So, why are there so many different types of cryptographic schemes? Why can't we do everything we need with just one? The answer is that each scheme is optimized for some specific application(s).

**» Hash functions** : Hash functions are well-suited for ensuring data integrity because any change made to the contents of a message will result in the receiver calculating a different hash value than the one placed in the transmission by the sender. Since it is highly unlikely that two different messages will yield the same hash value, data integrity is ensured to a high degree of confidence.

**» Secret key cryptography** : Secret key cryptography is ideally suited to encrypting messages, thus providing privacy and confidentiality. The sender can generate a session key on a per-message basis to encrypt the message; the receiver, of course, needs the same session key to decrypt the message.

**» Public-key cryptography** : Public-key cryptography asymmetric schemes can also be used for non-repudiation and user authentication; if the receiver can obtain the session key encrypted with the sender's private key, then only this sender could have sent the message. Public-key cryptography could, theoretically, also be used to encrypt messages although this is rarely done because secret-key cryptography operates about 1000 times faster than public-key cryptography.

Figure puts all of this together and shows how a hybrid cryptographic scheme combines all of these functions to form a secure transmission comprising digital signature and digital envelope. In this example, the sender of the message is Shams and the receiver is Bello.

Combination of Encryption Techniques

A digital envelope comprises an encrypted message and an encrypted session key. Shams uses secret key cryptography to encrypt his message using the session key, which he generates at random with each session. Shams then encrypts the session key using Bello's public key. The encrypted message and encrypted session key together form the digital envelope. Upon receipt, Bello recovers the session secret key using his private key and then decrypts the encrypted message.

The digital signature is formed in two steps. First, Shams computes the hash value of her message; next, he encrypts the hash value with his private key. Upon receipt of the digital signature, Bello recovers the hash value calculated by Shams by decrypting the digital signature with Shams's public key. Bello can then apply the hash function to Shams's original message, which he has already decrypted. If the resultant hash value is not the same as the value supplied by Shams, then Bello knows that the message has been altered; if the hash values are the same, Bello should believe that the message he received is identical to the one that Shams sent.

This scheme also provides nonrepudiation since it proves that Shams sent the message; if the hash value recovered by Bello using Shams's public key proves that the message has not been altered, then only Shams could have created the digital signature. Bello also has proof that he is the intended receiver; if he can correctly decrypt the message, then he must have correctly decrypted the session key meaning that his is the correct private key.