Securing communication over the internet using RSA is computationally costly. If your server needs to handle thousands of concurrent users to validate multiple requests per session, it becomes impractical to keep response times reasonable.
Symmetric encryption is less computationally costly, but creates the challenge of synchronizing the secret between client and server. It’s therefore possible to utilize RSA to securely communicate a symmetric key shared between each unique client and server.
- A public/private keypair is generated by the client. In Node.js, it’s most practical to use the OpenSSL executable bundled with the installation. The public key is sent to the server to request a new session.
- The session is created as a GUID (globally unique identifier) and encrypted with the transmitted public key. Since RSA is a two-step encryption/decryption, the public key can be known publicly by eavesdroppers without comprising the privacy of communications.
- The publicly encrypted session secret is then sent back to the client and decrypted with the private key. The session secret is now known between both server and client.
- Using a symmetric encryption algorithm like AES-256-GCM, sensitive data can be secured with the session secret and sent across an eavesdroppable network.
- The server receives the encrypted data and is able to decrypt it using the session secret. If need be, this process can be reversed where the server encrypts data using the session secret and the client could decrypt it.
Differentiating Asymmetric/Symmetric/RSA Cryptography
Understanding the differences between asymmetric/symmetric/RSA encryption is trivial enough. An asymmetric cryptogram is a one-way hash. Once the value is converted, it cannot be undone. You typically use this for passwords, such that if the accounts database is compromised, the passwords cannot be read in plaintext. A salt is an arbitrary and usually random string added to each password such that if all accounts are compromised then a brute force attack’s work cannot be reused across accounts.
A symmetric cryptogram is typically what we think of with cryptography. A secret key encrypts a message that can safely be sent publicly because it’s without the key the message cannot be read.
Symmetric cryptography becomes problematic when communicating the secret key must be done with a computer over an insecure network. RSA is a category of algorithm that generates a two-step encryption. In other words, the pattern
encrypt(message, key1) and
decrypt(encrypt(message, key1), key2) must be followed to decrypt a message. With this mathematical relationship,
key1 can be shared over a network without compromising secrecy. Likewise, since
encrypt(message, key1) is only dicipherable with
key2, the encrypted message is safe to send over the network.
A hybrid cryptosystem sounds fancy, but it’s simple. RSA is used to communicate a secret key, and every subsequent communication utilizes symmetric encryption.
|Asymmetric||Symmetric||Public-Key Cryptographic Systems|
|Example Input||somePassword||Secret message in a bottle||theKeyToMy<3|
|Processed Input||somePassword_0d282a18-9a6e-11e7-abc4-cec278b6b50a||Secret message in a bottle83ba65c977849f45||21e32b85abab6d8f1e42d91b0319feecd23f555e20ac7693cae7dac779de60be|
|Typical Usage||Password Storage||Sharing secret data||Key exchanges|
Nonce’s, Timestamps and Sharding
At least three other concepts are important for cryptographic systems. Encrypted messages created with an initialization vector create a similar impact to salts in an asymmetric cryptosystem; they become harder to brute force. Furthermore, a HMAC (hash-based authentication code) can be generated to verify integrity of symmetrically encrypted message. HMAC’s are similar to CRC’s except that the HMAC requires a HMAC to be generated by both parties using the shared and secret key, whereas a CRC is calculated by a message only.
While the HMAC can be brute-forced such that a message be modified and such that two HMAC’s match regardless of the shared secret, this is computationally costly. By utilizing nonce’s and enforcing timed expiration on messages, it becomes computationally impossible to 1) brute-force a message within the expiration time (such that a forged request cannot be submitted hours later) 2) build a lookup table to increase tampering efficiency over time (since every message is uniquely impacted by its nonce).
Finally, sharding techniques include distributing authentication mechanisms across machines. In order for authentication to occur, multiple machines must verify a credential. Two-factor authentication is an easy of example of this. Both a phone and a computer must be used to verify a credential. This technique relies on differing security models for each system and the number of systems used. Compromising a sharded authentication system requires virtualizing more devices (e.g. a cell phone OS and a desktop OS) and this exponentially increases the costs of exploitation since virtualization always is subjected to the underlying system changing and running a cluster of computers is generally more difficult than operating a single process/instance.
A StackOverflow expert explains the importance of salts and provides a glimpse into the mathematical complexity of describing cryptographic systems.
Blockchain utilizes asymmetric encryption to create a “block” which is the unit of currency for Bitcoin. The theory is that it’s computationally many times easier to verify a set of asymmetric hashes than it is to generate an asymmetric hash that satisfies the sequencing requirement of blockchain.
Finally, Google recently proposed distributed machine learning where users belonging to a cluster of computers could be certain of guaranteed privacy across a set of machines. They coined the term for this combination of encryption/machine learning computation/and sharding as “federated learning”.