This article is about Public Key Cryptosystems that describe various terms under Public Key such as Applications & Req. etc.
Let’s see another article Network Security: Advanced Encryption Standard (AES).
Table of Contents
Public Key Cryptosystems
Public Key Cryptosystems hold two keys for the encryption and decryption process. The key used in encryption is the Public key whereas Decryption uses the Private key. That is the reason it is also called topsy-turvy key cryptography.
A pair of keys (Public and Private keys) is generated by the sender and receiver. If the sender sends a message to the receiver, then the receiver can decrypt the message only with the corresponding private key of the pair.
In other words,
The public key cryptosystem is a powerful cryptographic method that relies on key pairs. The use of public and private key pairs allows for secure encryption and decryption of messages. The public key is shared openly, while the private key remains secret, ensuring that only the intended recipient can decrypt the encrypted message. This asymmetry in key usage provides confidentiality and privacy in communication.
Terms in Public Key Cryptosystems
- Plaintext – Plaintext is a simple unscrambled message.
- Encryption and Decryption process – Public key cryptography enables secure communication by allowing encryption and decryption using different keys. The public key is used for encryption, and any message encrypted with it can only be decrypted using the corresponding private key. This ensures the confidentiality and privacy of the communication.
- Encryption and Decryption algorithm – This is an essential algorithm used in the Encryption and Decryption process with a key.
- Public and Private keys – Each user has a pair of related keys. The public key is shared with others, while the private key is kept secret. The keys are generated in such a way that encrypting with one key can only be decrypted with the other key.
- Ciphertext – This is the scrambled message, which means a converted message of plaintext into some unreadable text.
Steps in public key cryptography
- Each user has to generate two keys one of which will be used for encryption and the other for decryption of messages.
- Each user has a pair of keys, among which one has to be made public by each user. And the other has to be kept secret.
- If a user has to send a message to a particular receiver then the sender must encrypt the message using the intended receiver’s public key and then send the encrypted message to the receiver.
- On receiving the message, the receiver has to decrypt the message using his private key.
In public key cryptography, there is no need for key distribution as we have seen in symmetric key cryptography. As long as this private key is kept secret no one can interpret the message. In the future, the user can change its private key and publish its related public key in order to replace the old public key.
Public Key Cryptography Requirements
To accomplish public key cryptography there are the following requirements as discussed below.
- The computation of the pair of keys i.e. private key and the public key must be easy.
- Knowing the encryption algorithm and public key of the intended receiver, the computation of cipher text must be easy.
- For a receiver of the message, it should be computationally easy to decrypt the obtained cipher text using his private key.
- It is also required that any opponent in the network knowing the public key should be unable to determine its corresponding private key.
- Having the cipher text and public key an opponent should be unable to determine the original message.
- The two keys i.e. public and private keys can be implemented in both orders D[PU, E(PR, M)] = D[PR, E(PU, M)]
Public Key Cryptosystem Applications
In public key cryptography, every user has to generate a pair of keys among which one is kept secret known as a private key and the other is made public hence called a public key. Now, the decision of whether the sender’s private key or the receiver’s public key will be used to encrypt the original message depends totally on the application.
We can classify the applications of the public key cryptosystem as below:
If the purpose of an application is to encrypt and decrypt the message then the sender has to encrypt the message using the intended receiver’s public key and the receiver can decrypt the message using his own private key.
b. Digital Signature
If the purpose of the application is to authenticate the user then the message is signed or encrypted using the sender’s private key. As only the sender can have its private key, it assures all parties that the message is sent by the particular person.
c. Key Exchange
The two communicating parties exchange a secret key (maybe a private key) for symmetric encryption to secure a particular transaction. This secret key is valid for a short period.
Well, some algorithms implement all three applications and some implement one or two among these applications. Below is the image showing you the details of the algorithm possessing these applications.
Public Key Cryptanalysis
To prevent the brute force attack the key size must be kept large enough so that it would be difficult for the attacker to calculate the encryption and decryption. But the key size should not be so large that it would become much more difficult to compute practical encryption and decryption.
Another type of attack in public key cryptography is that the attacker would try to compute the private key knowing the public key.
One more type of attack is a probable message attack. If an adversary knows that the encrypted message from a particular sender is a 56-bit key. Then he would simply encrypt all possible 56-bit keys using the sender’s public key as the public key is known to all. And then match all the encrypted messages with the cipher text. This type of attack can be prevented by appending some random bits to the original message.
- A public key cryptosystem is one which involves two separate keys for encryption and decryption.
- Each user participating in the communication has to generate two keys, one is to be kept secret (private key) and one is to make public (public key).
- Public key cryptosystems can achieve both confidentiality and authenticity.
- The public key cryptosystem is based on invertible mathematics so it has too much computation.
- Large key size reduces the probability of brute force attack in a public key cryptosystem
- Examples of public key cryptosystems are RSA, Diffie-Hellman, DSS, and the Elliptic curve.
Overall, the public key cryptosystem has revolutionized the field of cryptography by providing a practical solution to secure communication and data protection. It has found widespread use in various applications, including secure online transactions, email encryption, secure file transfer, and virtual private networks (VPNs). The principles of the public key cryptosystem form the foundation of modern secure communication systems and play a crucial role in ensuring confidentiality, integrity, and authenticity in the digital world.