Public Key Cryptography widely-applied form of cryptography commonly utilized in many network transactions

wanderooswarrenΤεχνίτη Νοημοσύνη και Ρομποτική

21 Νοε 2013 (πριν από 3 χρόνια και 6 μήνες)

54 εμφανίσεις

Public Key Cryptography

Public Key Cryptography is a
widely
-
applied form of cryptography commonly utilized in many network
transactions
. The Security+ exam will test you on your both your understanding of how public key systems work as well
as your ability to discern between different types of public key algorithms. The exam will also cover PKI, or public
-
key
infrastructure.


The working
s of Public Key Cryptography

Unlike private key systems, in which two communicating users share a secret key for encryption and decryption, public
key systems
utilize widely
-
available and unique “public keys,” as well as “private keys,”

to securely transm
it
confidential data.


Here’s how a public key transaction works: Assume we have two users, Pat and Jill, and that Pat wishes to send Jill a
secret love note. Pat encrypts the love note using Jill’s public key. The message is sent via email to Jill. Jill
then can read
the message by decrypting the message with her private key. Note that in order for this transaction to take place, only Jill
has to know her private key. This is the beauty of a public key (or asymmetric) system. Through this transaction, kno
wn as
secure message format, the confidentiality of the message is assured: only Jill can read it!

Public
-
key cryptography can also be applied to validate the authenticity of a message. In this formulation, Pat would send
Jill a message using his private
key (therefore encrypting the message). To read the message, Jill would use Pat’s public
key. In doing so, Jill has affirmed that the message was in fact sent by Pat. This is known as open message format.

In order to
ensure both information authenticity a
nd confidentiality
, signed and secure message format may be
employed. Extending the love note example, Pat would first encrypt the message with Jill’s public key and then encrypt
that encrypted message with his own private key. When the message is sent to
Jill, she can use Pat’s public key to verify
the message was indeed from Pat. But the message is still encrypted! To overcome this, she can use her own private key
to decrypt the message.


(From Navy) Public Key Schema

Public Key Protocols



RSA is an asy
mmetric key transport protocol

that can be used to transmit private keys between hosts. The
algorithm utilizes large prime numbers for effectiveness. The process can be explained very simply


Pat encrypts
the private key with Jill’s public key, and Jill d
ecrypts the message with her private key to reveal the private key.



Diffie
-
Hellman is a key agreement protocol

that can be used to exchange keys. It uses logarithms to ensure
security in the algorithm. In the Diffie
-
Hellman operation, Pat and Jill each us
e their own private keys with the
public key of the other person to create a shared secret key. Note that Diffie
-
Hellman is vulnerable to man
-
in
-
the
-
middle attacks.



El Gamal is an extension of Diffie
-
Hellman

that includes encryption and digital signatures
.

Message Digesting

A message digest is something of an unreadable,
condensed version of a message
. More specifically, a message
digest utilizes a one
-
way hash function to calculate a set
-
length version of a message that cannot be deciphered into clear
t
ext. Message digests are usually employed in situations in which it would be undesirable to be able to decrypt the
message. One such application is in modern username/password systems, in which the password is stored using a hash
function or digest. After
the password has been hashed,
it cannot be un
-
hashed
. When a user attempts to login with a
password, the password he types is also hashed so that the two hashes (rather than the two passwords) are compared
against each other. Note that the hash assumes tha
t a hashed value cannot be deciphered and that no two messages will
produce the same hash.


Hashing Protocols



MD5 is the most commonly
-
used

hash protocol and uses a 128
-
bit digest. It is very fast in hashing a message
and is also open
-
source.



SHA
-
1 is a

more secure

implementation of a hashing protocol that uses a 160
-
bit digest and “pads” a message
to create a more difficult
-
to
-
decipher hash.




Quick Review

1. Which of the following ensures message confidentiality, but not authenticity?


a. Secure mes
sage format

b. Open message format

c. Signed and secure message format

d. Symmetric cryptography


2. Which of the following is not an asymmetric protocol?


a. Diffie
-
Hellman

b. El Gamal

c. 3DES

d. RSA


3. Why is a hash more difficult to decipher
than a standard encryption protocol?


a. It is a one
-
way function

b. It uses strong encryption techniques

c. It uses large prime numbers

d. It uses discrete logarithms









Answers

1. Secure message format works by encrypting a message with the public key of the intended recipient, ensuring
confidentiality but not integrity. The answer is A.


2. 3DES is the only listed protocol that does not utilize a public key system. The answer i
s C.


3. Because a hash is a one
-
way function, the only way to decipher it is to try a large number of hashes of cleartext until
one matches the original hash. The answer is A.