Computer Science Wiki

Search

SearchSearch

Asymmetric Cryptography

Sep 13, 20242 min read

Public-key cryptography also known as asymmetric cryptography, it is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Different from symmetric cryptography, which both sides share the same key or secret code, asymmetric cryptography eliminates the challenge of securely sharing the common keys, allowing encryption with one key and decryption with the other.

How does the key pair work

Alice wants to send Bob a message. Bob knows a private key (KPRIV,Bob) and a related but different public key (KPUB,Bob)

  1. Receiver Bob public key announcement
    • Bob announces his public key (KPUB,Bob) to the public, including Alice. This can be done openly, such as on a web page or in a public key repository.
  2. Encryption by sender Alice
    • Alice wants to send a confidential message (m) to Bob.
    • To encrypt the message, Alice uses an encryption algorithm (E) and Bob’s public key (KPUB,Bob)
    • The encryption process results in cipher text (c)
    • The cipher text c where c = E(m, KPUB,Bob)
  3. Decryption by Bob
    • Bob uses a decryption algorithm (D) with his private key to decrypt the message.
    • The decryption process can be description in mathematical terms
    • D(E(m, KPUB,Bob), KPRIV,Bob) = m

Note

The message sender Alice doesn’t need any secrete information. To send a confidential message to Bob. The public key of receiver Bob and the encryption algorithm are known to everyone. (1.2 Kerckhoffs principle)

Security of public keys

How can we protect the information about Bob’s public keys from attack, and get it securely to Alice?

  • If attackers can changes the website where Bob’s public key is stored, and put a different value there.
    • Attackers could then read messages intended for Bob
    • Attackers could prevent Bob reading messages intended for him (denial of service)

To prevent this, Bob can prove his identity to a mutually trusted third party, who issues a Digital Certificate that links Bob’s public key with their statement that they have been convinced of Bob’s identity.

Back to parent page: Network Security and Cryptography

Computer_networksNetwork_securityKey_pairPublic_keyPrivate_keyINFO1112 #Digital_certificateAsymmetric_cryptographyCertificate_Authority

Graph View

Backlinks