Cryptography Reference
In-Depth Information
Chapter 14
Asymmetric Encryption Systems
In this chapter, we elaborate on asymmetric encryption systems. More specifically,
we introduce the topic in Section 14.1, overview and discuss some basic and secure
systems in Sections 14.2 and 14.3, address identity-based encryption in Section 14.4,
and conclude with final remarks in Section 14.5.
14.1
INTRODUCTION
In Section 2.3.1, we introduced the idea of using a family of trapdoor functions to
come up with an encryption system that is asymmetric in nature (because the en-
cryption and decryption algorithms use different keys). Furthermore, we defined an
asymmetric encryption system to consist of three efficiently computable algorithms
(i.e.,
Generate
,
Encrypt
,and
Decrypt
) with
Encrypt
and
Decrypt
being inverse to
each other (see Definition 2.10).
The working principle of an asymmetric encryption system is illustrated in
Figure 2.7. If the sender wants to encrypt a plaintext message
m
that is longer
than the maximum message length, then
m
must be split into a sequence of
message blocks
m
1
,m
2
,...,m
n
(each block must be shorter than or equal to the
maximal message length), and each message block must be encrypted and decrypted
individually (or sequentially in a specific mode of operation, respectively). In this
chapter, we only consider the situation in which we must encrypt a single message
block
m
. But keep in mind that this message block may only be part of a potentially
very long message.
Similar to a symmetric encryption system, one may wonder whether a given
asymmetric encryption system is secure. Information-theoretic or perfect security
does not make a lot of sense in the realm of an asymmetric encryption system,
because we assume the
Encrypt
algorithm to work with a fixed key of finite length.
