Public Key Cryptography Notes
An encryption method that uses two different keys, one for encipherment, and one for decipherment.
Public key cryptosystems must meet the following three conditions.
1. It must be computationally easy to encipher or decipher a message given the appropriate key.
2. It must be computationally infeasible to derive the private key from the public key.
3. It must be computationally infeasible to determine the private key from a chosen plaintext attack.
Well Known Public Key Schemes
Diffie / Hellman
RSA (Rivest, Shamir, Adleman)
Diffie / Hellman
Based on the discrete logarithm problem
Communication is done using a shared secret key, S, that is derived by enciphering the recipient's public key, with the sender's private key.
Key size of 512 bits has been factored.
1024 bit key is theoretically impossible to factor, without an advance in mathematics.
RSA
Scheme based on prime numbers.
Communication is done using the recipients public key, which can only be deciphered using the recipients private key.
Provides authentication by enciphering using the sender's private key, and be deciphered using the corresponding public key.
Authentication in private messages, using the previous technique along with another level of encryption using the recipient's public key.
Provides non-repudiation of origin.
Public Key Exchange
Key signing to create a web of trust.
Vulnerable to man in the middle attacks, and other exploits?
Key signing "parties".
Key Revocation Methods
Expiration date.
Requesting revocation, by signing a revocation request with the key to be revoked.
Useful for keys that have been compromised.
Special Purpose Key
Multiple keys required for decipherment, M total keys requiring K keys to decipher.
Blind signatures
- Useful for digital money
- Serial number is signed blindly, while monetary value is visible.
PGP
Popular implementation of public key cryptography.
Private key is encrypted using a word or phrase and another encryption method.