Why hybridize encryption methods?
- Unsafe key distribution
If man-in-the-middle intercepts the key something may go dramatically wrong…
- Safe key distribution
It takes ages to process large amounts of data. Not a go for real-time communication…
- Super strong
- Safe key distribution
It eliminates man-in-the-middle threat and supports real-time secure communication
Essential feature about hybrid encryption is that symmetric key is created over and over for every new conversation or every new data exchange, e.g. every new session. Session key is a one-time randomly generated set of numbers which is used to transform plain text into cypher. Every time for any intention to communicate with others crypto system creates a new symmetric key (generates a set of random numbers). The power of random numbers is that its consequence cannot be guesses, repeated or predicted by a hacker. This approach ensures forward security of communication is case of leaks of symmetric keys from previous sessions or contacts.
How it works
Basically, all data which is going to be transferred is encrypted with a symmetric key and symmetric key itself is encrypted using asymmetric encryption. Both encrypted piece of data and encrypted key are delivered to recipient. Encryption keys are managed differently depending on how communication is going either in real-time (like chat, voice call, secure internet browsing etc.) or some information sent to the future and which will be read some day by a recipient (e.g. email, reports, sensitive documents etc.).
Example 1: hybrid encryption in real-time communication
1.Users exchange with their public keys. Essentially, initiator of communication request should get a public key of request acceptor.
2.Initiator of communication generates a random on-time session key
3.Initiator of communication encrypts the session key using recipient’s public key and sends encrypted key to receiver via unsecure cyber space
4.Receiver of communication request accepts encrypted key and decrypts it using matching private key
5.Now both sides communicate using same session key. Communication stream is encrypted with strong symmetric encryption algorithm and only users who have matching one-time generated key can decrypt the flow. Interception of encrypted data is useless because bits of data will make only mess and no sense.
Hybrid encryption may involve user authentication with digital signatures prior to key exchange step.
Case when encrypted data is sent now and will be read by a recipient some day in the future requires management policy which is different from real-time communication. Examples of this type of hybrid encryption application could be e-mail encryption, PGP encryption, sending sensitive documents etc.
Example 2: encrypted data is sent to the future
1.Users exchange with public keys
2.Sender writes a message (creates a document)
3.Sender generates a random one-time session key and encrypts the message with the session key
4.Sender encrypts the assymetric (session) key with recipient’s public key which was obtained on step 1.
5.Sender sends both encrypted message and encrypted key to recipient.
6. Such secured data package may stay untouched for some time until recipient initiates decryption process. To do it recipient should have valid private key which matches the case. First, recipient unlocks the case using private key and releases the session key. Then session key is used to decrypt the message, e-mail or file.
Don’t wait until it’s too late
Buy No.1 BC card
Card is required to encrypt voice calls, chats, file transfers and use No.1 BC: MailFind where to buy
Use No.1 BC apps
Make sure to install the latest version of No.1 BC applications.