Unit 5 Flashcards
In an asymmetric key system:
- Two keys are available, one for encryption and one for decryption.
- Both keys are mathematically related to each other but in a very complex way.
- It is computationally infeasible to derive one key from the other.
Asymmetric key systems are often known as public key systems:
- One of the keys is made public – Public Key: perhaps post it on a website or send it out in an email message to all contacts
- The other key is kept private – Private Key: unpublished key should remain secret.
Factorization
The process of decomposing a number into its factors.
With the exception of number 1, all numbers can be decomposed into two or more numbers that multiply together to make the number.
Prime numbers
A prime number has a unique factorization; its only factors are 1 and itself
Compound numbers
When a number is not a prime and has multiple factors apart from 1 and itself
Prime factorization
A factorization is said to be a ‘prime factorization’ when all the factors are prime, meaning that it’s been decomposed to the point that all factors are prime
How the prime number factorization problem provides us with the public key system?
Primes chosen for the basis for key pair of public key systems are very large, so the multiplication of these prime numbers becomes a one-way function because it’s easy to do the multiplication but extremely difficult to undo to find the primes.
In cryptology, one-way functions are given the name trapdoor function
In a public key system:
The product of the two primes forms the basis of the public key part of the key pair and this is used to encrypt messages.
The decryption process relies on knowing the two prime factors used to create the public key
* This information is embedded in the private key.
Asymmetric key system (Alice and Bob)
1) Alice retrieves Bob’s public key
2) Alice encrypts her message using Bob’s public key
3) Alice sends her message to Bob
1) Bob receives the encrypted message
2)Bob uses his private key to decrypt the message
1) In the case of an eavesdropper like Eve, she can see Alice’s encrypted message but cannot decrypt it because she doesn’t have Bob’s private key
Drawbacks of a public key system
Because the keys are long to provide resistance to cryptanalysis, it imposes a processing overhead.
The time for encryption and decryption increases.
So it’s rare to use asymmetric systems to encrypt a message. Instead, it is used to exchange a session key
Using an asymmetric system for key exchange:
1) Alice generates the session key
2)Alice uses Bob’s public key to encrypt the session key
3)Alice sends the encrypted session key to Bob
4) Bob decrypts the encrypted session key using his own private key
5) Both parties share the same symmetric session key
6) The session key is used to encrypt their messages
Advantages of a session key
- A session key is short.
- A session key imposes a much lower processing overhead than public key systems.
Drawbacks of a session key
- Low resistance to attack
- Session keys usually stay in service for a relatively short time (sometimes only a single transaction) before being discarded
Integrity of data
the data has not been tampered with