Public Key Encription

Topics: Cryptography, Public-key cryptography, Pretty Good Privacy Pages: 6 (1636 words) Published: December 13, 2008
1)How does the public key cryptography work? Explain in detail?

1.Public-key, what it is

Public-key refers to a cryptographic mechanism. It has been named public-key to differentiate it from the traditional and more intuitive cryptographic mechanism known as: symmetric-key, shared secret, secret-key and also called private-key.

Symmetric-key cryptography is a mechanism by which the same key is used for both encrypting and decrypting; it is more intuitive because of its similarity with what you expect to use for locking and unlocking a door: the same key. This characteristic requires sophisticated mechanisms to securely distribute the secret-key to both parties2.

Public-key on the other hand, introduces another concept involving key pairs: one for encrypting, the other for decrypting. This concept, as you will see below, is very clever and attractive, and provides a great deal of advantages over symmetric-key:

• Simplified key distribution
• Digital Signature
• Long-term encryption

However, it is important to note that symmetric-key still plays a major role in the implementation of a Public-key Infrastructure or PKI.

1.1A definition

Public-key is commonly used to identify a cryptographic method that uses an asymmetric-key pair3: a public-key and a private-key 4. Public-key encryption uses that key pair for encryption and decryption. The public-key is made public and is distributed widely and freely. The private-key is never distributed and must be kept secret.

Given a key pair, data encrypted with the public-key can only be decrypted with its privatekey; conversely, data encrypted with the private-key can only be decrypted with its publickey. This characteristic is used to implement encryption and digital signature. Both encryption and digital signature principles are illustrated in Figure 1 and Figure 2.

1.2Encryption and Decryption

Encryption is a mechanism by which a message is transformed so that only the sender and recipient can see. For instance, suppose that Alice wants to send a private message to Bob. To do so, she first needs Bob’s public-key; since everybody can see his public-key, Bob can send it over the network in the clear without any concerns. Once Alice has Bob’s public-key, she encrypts the message using Bob’s public-key and sends it to Bob. Bob receives Alice’s message and, using his private-key, decrypts it.

Figure 1: Encryption/Decryption principles

1.3Digital Signature and Verification

Digital signature is a mechanism by which a message is authenticated i.e. proving that a message is effectively coming from a given sender, much like a signature on a paper document. For instance, suppose that Alice wants to digitally sign a message to Bob. To do so, she uses her private-key to encrypt the message; she then sends the message along with her public-key (typically, the public key is attached to the signed message). Since Alice’s public-key is the only key that can decrypt that message, a successful decryption constitutes a Digital Signature Verification, meaning that there is no doubt that it is Alice’s private key that encrypted the message.

Figure 2: Digital Signature/Verification principles

1.4Beyond the principles

The two previous paragraphs illustrate the encryption/decryption and signature/verification principles. Both encryption and digital signature can be combined, hence providing privacy and authentication. As mentioned earlier, symmetric-key plays a major role in public-key encryption implementations. This is because asymmetric-key encryption algorithms5 are somewhat slower than symmetric-key algorithms6. For Digital signature, another technique used is called hashing. Hashing produces a message digest that is a small and unique7 representation (a bit like a sophisticated checksum) of the complete message. Hashing algorithms8 is a one-way encryption, i.e. it is impossible to derive the message from the digest. The main reasons for...
Continue Reading

Please join StudyMode to read the full document

You May Also Find These Documents Helpful

  • Public Key Infrastructure Essay
  • Essay on Public Key Infrastructure
  • Public Key Cryptography Essay
  • Public-key Cryptography and E-commerce Essay
  • Public Key Infrastructure Essay
  • Public Key Infrastructure Essay
  • Public Key Cryptography Essay
  • Essay about Public-key Cryptography and Access Control

Become a StudyMode Member

Sign Up - It's Free