Cryptography Reference
In-Depth Information
CHAPTER
3
Secure Key Exchange over an
Insecure Medium with Public
Key Cryptography
Chapter 2 examined symmetric or
private/shared key
algorithms. The funda-
mental challenge in applying private key algorithms is keeping the private key
private — or, to put it another way, exchanging keys without letting an interested
eavesdropper see them. This may seem like an insoluble problem; you can't
establish keys over an insecure channel, and you can't establish a secure channel
without keys. Perhaps surprisingly, there is a solution:
public-key cryptography
.
With public-key algorithms, there are actually two keys, which are mathemati-
cally related such that an encrypt operation performed with one can only be
decrypted using the other one. Furthermore, to be usable in a cryptography
setting, it must be impossible, or at least mathematically infeasible, to compute
one from the other after the fact. By far the most common public-key algorithm
is the
RSA
algorithm, named after its inventors Ron
Rivest
, Adi
Shamir
, and
Leonard
Adleman
. You may recall Rivest from Chapter 2 as the inventor of RC4.
You may notice a difference in the technical approach between this chapter
and the last. Whereas symmetric/shared key algorithms are based on shift-
ing and XORing bits, asymmetric/public key algorithms are based entirely on
properties of natural numbers. Whereas symmetric encryption algorithms aim
to be as complex as their designers can get away with while still operating rea-
sonably quickly, public-key cryptography algorithms are constrained by their
own mathematics. In general, public-key cryptography aims to take advantage
of problems that computers are inherently bad at and as a result don't translate
nearly as easily to the domain of programming as symmetric cryptography does.
Search WWH ::
Custom Search