I was overwhelmed after reading about public cryptography, encryption, decryption, and algorithms.
The crux of my CISSP articles series is to blend technical concepts with a form of storytelling, fiction and perspective.
“What’s the creative way to understand public cryptography?” I asked myself.
An idea emerged with a simple question.
Can Batman and Joker be best buddies?
As peculiar as it sounds, watching the contrast and chemistry between my favourite superhero and supervillain would be interesting. Until I develop my own story, at least in this article, I can establish a long-lasting, secure friendship to understand public cryptography.
My usual disclaimer is to disregard the logic as Batman and Joker are merely metaphors.
Imagine the college campus where all the superheroes and villains gather for experimental studies. It’s not like a typical campus where we find a friendly environment. Each individual has their unique value, power and belief. Therefore, the usual vibe on the campus is like trust nobody.
From the above context where everybody feels insecure and nobody speaks with anyone, how can we establish a friendship between Batman and Joker?
Let’s start with understanding the public key and private key.
All the superheroes and villains have a cup of drink as a public key and sugar cubes with a hidden spoon as a private key. Everybody knows each other’s glass (public key).
Batman likes tea. Joker loves coffee.
All superheroes and villains are comfortable distributing their public keys. We don’t need to consider security for the public key. However, that’s not the case with the private key.
Batman and Joker know about each other’s drinking preferences (public key). However, Batman doesn’t know how many sugar cubes Joker prefer? Or What kind of spoon he has (wooden or metal). Above all, how many times does he stir? All of these things are private. Joker also has no idea about Batman’s combination. How can they start the conversation?
First, Batman will encrypt his message (“You wanna watch a movie tonight?”) with Joker’s public key. Imagine, Batman dips a marshmallow inside Joker’s coffee. Now, Batman cannot take this marshmallow out. Only Joker can take this out using his wooden spoon.
Once the sender encrypts the message with the recipient’s public key, even the sender can not decrypt it. Only the recipient can decrypt the message with the private key.
All the superheroes and villains can see Joker’s coffee cup. However, nobody can take out that marshmallow or drink that coffee as nobody has a wooden spoon and is unaware of the combination. That means no one has Joker’s private key except Joker.
The Joker looks at his favourite drink. He takes out two and a half sugar cubes from his pocket and stirs with his wooden spoon precisely seven times. He takes out the marshmallow from the coffee. In other words, he decrypts the message using its private key. It reads – “You wanna watch a movie tonight?”
The Joker smiles and looks around to find Batman’s tea (Batman’s public key). He adds a few mint leaves (encrypts a new message) in the tea. Some superheroes’ curiosity arises. They tried to look deep inside the tea, but no one could drink. Only Batman knows how to take that mint (message) out.
The Batman looks at the tea. He takes out one sugar cube from his pocket and stirs with his metal spoon precisely three times. He takes out mint leaves from the tea. That means Batman decrypts Joker’s message with his private key. It reads – “Sounds great. See you at 9 PM.
The whole point of this security circus is protecting data confidentiality, especially when dealing with an unsecured channel to establish secure communication.
Two important things to remember:
- The sender encrypts the message using the receiver’s public key.
- The receiver decrypts the message using its private key.
My favourite superhero and supervillain meet finally.
The best part?
Nobody knows about their secret friendship.
Which movie did they see together? Let me know in the comments.
Let’s continue their company to a new level to understand data integrity using Digital Signatures.