An extract on #icedcoffee
The goal of Public Key Encryption (PKE) is to ensure that the communication being sent is kept confidential during transit.
To send a message using PKE, the sender of the message uses the public key of the receiver to encrypt the contents of the message. The encrypted message is then transmitted electronically to the receiver and the receiver can then use their own matching private key to decrypt the message.
The encryption process of using the receiver's public key is useful for preserving the confidentiality of the message as only the receiver has the matching private key to decrypt the message. Therefore, the sender of the message cannot decrypt the message once it has been encrypted using the receiver's public key. However, PKE does not address the problem of non-repudiation, as the message could have been sent by anyone that has access to the receiver's public key.
The binding between a public key and its "owner" must be correct, or else the algorithm may function perfectly and yet be entirely insecure in practice. As with most cryptography applications, the protocols used to establish and verify this binding are critically important. Associating a public key with its owner is typically done by protocols implementing a public key infrastructure these allow the validity of the association to be formally verified by reference to a trusted third party in the form of either a hierarchical certificate authority (e.g., X.509), a local trust model (e.g., SPKI), or a web of trust scheme, like that originally built into PGP and GPG, and still to some extent usable with them. Whatever the cryptographic assurance of the protocols themselves, the association between a public key and its owner is ultimately a matter of subjective judgment on the part of the trusted third party, since the key is a mathematical entity, while the owner and the connection between owner and key are not. For this reason, the formalism of a public key infrastructure must provide for explicit statements of the policy followed when making this judgment. For example, the complex and never fully implemented X.509 standard allows a certificate authority to identify its policy by means of an object identifier, which functions as an index into a catalog of registered policies. Policies may exist for many different purposes, ranging from anonymity to military classifications.
Robert Frost, Poetry
Eugene O'Neill, Drama
Robert E. Sherwood, Drama (3) and Biography
Edward Albee, Drama
Archibald MacLeish, Poetry (2) and Drama
Edwin Arlington Robinson, Poetry
Carl Sandburg, Poetry (2) and History
Robert Penn Warren, Poetry (2) and Fiction
Thornton Wilder, Drama (2) and the Novel