- Asymmetric cryptography is often referred to as the
public-key cryptography.
- It is a cryptographic algorithm which makes use of
two individual keys namely the secret key and the public key.
- The secret is kept
private and the public key is open.
- Even though these two keys are different, there is some mathematical link
between the two.
- The key which is used for the encryption of the plain text and
verification of the digital signature is the public key.
- So, the private key is
one that is used for the decryption of the cipher text in to plain text or for
creation of a digital signature.
- Both these keys are contrast of each other
unlike in the symmetric cryptography where the same key serves both the
purposes.
- The public keys are created based up on some mathematical problems
for which presently there is no efficient solution such as the following:
Ø Elliptic
curve relationships
Ø Discrete
logarithms
Ø Integer
factorization
- Generating the public and the private key pair is
computationally easy for the users.
- The strength of the public keys lies in the
fact that determining the private key from its public key is computationally
in feasible or almost impossible.
- Thus, without fearing any compromise with the
security, the public key can be published whereas the private key is kept
hidden from everyone so as not to reveal it to anyone who does not has
authorization for performing the digital signatures or reading the messages.
- Unlike
for the symmetric key algorithms, a secure initial exchange of the secret keys
is not required for the public key algorithms.
- In the process of message
authentication, a private key is used for processing a message for producing
the digital signature.
- After doing so, the signature can be verified by anyone
by processing the value of the signature using the corresponding public key of
the signer.
- The result is then compared with the message.
- The unmodified nature
of the message is confirmed a success signal.
- Also, it is presumed that the
private key of the signer has been kept hidden from the others.
- However, in
practical applications, the message’s digest or hash is encrypted and used as
the signature.
- The fundamental security components of the cryptosystems,
protocols and applications are the public key algorithms.
These systems
underpin the following internet standards:
Ø PGP
Ø GPG
Ø TLS or
transport layer security
- Secrecy as well as Key distribution is provided by
some of the public key algorithms such as the Diffie-Hellman key exchange
algorithm while some algorithms like Digital signature algorithm provide the digital
signature and some others offer both the things.
- An example of such algorithm
is RSA.
- All these algorithms have been widely accepted.
- A pair of cryptographic
keys (i.e., a public key for encryption and a private key for decryption) is
provided to each of the users.
- Similarly, for digital signatures the pair of
keys consists of a private key for signing and a public key for verification.
- The
concept of the private key has been introduced so as to ensure the
confidentiality.
- The digital signatures can be verified by anyone possessing
the corresponding public key.
- With such a confirmation it is confirmed the
private key is possessed by the sender.
- This is also a way to confirm that no
tampering has been done to the message.
- If the message has been tampered, it
will introduce changes in the encoded message digest.
- Mail box having a mail
slot and a personal wax seal can be taken as an analogy to public – key encryption
and digital signatures respectively.
No comments:
Post a Comment