PUBLIC KEY CRYPTOGRAPHY

A form of cryptography in which the key used to encrypt a

message differs from the key used to decrypt it.
In public key cryptography, a user has a pair of cryptographic
keysa public key and a private key. The private key is kept
secret, while the public key may be widely distributed.
The two main branches of public key cryptography are:
1. Public key encryption
2. Digital signatures
 PUBLIC KEY ENCRYPTION

A message encrypted with a recipient's public key cannot be decrypted

by anyone except the recipient possessing the corresponding private
key.
Actual algorithms - two linked
keys:

Contd.
Step 1: The most common ones have the property that Alice and Bob
each own two keys, one for encryption and one for decryption

Step 2: Alice publish a public key to send her a message. And has a
private key to decrypt it.

Step 3: Now Bob send Alice a message using the public key and Alice
decrypt it using her private key.
 KEY TERMS

Public and private keys:

This is a pair of keys that have been selected so that if one is used for
encryption, the other is used for decryption. The exact transformations
performed by the algorithm depend on the public or private key that is
provided as input.

Cipher text:
This is the scrambled message produced as output. It depends on the
plaintext and the key. For a given message, two different keys will produce
two different cipher texts.
A GENERAL APPROACH

Contd.
Step 1 : Each user generates a pair of keys to be used for the encryption
and decryption of messages.

Step 2 : Each user places public key in a public register or other

accessible file. As encryption figure suggests, each user
maintains a collection of public keys obtained from others.

Step 3 : If user1 wishes to send a confidential message to user2, user1

encrypts the message using user2's public key.

Step 4 : When user1 receives the message, he decrypts it using his

private key. No other recipient can decrypt the message because
only user1 knows his private key
 Authentication & security:

There is some source A that produces a message in plaintext, X =[X1, X2,..., XM,]. The
M elements of X are letters in some finite alphabet. The message is intended for
destination B. B generates a related pair of keys: a public key, PUb, and a private key,
PRb. PRb is known only to B, whereas PUb is publicly available.

A generates another pair of keys: a public key, PUa, and a private key, PRa. PRa is
known only to A, whereas PUa is publicly available.

Contd.
Authentication & security: Secrecy

Contd.
 Secrecy in a public key encryption :

Step 1: A encrypt the massage using Bs public key PUb and send it to B.
With the message X and the encryption key PUb as input, A forms
the cipher text Y = [Y1, Y2,..., YN]:

Step 2: B decrypt the massage using its private key PRb. Using its
private key PRb and the cipher text Y it obtain the original
massage X
Authentication & security: Authentication

Contd.
 Authentication in a public key encryption :

Step 1: A prepares a message to B and encrypts it using A's

private key before transmitting it.

Step 2: B can decrypt the message using A's public key. Because
the message was encrypted using A's private key, only A
could have prepared the message.
 Comparing Secrecy and Authentication

In authentication technique :It is impossible to alter the message without

access to A's private key, so the message is authenticated both in terms of
source and in terms of data integrity. But secrecy doesn't provide this
advantage.

Thus the authentication is much more confidential and secure in terms of

alteration of the massage.
Authentication & security:

Contd.
In this case, we begin as before by encrypting a message, using
the sender's private key. This provides the digital signature.
Next, we encrypt again, using the receiver's public key. The
final cipher text can be decrypted only by the intended receiver,
who alone has the matching private key. Thus, confidentiality is
provided. The disadvantage of this approach is that the public-
key algorithm, which is complex, must be exercised four times
rather than two in each communication.
 DIGITAL SIGNATURE

An authentication mechanism that enables the creator of a message to

attach a code that acts as a signature.
In situations where there is not complete trust between sender and
receiver, something more than authentication is needed.
1. It must verify the author and the date and time of the signature.
2. It must to authenticate the contents at the time of the signature.
3. It must be verifiable by third parties, to resolve disputes.
Thus, the digital signature function includes the authentication function.
A variety of approaches has been proposed for the digital signature
function. These approaches fall into two categories: direct and
arbitrated
Direct Digital Signature :
The direct digital signature involves only the
communicating parties (source, destination). It is assumed that the
destination knows the public key of the source. A digital signature may be
formed by encrypting the entire message with the sender's private key or
by encrypting a hash code of the message with the sender's private key.
Arbitrated Digital Signature :
The problems associated with direct digital signatures can be addressed by
using an arbiter.
As with direct signature schemes, there is a variety of arbitrated signature
schemes. In general terms, they all operate as follows. Every signed
message from a sender X to a receiver Y goes first to an arbiter A, which
check its origin and context and then sent to Y.
 Applications for Public-Key Cryptosystems

Public key cryptosystem used in many systems such as:

1.Decision support system
2. RSA Algorithm
3. Elliptic Curve
4. Diffie-Hellman key exchange
 Computational cost

It is computationally easy for a party B to generate a pair (public key

PUb, private key PRb).
It is computationally easy for a sender A, knowing the public key and
the message to be encrypted, M, to generate the corresponding
ciphertext:
C = E(PUb, M)
It is computationally easy for the receiver B to decrypt the resulting
ciphertext using the private key to recover the original message:
M = D(PRb, C) = D[PRb, E(PUb, M)]
It is computationally infeasible for an adversary, knowing the public key,
PUb, to determine the private key, PRb.
It is computationally infeasible for an adversary, knowing the public key,
PUb, and a ciphertext, C, to recover the original message, M.
The two keys can be applied in either order:
M = D[PUb, E(PRb, M)] = D[PRb, E(PUb, M)]
 Weaknesses

Computati- Keys in public-key cryptography, due to their

onal cost unique nature, are more computationally costly
than their counterparts in secret-key cryptography.

Vulnerable Keys in asymmetric cryptography are more

to brute vulnerable to brute force attacks than in secret-key
force cryptography.
attacks
Vulnerable Public-key cryptography also has vulnerabilities to
to the man attacks such as the man in the middle attack. In this
in the situation, a malicious third party intercepts a public
middle key on its way to one of the parties involved
attack