Information Technology Reference
In-Depth Information
Plaintext
Plaintext
Decryption
Ciphertext
Encryption
Recipient's
private key
Recipient's
public key
Figure 2: Public key algorithms.
The paradigm of communication is the following: the two partners A and
B both have a pair of keys. A requires to B its public key with which A
cipher the message and sends the resulting encrypted message to B.
The message encrypted with a public key can be decrypted only with the
corresponding private key. Therefore B, using its private key can decrypt the
message and read it in complete safety.
With this method only the private key must be kept secret while the
public key can be distributed to everyone to send a message to the owner of
the key. If an attacker steals this key, he can only encrypt messages without
decrypting them.
The most popular public key algorithms are:
•
Diffie-Hellman, which is generally considered safe, particularly in the
exchange of symmetric keys, when used with a key long enough, preferably
at least 1024 bits.
•
RSA is the most widely used both for encrypting messages to include
the digital signature. It is generally considered safe when used with keys
of at least 1024 bits (512 insecure, 768 moderately secure and safe in
1024). It is based on the difficulty of decomposing a number into the
product of its first factors. In fact taken two numbers
x
and
y
it is very
simple to calculate their product
p = x * y
but it is extremely complicated
to decompose
p
as the product of its components.
•
Elliptic Curve, an algorithm that is relatively young, but very slow. It is con-
sidered extremely safe, but it has not yet been extensively tested as the RSA.
•
Digital Signature Standard (DSS) was adopted by the US government and
is used mainly for digital signature.
3.2.3
The technique adopted in practice
Public key algorithms are considerably slower than private key ones, especially
in the encryption of great amounts of data. Therefore, in cryptographic systems
it is preferred to adopt symmetric algorithms for encryption of messages and
public key algorithms for encryption of symmetric keys.
The sender generates a symmetric key, encrypts the message, crypts the
generated key with the public key of the receiver and sends both the message
