Public Key Cryptography
Public Key Cryptography is a
widely

applied form of cryptography commonly utilized in many network
transactions
. The Security+ exam will test you on your both your understanding of how public key systems work as well
as your ability to discern between different types of public key algorithms. The exam will also cover PKI, or public

key
infrastructure.
The working
s of Public Key Cryptography
Unlike private key systems, in which two communicating users share a secret key for encryption and decryption, public
key systems
utilize widely

available and unique “public keys,” as well as “private keys,”
to securely transm
it
confidential data.
Here’s how a public key transaction works: Assume we have two users, Pat and Jill, and that Pat wishes to send Jill a
secret love note. Pat encrypts the love note using Jill’s public key. The message is sent via email to Jill. Jill
then can read
the message by decrypting the message with her private key. Note that in order for this transaction to take place, only Jill
has to know her private key. This is the beauty of a public key (or asymmetric) system. Through this transaction, kno
wn as
secure message format, the confidentiality of the message is assured: only Jill can read it!
Public

key cryptography can also be applied to validate the authenticity of a message. In this formulation, Pat would send
Jill a message using his private
key (therefore encrypting the message). To read the message, Jill would use Pat’s public
key. In doing so, Jill has affirmed that the message was in fact sent by Pat. This is known as open message format.
In order to
ensure both information authenticity a
nd confidentiality
, signed and secure message format may be
employed. Extending the love note example, Pat would first encrypt the message with Jill’s public key and then encrypt
that encrypted message with his own private key. When the message is sent to
Jill, she can use Pat’s public key to verify
the message was indeed from Pat. But the message is still encrypted! To overcome this, she can use her own private key
to decrypt the message.
(From Navy) Public Key Schema
Public Key Protocols
RSA is an asy
mmetric key transport protocol
that can be used to transmit private keys between hosts. The
algorithm utilizes large prime numbers for effectiveness. The process can be explained very simply
–
Pat encrypts
the private key with Jill’s public key, and Jill d
ecrypts the message with her private key to reveal the private key.
Diffie

Hellman is a key agreement protocol
that can be used to exchange keys. It uses logarithms to ensure
security in the algorithm. In the Diffie

Hellman operation, Pat and Jill each us
e their own private keys with the
public key of the other person to create a shared secret key. Note that Diffie

Hellman is vulnerable to man

in

the

middle attacks.
El Gamal is an extension of Diffie

Hellman
that includes encryption and digital signatures
.
Message Digesting
A message digest is something of an unreadable,
condensed version of a message
. More specifically, a message
digest utilizes a one

way hash function to calculate a set

length version of a message that cannot be deciphered into clear
t
ext. Message digests are usually employed in situations in which it would be undesirable to be able to decrypt the
message. One such application is in modern username/password systems, in which the password is stored using a hash
function or digest. After
the password has been hashed,
it cannot be un

hashed
. When a user attempts to login with a
password, the password he types is also hashed so that the two hashes (rather than the two passwords) are compared
against each other. Note that the hash assumes tha
t a hashed value cannot be deciphered and that no two messages will
produce the same hash.
Hashing Protocols
MD5 is the most commonly

used
hash protocol and uses a 128

bit digest. It is very fast in hashing a message
and is also open

source.
SHA

1 is a
more secure
implementation of a hashing protocol that uses a 160

bit digest and “pads” a message
to create a more difficult

to

decipher hash.
Quick Review
1. Which of the following ensures message confidentiality, but not authenticity?
a. Secure mes
sage format
b. Open message format
c. Signed and secure message format
d. Symmetric cryptography
2. Which of the following is not an asymmetric protocol?
a. Diffie

Hellman
b. El Gamal
c. 3DES
d. RSA
3. Why is a hash more difficult to decipher
than a standard encryption protocol?
a. It is a one

way function
b. It uses strong encryption techniques
c. It uses large prime numbers
d. It uses discrete logarithms
Answers
1. Secure message format works by encrypting a message with the public key of the intended recipient, ensuring
confidentiality but not integrity. The answer is A.
2. 3DES is the only listed protocol that does not utilize a public key system. The answer i
s C.
3. Because a hash is a one

way function, the only way to decipher it is to try a large number of hashes of cleartext until
one matches the original hash. The answer is A.
Comments 0
Log in to post a comment