Javascript is disabled. Please enable Javscript for the buttons below to work.

# Cryptosystem Demo

We use cryptosystems to send secret messages and to read them. This demo lets you send and receive secret messages using two kinds of encryption: Symmetric-Key Encryption and Public-Key Encryption. Be aware that this demonstration does not use real encryption algorithms. If you really need to send secret messages, be sure to use a real cryptosystem.

## Symmetric-Key Encryption

Like traditional door locks that use one key for both locking and unlocking a door, Symmetric-Key Encryption uses one key for both encrypting and decrypting a message.

Follow these steps to send a secret message to someone. First, think who you want to send a message to. It needs to be someone whom you can securely send a Symmetric Key to. (That's one of the disadvantages of Symmetric-Key Encryption: you need to find a secure way to distribute your Symmetric Key before you can send a message!)

### Step 1: Generate a Symmetric Key

The first step in sending a secret message is to generate a Symmetric Key. Do this by pressing the button below.

You and the recipient of your secret message both will use this key, and so you need to securely send it to the recipient of your message. But since this is just a demo, you can send this Symmetric Key any way you like. Normally, you never would use email to send a Symmetric Key!

### Step 2: Encrypt a Message

Here's how to encrypt a message before sending it to someone else. If you just received a message, then follow the next step instead. We call your message the plaintext. Enter the plaintext of your message and your Symmetric Key. Then press the button to encrypt the plaintext of your message into its ciphertext.

 Plaintext of Message: Symmetric Key: Ciphertext of Message:

Send the ciphertext to your recipient. They will follow Step 3 to decrypt the ciphertext using the shared Symmetric Key that you and they already have.

### Step 3: Decrypt a Message

Did you just receive a message from someone else? Then follow this step. If you are sending a message, then follow the previous step instead. Here you decrypt the message using the Symmetric Key. We call the encrypted message the ciphertext. Enter the ciphertext of the message followed by your Symmetric Key, and press the button to decrypt the ciphertext of the message into plaintext.

 Ciphertext of Message: Symmetric Key: Plaintext of Message:

### Practice

1. Generate a Symmetric Key and share it with a friend.

2. Using your shared Symmetric Key, see if you and your friend can send and read short encrypted emails by copying and pasting text with Steps 2 and 3 above.

In the previous section you should have been able to use the same Symmetric Key to encrypt and decrypt messages. In the next section you use Public-Key Encryption. This kind of cryptosystem really should be called Public/Private-Key Encryption because you use a matched pair of keys: one key that you keep to yourself and another key that you send to others freely. But the industry calls this technique just Public-Key Encryption—probably because it's unexpected that any key that is public could help with security in any way.

## Public-Key Encryption

Remember how in the previous section you needed to find a secure way to send your Symmetric Key to the recipient of your message? Public-Key Encryption solves the key-distribution problem!

### Step 1: Generate a Key Pair

Generate a pair of matched keys by pressing the button below. You will get a Public Key and a Private Key. You will keep the Private Key to yourself. Unlike the Symmetric Key of the previous section, you never send your Private Key to anyone! The Public Key, however, can be seen by anyone.

 Public Key: Private Key:

Record these two keys in a safe place.

Public and Private Keys are unusual: any message that is encrypted with one of them can be decrypted with the other. However neither key acts like a Symmetric Key. That is, a message never can be decrypted using the same key that encrypted it.

These keys are used differently depending on what you want to do. You can send a secure message, or you can sign a message. While deciding which key to use for what, remember what I just said, "You never send your Private Key to anyone!" When encrypting and signing, you need to consider the order. Let's look at all of the possibilities.

### Step 2a: (Optional) Sign a Message

Before sending a message, you may want to sign it. By signing a message you are proving to your recipient that the message has come from you. You sign plaintext by encrypting it using your Private Key.

 Plaintext: Sender's Private Key: Signed Message:

How is this secure? Anyone can get your Public Key and decrypt the ciphertext! Yes, and that's the point. Signing a message does not protect it. After you sign a message with your Private Key, anyone can show that the message must have been signed by you because they can decrypt it using only your Public Key.

### Step 2b: Encrypt a Message

When sending a message to someone, encrypt it using their Public Key. Remember that a message never can be decrypted using the same key that encrypted it, and so once a message is encrypted with someone's Public Key, it can be decrypted only using the matching Private Key.

 Plaintext or Signed Message: Recipient's Public Key: Ciphertext:

Send the ciphertext to your recipient. They will follow Step 3 to decrypt the ciphertext.

### Step 3a: Decrypt a Message

Did you just receive a message from someone else? Then follow this step. If you are sending a message, then follow the steps 2a and 2b instead. The sender already has encrypted the message using your Public Key, and so you decrypt it using your Private Key.

 Ciphertext: Recipient's Private Key: Plaintext or Signed Message:

If you still can't read the decrypted message, it may be signed. So go to the next step.

### Step 3b: (Optional) Verify a Signature

Someone claims that they have sent you a message? Confirm their signature by decrypting the message using their Public Key.

 Signed Message: Sender's Public Key: Plaintext:

Realize that when we say we "verify a signature," really we are removing a layer of encryption from the entire message. There is no separate signature appended to the message—a signature in the form of encryption has been applied to the entire message.

The four steps 2a–2b and 3a–3b above are not all applied to each message! Instead, you apply the steps depending on what you need to do. When sending a signed message, you do steps 2a and 2b, in that order. When receiving a signed message, you do steps 3a and 3b, in that order. Consider for a moment why the order is important.

Step 2a signs a message, and step 2b protects the message and the signature. So the protection must be applied second. Similarly, when decrypting someone else's signed message, their signature is protected along with the message, and so you decrypt the ciphertext first, and then you verify their signature.

Consider what could happen if you encrypted a message first and then signed it. Signing last is a bad idea because someone could remove your signature and then add their own, claiming that the message came from them. So we always encrypt last.

### Practice

3. Generate a public/private key pair, and share just the Public Key with a friend.

4. Have your friend do the same, sharing just their Public Key with you. At this point, you each have your own Private Key and the other's Public Key.

5. Exchange unsigned messages. The sender uses just step 2b, and the recipient uses just step 3a.

6. Note that you can't decrypt a message unless you use the proper key. Encrypt a message to your friend using their Public Key, but don't send it yet. Can you decrypt the ciphertext using their Public Key?

7. Now exchange signed messages. The sender uses steps 2a and 2b, and the recipient uses steps 3a and 3b.