General Security Concepts: Examining Asymmetric Encryption Flashcards
What is asymmetric encryption?
Assymmetric encryption is a cryptographic technique that uses a pair of mathematically related but distinct keys to secure digital communications. One key is the public key, used for encryption, and the other is the private key.
Asymmetric Encryption type: RSA?
Rivest-Shamir-Adleman (RSA): Widely used asymmetric encryption algorithm that relies on the mathematical properties of large prime numbers. It encrypts data with a public key and requires the corresponding private key for decryption, thereby providing strong security for digital communications.
Asymmetric Encryption type: DSA?
Digital Signature Algorithm (DSA): Asymmetric algorithm used primarily for digital signatures and key exchange. It verifies the authenticity of digital signatures and ensures data integrity.
DSS/DSA - STP (spanning tree protocol)
Asymmetric Encryption type: ECDSA?
Elliptic Curve Digital Signature Algorithm (ECDSA): ECDSA is a variant of DSA that uses elliptic curve cryptography for digital signatures. It provides efficient and secure digital signatures, which makes it suitable for resource-constrained devices and applications.
Asymmetric Encryption type: DH/DHKE?
Diffie-Hellman or Diffie-Hellman key exchange (DH/DHKE): A key exchange algorithm used to securely exchange cryptographic keys over an untrusted network. It enables two parties to derive a shared secret key for secure communication without transmitting the key directly.
Asymmetric Encryption type: ECDH?
Elliptic Curve Diffie-Hellman (ECDH): A variant of Diffie-Hellman that utilizes elliptic curve cryptography for secure key exchange.It provides efficient and secure key exchange, particularly suitable for constrained environments.
Asymmetric Encryption type: ECC?
The other ones is Elliptical Curb Cryptography, ECC. This is one that uses smaller keys. It’s very good for mobile devices because it uses these, and I don’t understand the calculus behind it, but what it does is it uses smaller keys. So it’s a little bit faster, but it still implements a high level of security the way it generates those keys.
Asymmetric Encryption type: ElGamal?
???????
Asymmetric Encryption type: SSL/TLS?
Session Establishment -
I did mark session establishment because I want you to be aware of that. When you do a TLS handshake, you start with asymmetric key encryption. That’s how I give you the secret that we’re going to start generating, but it doesn’t stay with asymmetric. I have to be transparent on that. The initial handshake starts with asymmetric key encryption because it’s a way we can pass a secret across the wire without anybody being aware of what that actual secret is. But then once I have that secret—this is any time, for instance, when you visit a secure website you’re going to go through this TLS handshake—you’re going to start out with asymmetric key encryption, but then you’re going to fall back on the session keys that are generated privately that don’t go over the wire. That’s actually symmetric key encryption.
So I just want to be clear, but I wanted you to see, and I wanted to mention this because asymmetric key encryption typically is going to require a lot more encryption or CPU strength to do the encryption, all right? And symmetric key encryption, which we’ll talk about later—I just want to do the comparison here—is a single key encryption, and it’s faster. It doesn’t require more speed or more processing power, reduced processing power.
So what we typically do is we combine the both. In fact, Sophia and I were having a conversation about this the other day. How can I take advantage of the strength of asymmetric key encryption but also still take the advantage of the speed of symmetric key encryption, a single key? Well, why don’t we use both? The symmetric key cannot be on the wire if it’s in public view because if anybody grabs that key, they can now encrypt and decrypt your information. So why don’t I take that symmetric key that’s faster, I put it in a box, and I shut the box and I lock it with asymmetric key encryption. Now the only piece of data that’s being bogged down CPU strength to be unencrypted is a single piece of data holding a key that can now be used to increase the speed by using symmetric key encryption. Does that make sense?
Yeah. We’re combining them. We don’t want to unencrypt everything with asymmetric. So why don’t we just encrypt the secret? Yeah. The symmetric key. We’ll encrypt that with asymmetric key encryption. Same process. You’re going to decrypt it with a private key. You pull the symmetric key out. Nobody has access to it. It’s gone across the wire in a protected manner. Secure key exchange. And now you can use symmetric key encryption and you can take advantage of the speed. So that kind of gives you an example of where you would see these and some of the variants that we talk about.