EDUCATE

What is Encryption? What are digital signatures?

Descriptions for the Layperson

Scytl

Published in

EDGE Elections

4 min readMay 12, 2021

Alice and Bob are probably the most famous couple used to explain how cryptography works. Let’s assume that Alice wants to communicate with Bob, but there is also a third person, Eve, who wants to eavesdrop on their conversation. Alice and Bob will use cryptographic mechanisms like encryption and digital signatures to prevent Eve from reading or manipulating the transmitted message.

Encryption

Encryption has a long history, starting with the ancient Greeks and Romans and continuing into the present day. The main objective of encryption is to provide confidentiality by making transmitted messages unreadable using some secret information. Only those who know this information, like Alice and Bob, can read the message. We usually refer to the original message as the plaintext and to its unreadable form as the ciphertext.

The operation that converts a plaintext into a ciphertext is called encryption, and the process that turns a ciphertext back to a plaintext is called decryption. These two operations require the usage of secret information, sometimes called a key. Depending on the number of keys used, we can differentiate between symmetric encryption (the same key is used to encrypt and decrypt)and asymmetric encryption (the keys used to encrypt and decrypt are different).

Symmetric encryption

In symmetric encryption, the symmetry lies in the fact that both the sender and receiver of the ciphertext hold the same key, which is used for encryption and decryption. Imagine that Alice wants to send a letter to Bob but she does not want Eve to be able to read the message. For this reason, she puts the letter into a box and locks it with a key. The locked box is sent to Bob, who has a copy of the same key, previously given to him by Alice. He opens it and reads the letter.

The main limitation of symmetric encryption is that copies of the key must be previously distributed in a secure way since anyone having this key will be able to decrypt the message. For example, if Eve was able to obtain the key and intercept the letter before Bob received it, she would also be able to unlock the box and read the message. Furthermore, she would be able to put the letter back into the box, lock it, and resend it to Bob, so no one would know that she read the message. One way of solving this issue is to use asymmetric encryption.

Asymmetric encryption (or public-key encryption)

This time, Alice and Bob have their own padlocks which can be locked with their corresponding keys. They leave their open padlocks in a public place, but keep the keys to themselves. Of course, Bob’s padlock cannot be opened with Alice’s key and vice versa. When Alice wants to send a letter to Bob, she puts the letter in a box and locks it with Bob’s padlock. When Bob receives the box, he uses his key to open the padlock and retrieve the letter.

The main advantage of asymmetric encryption is that the sender and receiver do not need to share a key. Since the key used for encrypting is public, anyone can encrypt a message, but only those who have the corresponding private key can decrypt it. Because of this, if Eve were to intercept the box secured with Bob’s padlock, she would have no way to unlock it and read the message inside. However, since Bob’s padlock is publicly available, Eve could theoretically write her own message and lock it in a box with Bob’s padlock. How, then, would Bob know whether a message was sent and encrypted by Alice or by Eve?

Digital Signatures

Digital signatures work similarly to written signatures and provide integrity, authenticity and non-repudiation to the transmitted message. When Alice sends a signed message to Bob, he can check the signature and verify that the message has not been modified during the communication (integrity), and that it comes from Alice (authenticity). Also, Alice cannot deny that she sent the message (non-repudiation). To prevent someone from forging a digital signature, the scheme used is also asymmetric, with two keys: a private key used to compute the signature and a public key used to verify it. In this way, anyone can verify a signature, but only those who have the private key can sign a message.

So, even if Eve were to lock a message in a box with Bob’s padlock, she would not be able to sign the message as Alice. When Bob unlocks the box with his private key, he will see that it is not signed by Alice and would therefore be suspicious of its contents.

Using a combination of encryption and digital signatures is an incredibly secure method for sending private messages. For this reason, these tools are necessary for many digital processes, and are the core of what makes online voting possible. To learn more about how digital signatures and encryption are used during an online election, check out this article. For a more in-depth description of encryption, digital signatures, and many other security measures used to protect online voting technology, take a look at our Security Table of Online Voting, available in our resource center.

This article was written by Núria Costa, Cryptography Researcher at Scytl.