Public Key Cryptography
- Public key cryptography is a cryptographic system that uses two separate keys, one of which is secret and the other one is public.
- The algorithms used for public key cryptography are based on mathematical functions.
Public Key Cryptosystem
A public-key encryption scheme has six parts: Public Key Cryptography
- Plaintext: This is the readable message or data that is fed into the algorithm as input.
- Encryption algorithm: The encryption algorithm performs various transformations on the plaintext.
- Public and private keys: This is a pair of keys that have been selected so that if one is used for encryption, the other is used for decryption.
- Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and the key
- Decryption algorithm: This algorithm accepts the ciphertext and the matching key and produces the original plaintext.
- Any cryptosystem is designed to meet the following goal
- Secrecy (Encryption)
Now we will discuss how it is maintained in public key cryptosystem
Public Key Cryptosystem: Secrecy: Public Key Cryptography
The essential steps are the following: Public Key Cryptography
- Each user generates a pair of keys to be used for the encryption and decryption of messages.
- Each user places one of the two keys in a public register or other accessible files. This is the public key. The other key is kept private.
- If A wishes to send a confidential message to B, A encrypts the message using B’s public key.
- When B receives the message, it decrypts it using the private key. No other recipient can decrypt the message because only B knows B’s private key.
- As long as a user’s private key remains protected and secret, the incoming communication is secure.
- At any time, a system can change its private key and publish the companion public key to replace its old public key.
- Suppose there is some source A that produces a message in plaintext, X = [X1, X2, . . . , XM] and sends it to
- B generates a related pair of keys: a public key, PUb, and a private key, PRb. PUbis publicly available and therefore accessible by A.
- With the message X and the encryption key PUb as input, A forms the ciphertext
Y = [Y1, Y2, . . . , YN]: Y = E (PUb, X)
- The intended receiver, having the matching private key, is able to decrypt the message:
X = D (PRb, Y)
- An adversary, observing Y and having access to Pub only, may attempt to recover X and/or PRb.
- If the adversary interested only in this particular message, then the focus of effort is to recover X by generating a plaintext estimate.
- Whereas if the adversary interested in being able to read future messages as well, then he attempts to recover PRb by generating an estimate.
Public Key Cryptosystem: Authentication: Public Key Cryptography
- However, the above scheme does not provide authentication of the sender as anyone having access to the public key can encrypt the message.
- Public-key encryption can use to provide authentication in the following manner:
- When A wishes to send a message to B where confidentiality not needed but authentication required, A encrypts the message using PRa.
- Anyone having access to PUa can decrypt the message. However, one thing is sure that the message originated from A since no one except A could have encrypted the message using PRa.
- A prepares a message to B and encrypts it using A’s private key before transmitting it.
Y = E (PRa, X)
- B can decrypt the message using A’s public key.
X = D (PUa, Y)
- Because the message encrypted using A’s private key, only A could have prepared the message. Therefore, the entire encrypted message serves as a digital signature.
- In addition, it impossible to alter the message without access to A’s private key, so the message authenticated both in terms of source and in terms of data integrity.
- However, the entire message needs to store to bring up in case of dispute.
- A more efficient way of achieving the same results is to encrypt a small block of bits that is a function of the document.
- Such a block called an authenticator.
- It must have the property that it is infeasible to change the document without changing the authenticator.
- If the authenticator encrypted with the sender’s private key, it serves as a signature.