mirror of
https://codeberg.org/openpgp/notes.git
synced 2024-11-27 10:02:06 +01:00
expand on hybrid concept
This commit is contained in:
parent
b9341d921e
commit
e1f0452ccd
1 changed files with 6 additions and 3 deletions
|
@ -128,7 +128,10 @@ Digital signatures in OpenPGP are used in two primary contexts:
|
||||||
(hybrid_cryptosystems)=
|
(hybrid_cryptosystems)=
|
||||||
## Hybrid cryptosystems
|
## Hybrid cryptosystems
|
||||||
|
|
||||||
[Hybrid cryptosystems](https://en.wikipedia.org/wiki/Hybrid_cryptosystem) merge the strengths of two distinct cryptosystems, capitalizing on their respective advantages:
|
OpenPGP uses a hybrid cryptosystem. [Hybrid cryptosystems](https://en.wikipedia.org/wiki/Hybrid_cryptosystem) combine the use of symmetric and asymmetric (public-key) cryptography to capitalize on the strengths of each.
|
||||||
|
|
||||||
- Public-key cryptosystem: used to securely exchange shared secrets, known as "session keys" in OpenPGP, across insecure channels
|
Within OpenPGP's hybrid system, so-called "session keys" are central. They are generated uniquely for each session and are instrumental in both encrypting and decrypting the actual message content, using the efficiency of symmetric-key cryptography.
|
||||||
- Symmetric-key cryptosystem: used to efficiently encrypt and decrypt long messages, leveraging an OpenPGP "session key" as the shared secret
|
|
||||||
|
Using asymmetric (public-key) cryptography, the session keys are also encrypted. This ensures that only the intended recipient, the holder of the corresponding private key, can decrypt and gain access to the session key. With the decrypted session key, they can then use the session key to decrypt the actual message.
|
||||||
|
|
||||||
|
OpenPGP's dual-layered security thus capitalizes on symmetric cryptography's speed and efficiency and asymmetric (public-key) cryptography's mechanism for secure key exchange.
|
Loading…
Reference in a new issue