How encryption works
The mechanisms of public key infrastructures can also be used to encrypt data. This ensures that only authorised recipients are able to decipher and view files.
So-called symmetrical encryption procedures are used in combination with asymmetrical procedures to encrypt the data. A symmetrical procedure means that in contrast to algorithms such as RSA algorithms, no public and private keys exist, but the same key is used for encrypting and deciphering data.
The advantage of symmetrical encryption is that it is more powerful than asymmetrical procedures, demonstrated by the fact that even relatively large documents can be encrypted quickly.
The key distribution problem is solved by combining it with an asymmetrical procedure. If this procedure were not to be applied, the key for each encrypted document would have to be passed on to every person who is to decipher it as the message recipient.
With this combined procedure, a key is dynamically generated based on a random number generator and the document is encrypted using this generated key with a symmetrical algorithm. After this process, the dynamic key is encrypted with the recipient’s public key and sent to him.
If this document is to be deciphered, the generated random key is deciphered again using an asymmetrical procedure. The document can then be deciphered with the retrieved document key using the symmetrical procedure.
Combining the symmetrical and asymmetrical procedures also unites the advantages of symmetrical encryption (high performance) and asymmetrical procedures (simple key distribution using public key infrastructures).
The information about who is intended to receive the encrypted document is contained in a PKCS#7 data block. However, the document can only be deciphered if the recipient really is in possession of the private key.
