Cryptography Reference

In-Depth Information

key, and furthermore infeasible to compute from the encryption-key.

Such encryption schemes, called
public-key
schemes, have the advan-

tage of trivially resolving the key distribution problem (because the

encryption-key can be publicized). That is, once some Party X gener-

ates a pair of keys and publicizes the encryption-key, any party can

send encrypted messages to Party X so that Party X can retrieve the

actual information (i.e., the plaintext), whereas nobody else can learn

anything about the plaintext.

plaintext

plaintext

ciphertext

E

D

X

X

K

K

Sender's protected region

Receiver's protected region

ADVERSARY

The key
K
is known to both receiver and sender, but is unknown

to the adversary. For example, the receiver may generate
K
at

random and pass it to the sender via a perfectly-private sec-

ondary channel (not shown here).

Fig. 5.2 Private-key encryption schemes - an illustration.

In contrast to public-key schemes, traditional encryption schemes in

which the encryption-key equals the description-key are called
private-

key
schemes, because in these schemes the encryption-key must be kept

secret (rather than be public as in public-key encryption schemes). We

note that a full specification of either schemes requires the specifica-

tion of the way in which keys are generated; that is, a (randomized)

key-generation algorithm that, given a security parameter, produces a

(random) pair of corresponding encryption/decryption keys (which are

identical in the case of private-key schemes).

Thus, both private-key and public-key encryption schemes consist

of three ecient algorithms: a
key generation
algorithm denoted
G
,an