Safe Key Distribution
Normally, the big drawback with symmetric cryptograms, which Power Crypto is an example of, is the problem of key distribution. Because the same key is used for both encryption and decryption, the key has to be delivered in some way to the receiver of the encrypted message. This distribution has to be done in a secret way, to protect anyone from getting hold of the key. Normally, this means that the Internet cannot be used, and hence, the distribution is a major drawback.
However, for a few symmetric cryptograms, and Power Crypto is one of these, there exist a safe way to distribute the common keys between the users, over the Internet. This method will be described in general here and specifically how to do it using Power Crypto.
The general idea can be described without any references to cryptograms.
Imagine that Bob writes down a secret message and want to send this to Alice using the ordinary mail system. He does not trust the post office so he puts the message in a steel box, locks it with a padlock (which only he has the key to) and mails the whole thing to Alice. Now the message is safe delivered in the sence that no one can read the message on its way to Alice. Unfortunately, not even Alice can read it, because she has not a copy of Bob's key. However, Alice is smart, she locks the box with another padlock, which only she has the key to, and returns the box to Bob. He removes his padlock and sends it back to Alice, and, now she can open the box because it is now locked with only her padlock.
The message was sent three times but locked (read ''encrypted'') every time. Note that, in fact, no key was delivered at all, in spite of the fact that the padlocks are symmetric (the same key is used for locking and unlocking). This principle may be used for every message, but because of the three sendings needed for each message, it is more practical to do as follows: Bob gets hold of another padlock with two identical keys. He delivers one of these keys in the box instead of the message, in the same way as above. Now Bob and Alice can send secret messages between them locked by the new padlock which they both a the key to. Their original private padlocks are not needed any more, at least not until they find their common padlock insecure and want to replace it by a new one.
This is the principle of how to deliver a common symmetric key in a safe way.
Why the principle only works for a few symmetric cryptograms
The principle described above seems to be very elegant, so why isn't this procedure used more often?
The key point is in the order things are done. Padlocks may be locked and unlocked in any order, but encryption algorithms may be sensible for this. In general, if something is encrypted more than one time, it should be decrypted in the reverse order. Here, this is not the case. Bob starts with his encryption followed by Alice's encryption. The decryption goes in the same order; first Bob then Alice. Most powerful symmetric cryptograms do not only encrypt each character one by one independently of all other characters. However, this will also prevent those algorithms from being run in arbitrary orders. Here, Alice has to start decrypting and Bob finishing the work, but doing it this way will spoil the principle above.
Also Power Crypto makes use of advanced techniques, preventing it from being used with the principle above. However, these advanced techniques are called Diffusion and Permutations, and may be switched off in the program. Doing this will enable the program for the principle above.
But will this not make the encryption of the key less secure? Well, yes a bit, but if the Key Generator in the program is used and very long keys are generated, the security level may be satisfactory anyway.
How to do it using Power Crypto
There are a number of steps to follow to use Power Crypto to safely distribute keys. They are presented below, first shortly, then in detail.
1. The sender (let's call him Bob) creates two keys, one private and one that will be the common key with the receiver (let's call her Alice). He saves the common key in a file.
2. Bob switches off both Diffusion and Permutations for files.
3. Bob encrypts the file containing the common key, using his private key. He sends the file to Alice, for example using email.
4. Alice creates her own private key and switches off both Permutations and Diffusion for files.
5. She encrypts the file she got from Bob, using her own private key, and returns the result to Bob.
6. Bob decrypts the file from Alice, using his private key, and sends the output to Alice.
7. Alice decrypts the file from Bob, using her private key.
8. Alice opens the decrypted file and copies the key into Power Crypto.
9. Both Bob and Alice switch on the Diffusion and Permutations for files.
Now Bob has sent Alice a symmetric key without the risk that anyone might have got hold of the key during the distribution.
Detailed comments to the description above
The best way to create keys is to use the built in Key Generator. For a description of this, see Normal Use
. After the private key and the common key are created, the latter should be copied and saved in a file. To be able to copy the common key, you might have to select it in the Nicknames, keys & password
window and click at the Modify
Select the key, for example by hitting the tab button on the keyboard a couple of times, and copy the key (Ctrl+C). Open a new file, for example by starting Notepad, and paste in the copied key (Ctrl+V). Save the file on a suitable place and give it a suitable name, for exampe C:\Temp\Bob's and Alice's common key.txt.
Now switch off both Diffusion and Permutations for files, which is done in the following way. Use the Options menu in the program to select Diffusion. Choose None in the right frame that is labelled File and click Save.
Next choose Permutations in the Options menu and choose 0% as degree of randomness in the right frame labelled File and save the change.
Note that these changes are not default and that there exist buttons on both of these windows that can reset the changes to the default values. These should be used, together with the save buttons, to switch on Diffusion and Permutations for files later when the key is distributed and it's time to do encryption/decryption of ordinary messages/files.
Now it is time to encrypt the newly created common key. In our example, Bob encrypts the file containing the Bob's and Alice's common key, stored in a file, for exampe C:\Temp\Bob's and Alice's common key.txt, and encrypted using Bob's private key. Use the button labelled Browse for Input Files.... in the frame labelled Plain Files, choose the correct key, here with nickname Bob's private key, and start the encryption. The file with the common key is now encrypted and can be safely distributed to the receiver (Alice), for example as an attached file in an e-mail.
Alice receives the encrypted file from Bob, but cannot decrypt it yet, because she hasn't access to Bob's private key. Instead, she creates her own private key, in the same way as Bob created his private key. Let's call her key Alice's private key. Now she has to switch off Diffusion and Permutations for files in the same was as above. When this is done, she encrypts the file she got from Bob, with her private key, in the same way Bob encrypted the file. Finally she sends the output to Bob.
Now Bob receives the file which is encrypted by both his and her private keys. He removes his encryption by decrypting the file using his private key. He locates the file using the Browse for Input Files... located in the frame labelled Encrypted File and start the decryption. When finished, he sends the output once again to Alice and switches on the Diffusion and Permutations for files, as described above, using the reset buttons.
Finally, Alice receives the file containing their common secret key, now encrypted with only her private key. She decryps the file using her private key, opens the decrypted file, for example using Notepad, selects and copies the input. She then enters the Nicknames, keys & password window, by clicking at the key button in the program, clicks at the New button, enters a nickname, for example My and Bob's common key, removes the text in the Key field and pastes in the copied key from the file. She saves the new key and closes the window. At last, she switches on the Diffusion and Permutations for files in the same way as above.
Now Bob and Alice has the same common key, perhaps labelled with different nicknames, but that is irrelevant. The key has been distributed over the Internet but in a safe way, because it has always been encrypted by at least one of their private keys that they have kept for themselves. This showes how Power Crypto may be used in a similar way the much more complicated and slower asymmetric cryptograms work. The big disadvantage of symmetric cryptograms, the key distribution, has been reduced to a few practical steps.