
The following procedure encrypts a message for transmission, providing the services of authenticity of origin,
authenticity of integrity, & confidentiality.
ENCRYPTION:
1. Generate session key
a. Asymmetrically encrypt session key with public key of recipient
b. This step provides CONFIDENTIALITY
2. Generate message hash value (message digest)
a. Asymmetrically encrypt hash value with private key of sender
b. This step provides digital signing which provides:
i. Authenticity of Origin
ii. Authenticity of Integrity
3. Symmetric encryption of message & encrytped hash
a. Using a product cipher, symmetrically encrypt the message content & encrypted hash value with the
session key
4. The transmitted message includes:
a. Aysemmtrically encrypted session key
b. Symmetrically encrypted message text
c. Symmetrically encrypted [asymmetrically encrypted hash] (encrypted 2x)
The following procedure decrypts a received message which has been prepared in order to provide the services of
authenticity of origin, authenticity of integrity, & confidentiality.
DECRYPTION:
1. Asymmetrically decrypt the session key
a. Using the recipient’s private key, decrypt the first received value to retrieve the session key
b. This step ensures confidentiality as the only person who can decrypt the message is the recipient.
2. Symmetrically decrypt message content and encrypted hash
a. Using the reverse product cipher, symmetrically decrypt the remaining received values with the
asymmetrically decrypted session key (found in step 1)
3. Asymmetrically decrypt the message hash
a. Using the public key of the sender, decrypt the encrypted message hash value
b. This step ensures authenticity of origin as the public key of the sender can only be used to decrypt
values that were encrypted with the private key of the sender.
c. This step inhereintly provides the service of non-repudiation
4. Verify the integrity using the hash value
a. Using the decrypted message content, generate a hash value from the received data
b. Compare the self generated hash value to the decrypted hash value (found in step 3)
c. If the two hash values are equal, the integrity of the message has been retained
d. This step ensures authenticity of integrity as the two hash values are equal