Asymmetric Key Encryption
Whereas symmetric key encryption makes use of a single key that is known to a sender and a receiver, asymmetric key encryption, also known as public key encryption, makes use of two keys, a public key and a private key. If a message is encrypted by one key, the other key is required to decrypt the message. The public key can be known by anyone, but the private key must be known only by the owner.
Both the public and private keys are related from a mathematical point of view; however, if one of the keys is compromised, it is also mathematically infeasible to determine the contents of the other key based on the contents of the key that was compromised. In Figure 5.3, Host A needs to communicate to Host B using asymmetric key encryption. Notice that both Host A and Host B are using copies of different keys.
Figure 5.3: Example of asymmetric key encryption.
If Host A encrypts a message with its private key, Host B must have a copy of Host A’s public key to decrypt it. Host B can decrypt Host A’s message and decide to reply back to Host A in an encrypted form. All Host B needs to do is encrypt its reply with Host A’s public key and then Host A can decrypt the message with its private key. It is not possible to encrypt and decrypt using the exact same key when using an asymmetric key encryption technology.
Host A can encrypt a message with its private key, and the receiver can then decrypt it with Host A’s public key. By decrypting the message with Host A’s public key, the receiver can be sure that the message really came from Host A. A message can only be decrypted with a public key if the message was encrypted with the corresponding private key. This provides authentication because Host A is the only one who is supposed to have his private key. When the receiver wants to make sure Host A is the only one that can read her reply, she will encrypt the response with her public key. Only Host A will be able to decrypt the message because it is the only one who has the necessary private key. Now the receiver can also encrypt her response with her private key instead of using Host A’s public key. Why would she do that? She wants Host A to know that the message came from her and no one else. If she encrypted the response with Host A’s public key, it does not provide authenticity because anyone can get a hold of Host A’s public key. If she uses her private key to encrypt the message, then Host A can be sure that the message came from her and no one else.
Symmetric keys do not provide authenticity because the same key is used on both ends. Using one of the secret keys does not ensure that the message originated from a specific entity. If confidentiality is the most important aspect of security to a sender, the sender would encrypt the file with the receiver’s public key. This is called a secure message format because it can be decrypted only by the person who has the corresponding private key. If authentication is the most important security service to the sender, the sender would encrypt the message with her private key.
This provides assurance to the receiver that the only person who could have encrypted the message is the individual who has possession of that private key. If the sender encrypted the message with the receiver’s public key, authentication is not provided because this public key is available to anyone. Encrypting a message with the sender’s private key is called an open message format because anyone with a copy of the corresponding public key can decrypt the message; thus, confidentiality is not ensured. For a message to be in a secure and signed format, the sender would encrypt the message with his private key and then encrypt it again with the receiver’s public key. The receiver would then need to decrypt the message with her own private key and then decrypt it again with the sender’s public key. This provides confidentiality and authentication for that delivered message.
Each key type can be used to encrypt and decrypt, so do not get confused and think the public key is used only for encryption and the private key is used only for decryption. They both have the capability to encrypt and decrypt data. However, if data is encrypted with a private key, it cannot be decrypted with a private key. If data is encrypted with a private key, it must be decrypted with the corresponding public key. If data is encrypted with a public key, it must be decrypted with the corresponding private key.
Asymmetric key encryption has a few advantages over symmetric key encryption. Asymmetric key encryption enhances the ability to distribute keys between peers, which in turn, provides another advantage, which is increased scalability when compared to symmetric key encryption. Asymmetric key encryption also can provide confidentiality, authenticity, and nonrepudiation.
Asymmetric key encryption’s major disadvantage when compared to symmetric key encryption is that it is slower than symmetric key encryption.
Asymmetric key encryption can use several different types of asymmetric key algorithms. Each has a different method of providing encryption and decryption functionality, and two will be discussed in detail in the following sections.
“RSA” stands for Rivest, Shamir, and Addleman, the names of its inventors. RSA is the asymmetric key algorithm that is easiest to implement, and it’s the best understood. The RSA cryptosystem is a public−key cryptosystem that offers both encryption and digital signatures, which provides authentication. The RSA algorithm is based on the difficulty of factoring a number, x, that is the product of two large prime numbers. The two large prime numbers may include up to 200 digits each. Here is how it works:
1.Take two large primes numbers of equal length, p and q, and compute their product x=pq; x is called the modulus.
2.Choose a random public number, e, which is the public key that is less than x and relatively prime to (p−1)(q−1). This will mean that e and (p−1)(q−1) have no common factors except 1.
3.Then find another number, d, which is the private key and such that (ed−1) is divisible by (p−1)(q−1).
4.This equates to d=e‘ modulus (p−1)(q−1).
Given the preceding calculations, you can determine that (d,x) is the private key and (e,x) is the public key. So to calculate encryption for plaintext, P, such that it is generated into ciphertext, C, you use the following formula:
C=Pe modulus x
And then, to calculate decryption for ciphertext, C, such that is generated into plaintext, P, you can use the following formula:
P=Cd modulus x
It is extremely difficult to obtain the private key d from the public key (x,e). However, if someone or something could factor x into p and q, then they could obtain the private key d. The security of the RSA system is based on the assumption that factoring is difficult.
Using the network displayed in Figure 5.3, Host A would like to send a message to Host B using RSA encryption. The message will be denoted by m. Host A creates the ciphertext, c, by using the exponentiation of c=me modulus x; both e and x are Host B’s public key. Host A then sends ciphertext, c, to Host B. Host B then attempts decryption by using the exponentiation of m=cd modulus x. There is a one−to−one relationship between e and d that ensures that Host B can recover the message, m.
RSA encryption can also provide authentication services, something that symmetric key encryption cannot do. To provide authentication services between Host A and Host B, such that the message, m, can be verified to be authentic and not tampered with, Host A creates a digital signature, s, by using the exponentiation of s=md modulus x. Both d and x in this example are Host A’s private key. Host A then sends both the message, m, and the signature, s, to Host B. Host B then must verify the signature, s, by using the exponentiation of the message, m=se modulus x. Both values of e and x at Host B are Host A’s public key.
Using RSA encryption means that encryption and decryption take place between two hosts without the exchange of each host’s private keys. Each host only uses the other host’s public key, or it uses its own private key. This means that any host can send an encrypted message or verify the signature of an authenticated message, but only a host that has possession of the correct private key can decrypt or sign a message.
Diffie−Hellman Key Exchange
Diffie−Hellman was developed by Diffie and Hellman in 1976 and published in the paper “New Directions in Cryptography” (citeseer. nj.nec.com/diffie76new.html). The protocol allows two users to exchange a secret key over an insecure medium without any prior secrets.
Diffie−Hellman is primarily used to provide a secure mechanism for exchanging public keys so that shared secret keys can be securely generated for DES keys. It provides a means for two parties to agree upon a shared secret in such a way that the secret will be unavailable to eavesdroppers. Diffie−Hellman key agreement requires that both the sender and recipient of a message have key pairs. By combining one’s private key and the other party’s public key, both parties can compute the same shared secret number. This number can then be converted into cryptographic keying material.
Note The functional operation of the Diffie−Hellman key exchange is explained in detail in Chapter6.