Cryptography- Part 2
Asymmetric Cryptography / Public Key Cryptography
In this method, two keys are used:
- Private Key: This key is only known by the owner itself.
- Public key: This key is issued by using Public Key Infrastructure (PKI) where a trusted Certification Authority (CA) certifies the ownership of key pairs.
Only the private key can decrypt the message; thus, an attacker possessing only the public key can’t decrypt the message. A secure message guarantees the confidentiality of the message.
Everyone knows public key while one key is kept secret and is used to encrypt the data by the sender. Each sender uses its secret key (known as a private key) for encrypting its data before sending.
The receiver uses the respective public key of the sender to decrypt the data.
When two parties want to exchange an encrypted message by using asymmetric key cryptography, they follow these steps:
- The sender encrypts the plaintext message with the intended recipient’s public key.
- This produces a ciphertext message that can then be transmitted to the intended recipient.
- The recipient then decrypts the message with his private key, known only to him.
Types of Asymmetric Key Algorithm
- Rivest, Shamir, and Adleman (RSA): This algorithm named after its inventors. It uses a variable size encryption block as well as a variable size key. The algorithm uses a product of two large prime numbers to derive the key pairs.
- Diffie-Hellman: This method is used primarily for private-key exchange over an insecure medium.This method is vulnerable to Man-in-the-Middle Attacks.
- ElGamel: It is similar to Diffie-Hellman but extends the functionality of Diffie-Hellman by including encryption and digital signatures.
- Elliptic Curve Cryptography (ECC): This is an algorithm that generates keys from elliptical curves. A 160-bit EC key is equivalent to a 1,024-bit RSA key. EC is significantly faster and more efficient than other asymmetric algorithms and many symmetric algorithms.
- Digital Signature Algorithm (DSA): This algorithm is primarily used for authentication purposes in digital signatures.