Chapter 9
PUBLIC-KEY CRYPTOGRAPHY AND RSA
Principles
Of Public-Key Cryptosystems
Public-Key Cryptosystems
Applications for Public-Key Cryptosystems Requirements for Public-Key Cryptography Public-Key Cryptanalysis
The RSA Algorithm
Description of the Algorithm Computational
Aspects
The Security of RSA
KEY POINTS
◆ Asymmetric
encryption is a form of cryptosystem in which encryption and decryption are
performed using the different keys—one a public key and one a private key. It
is also known as public-key encryption.
◆ Asymmetric
encryption transforms plaintext into ciphertext using a one of two keys and an
encryption algorithm. Using the paired key and a decryp- tion algorithm, the
plaintext is recovered from the ciphertext.
◆ Asymmetric
encryption can be used for confidentiality, authentication, or both.
◆ The most widely
used public-key cryptosystem is RSA. The difficulty of attacking RSA is based
on the difficulty of finding the prime factors of a com- posite number.
The development of public-key
cryptography is the greatest and perhaps the only true revolution in the entire
history of cryptography. From its earliest beginnings to modern times,
virtually all cryptographic systems have been based on the ele- mentary tools of substitution and permutation.
After millennia of working with algorithms that could be calculated by hand, a major advance
in symmetric crypto- graphy occurred with the development of the rotor
encryption/decryption machine.
The
electromechanical rotor enabled
the development of fiendishly complex
cipher systems. With the availability
of computers, even more complex systems were devised, the most prominent of which was the Lucifer
effort at IBM that culminated in the Data Encryption Standard
(DES). But both rotor machines and DES, although representing significant advances, still relied
on the bread-and-butter tools
of substitution and permutation.
Public-key cryptography provides a radical departure from all that has
gone before. For one thing,
public-key algorithms are based on mathematical functions rather
than on substitution and permutation. More important, public-key cryptography
is asymmetric, involving
the use of two separate keys, in contrast
to symmetric encryp- tion, which uses only one key. The use of two keys has profound
consequences in the areas
of confidentiality, key distribution, and
authentication, as we shall see.
Before proceeding, we should mention
several common misconceptions con- cerning public-key encryption. One
such misconception is that public-key encryption is
more secure from cryptanalysis than is symmetric
encryption. In fact, the security of any encryption scheme depends on the length of the key and the computational work involved
in breaking a cipher. There is nothing in principle about either symmetric or
public-key encryption that makes one superior to another from the point of view
of resisting cryptanalysis.
A second misconception is that public-key encryption is a general-purpose tech-
nique that has made symmetric
encryption obsolete. On the contrary, because of the computational overhead
of current public-key encryption schemes,
there seems no foreseeable likelihood that symmetric encryption will be abandoned. As one of the inventors of public-key encryption has put it [DIFF88],
“the restriction of public-key cryptography to key management
and signature applications is almost universally accepted.”
Finally, there is a feeling
that key distribution is trivial when using public-key encryption, compared
to the rather cumbersome handshaking involved with key
distri- bution centers
for symmetric encryption. In fact, some form of protocol is needed,
generally involving a central agent, and the procedures involved are not simpler nor any more efficient than those required for symmetric
encryption (e.g.,
see analysis in [NEED78]).
This chapter and the next provide
an overview of public-key cryptography. First,
we look at its conceptual framework. Interestingly, the concept
for this technique
was developed and published
before it was shown to be practical to adopt it. Next, we examine
the RSA algorithm, which is the most important encryption/decryption algo-
rithm that has been shown to
be feasible for public-key encryption. Other important public-key cryptographic algorithms are covered
in Chapter 10.
Much of the theory of public-key cryptosystems is based on number theory. If one is prepared to accept the results given in this chapter,
an understanding of number
theory is not strictly necessary. However, to gain a full appreciation
of public-key algorithms, some understanding of number
theory is required.
Chapter 8 provides
the necessary background in number theory.
Table 9.1 defines some key terms.
Table 9.1 Terminology
Related to Asymmetric Encryption
Asymmetric
Keys
Two related keys, a public key and a private key, that are used to perform
complementary operations, such as
encryption and decryption or signature generation and signature verification.
Public Key Certificate
A digital document issued and digitally
signed by the private key of a Certification Authority that binds the name of a subscriber to a public
key. The certificate indicates that the subscriber identified in the certificate has sole control and access to the corresponding private key.
Public Key (Asymmetric) Cryptographic Algorithm
A cryptographic algorithm that uses two related keys, a public
key and a private key. The two keys have the
property that deriving the private
key from the public key is computationally infeasible.
Public Key
Infrastructure (PKI)
A set of policies, processes, server platforms, software and workstations
used for the purpose of administer- ing certificates and public-private key
pairs, including the ability to issue, maintain, and revoke public key
certificates.
Related Topics
Privacy Policy, Terms and Conditions, DMCA Policy and Compliant
Copyright © 2018-2024 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.