Talk:Defense Message System
From Wikipedia, the free encyclopedia
[edit] Confusing Encryption
I believe the discussion above is confusing encryption schemes. 128 bit vs 1024 bit encryption isn't a straightforward comparison, because in this case the 128 bit key is a stream cipher, while the 1024 bit key is an asymmetric public key token. The two systems work very, very differently. While a stream cipher is used to encrypt a stream of data, as typically between Amazon.com and the home user, the 1024 bit asymmetric public key is used to establish mutual authentication. Generally, it works like this:
- two computers establish a connection, and decide to "talk" secure.
- using asymmetric keys, the two systems transmit their public keys to each other. At this point, the keys are usually then verified against a public Certificate Authority to see if they are good, trusted, current etc.
- System A then encrypts a challange phrase using its private key and transmits it to system B, which decrypts it using system A's public key. B then takes this decrypted message, encrypts it using its private key, and transmits the message to A, which decrypts it using B's public key. The process repeats, with B originating a challange phrase.
- In this way, the systems establish they both posess the private keys corresponding with their public keys, which have been verified with the Certificate Authority.
- The systems then establish a new session key, which is 128, 256 bits long etc. and is used in a stream cipher. Generally, both systems generate a random string of numbers, encrypt the stream with the other systems' public key, and transmit to each other. In this way, they ensure that only the holder of the private keys can know what the random numbers are. They both combine the randon numbers in a known manner, and from there, communicate using a stream cipher.
What are the differences?
A block cipher is generally much more secure, since there is only a private key, and it has no mathmatical relationship to any publically known information. As a result, 256-bit AES encryption is extremely secure, provided the key is kept secret.
Asymmetric key cryptography is different, in that there are two numbers generated that have a mathmatical relationship to each other. The public and private keys can encrypt traffic to each other that is decrypted with the other. For this reason, public-key cryptography is good for establishing trust, but the keys need to be much, much larger to ensure security.
This is quick crash course, so please search Wiki if you have any questions.
[edit] What...?!
Alright, I've removed that massive unwikified and poorly written text block. The 1st part of it was pure partizanry and the latter was not understandable. I also suggest that people here sign yourself. Thanx. 68.39.174.238 14:09, 21 June 2007 (UTC)