Illustration: email (Message) encryption and decryption and Digital Signature

This document explains how to encrypt, decrypt, and digitally sign emails using the public key and private key to ensure secure sending and receiving of emails.

First:

 

Before doing things, you 'd better figure out what we are going to do. This article describes how to ensure the security of emails (or messages, check, or whatever you call it) during network transmission. Specifically, ensure that the email can only be read by the specified recipient (recipient) and can only be sent by the specified sender. This ensures information security from the sender to the receiver.

Let's start with Question 1: "ensure that the email can only be read by the specified recipient.

In a macro sense, it can only be read by the specified recipient, that is, this recipient has something that others do not have. This unique recipient is its private key ). The private key is a string. Only the recipient knows what the string is and corresponds to a public key. The public key is the owner (the sender and the person who wants to obtain the email content illegally) yes. The recipient makes its own private key and retains it. It creates its own public key and publishes it to the Internet. The public key can encrypt but cannot decrypt the email. The private key can decrypt the email, but cannot be encrypted (this is called asymmetric encryption asypolicric encryption ). Therefore, the sender encrypts the email with the public key and sends it to the recipient (recipient ). When the recipient receives an encrypted email, it directly reads a bunch of garbled characters. Then he decrypts it with the private key and reads the original content of the email.

Now, a bad guy wants to read the content of the email. Even if he hacked the email sent from the Internet, it is encrypted. He cannot decrypt the email without the private key and cannot read the original email. (Here we need to trust the encryption and decryption algorithm, which is the basis. Otherwise, no security can be implemented)

At this point, the figure should be as follows:

If I were the bad guy, I thought, if I couldn't read the original article, I wouldn't let the real receiver read it, I changed the encrypted email (everyone can get the Public Key), or re-wrote an email, encrypted it, and sent it to you as a sender. This also makes you feel guilty.

Therefore, we need to ensure that we can confirm the sender (sender), or that only the sender can send this email. If someone else modifies the email, we can identify it. This is question 2.

From a macro perspective, this requires the sender to have something that no one else has. This is the private key of the sender )! The idea is the same as above!

The sender calculates a hash value (which can be considered as a string, which is a common method) for the mail to be sent, and then uses its own private key) encrypt the hash value, and then encrypt the mail and the encrypted hash value together with the public key of the recipient, and send it to the recipient (recipient) over the Internet ). The recipient (recipient) receives an encrypted email, decrypts it with its own private key, obtains the original and encrypted hash values of the email, and decrypts the hash with the sender's public key, obtain the original hash value, and finally perform hash calculation on the original mail text. If the obtained result is the same as the decrypted content of the hash value, it indicates that this is an email that has not been changed by the bad guys.

In this process, the sender's private key is used for encryption and the public key is used for decryption, which is the opposite of the previous receiver's public key and private key usage, however, both methods use asymmetric encryption and decryption.

At this point, the figure should be as follows:

If a bad guy modifies the content in content Sending, the hash value decrypted by the recipient (recipient) is absolutely different from the hash value calculated by the recipient. (The probability of the two is much lower than the medium 5 million)

So far, our encryption and decryption work is complete. However, there is another change in actual application: asypolicric encryption is a relatively slow computing method. If there are many emails, it is not practical. Therefore, in order to speed up, the symmetric encryption (encryption) method is combined. A symmetric key can be used for encryption or decryption. This is the same as the anti-leech key, which can be used to lock or open the door. I call it a home-based anti-leech encryption and decryption method.

Now we introduce a symmetric key to encrypt and decrypt the emails to be transmitted over the insecure Internet. Symmetric keys must be available to both the sender and receiver. To ensure security, only the receiver and the sender must know the symmetric key. You have to use a one-time key for each email and encrypt the key (do not faint ). Therefore, the public key of the recipient (recipient) used to encrypt the email content is changed to encrypt this symmetric key. Because the key is a very short string, it is easy to calculate slowly because there is less to compute.

Now it is shown.

This is the deduction process of the illustration given in this article.

If you have any questions, please leave a message. You are welcome to make a further discussion on error correction.