interfere with the exchange of public keys. Therefore, this represents a vulnerability of the encryption system.?

For instance, a hacker could provide one person-endpoint with the hacker’s public key and then impersonate somebody else. This situation is known as a man-in-the-middle attack (or machine-in-the-middle attack).?

Let’s suppose that one of the intermediaries of the conversation between Bob and Alice is a hacker. Alice is going to share her public key with Bob so that he can send encrypted messages to her.

The hacker manages to provide Bob with the wrong public key and deceive him into using it to encrypt messages.?

As a result, Bob will encrypt messages using the hacker’s public key without even noticing that it is not Alice’s legitimate public key.?

The hacker can now decrypt Bob’s messages and read their content.?

What’s more, the hacker will also be able to use Alice’s actual public key to re-encrypt the message and send it to her. In this way, Alice won’t know that a man-in-the-middle attack had meanwhile occurred.?

The hacker can even edit the content of the message before encrypting it, leading Alice to believe that Bob was the one writing it.?

Still, in most cases, the hacker does not modify the content of the messages, and the two subjects involved in the conversation keep sharing messages as if nothing had happened.?

The hacker might decide to wait until the right moment to take advantage of the situation - such as when Bob sent Alice a message with his bank details, for example.?

What can be done to prevent this risk??

Thankfully, there are methods for avoiding these cyber threats:

• The first method is known as fingerprint verification and consists of verifying that the public key used to encrypt the messages is the legitimate recipient’s public key. However, to do that safely, Bob and Alice should meet up in person and double-check that the public keys they hold actually match their fingerprint keys. Although it’s an effective method, it’s also rather inconvenient and often not feasible for people far from each other.?
• Another method is made available by some end-to-end encryption programs, which can generate a sort of one-time passphrase based on the two users’ public keys. But even in this case, the two people should meet in person to confront the passphrase or use a safely encrypted communication channel to share it and assess whether it matches.?
• Finally, a more secure and convenient method to prevent this type of attack is relying on a Certificate Authority (CA). This is the method generally employed by the best end-to-end encryption software to ensure that a public key legitimately belongs to a certain person. To this end, the public key is embedded in a certificate that is digitally signed by a trusted Certificate Authority .?

What are the advantages of end-to-end encryption??

Despite its weaknesses, end-to-end encryption is currently the most secure way to transfer data thanks to three main benefits it provides:

• Absolute Privacy: Only you and your recipient have the keys to unlock your data. If you both keep them secure by using best practices and the strictest settings of encryption apps, you can be sure of the safety of your conversation.
• Confidentiality, even with respect to the service provider: It protects from third-party providers’ bad intentions or leaks. By maintaining your messages unreadable even for the communication providers, you can minimize the risks of a data breach.?
• Certainty about the authorship and tamper-proofness of the message: It can be used to sign a message, verify its author, and validate the integrity of the message.?

End-to-end encryption is today the gold standard for protecting data transfers. That’s why more and more communication services are implementing this functionality to offer users safer data-transfer options.?

It follows that organizations seeking the highest levels of security must choose service providers that enable end-to-end encryption capabilities.?

Thanks for reading!

If you're interested in reading more about how to ensure compliance in your business, check out Penneo’s website, and follow us by subscribing to our email newsletter !

Subscribe and browse our previous newsletters and articles here .