A Brief Introduction to Public Key Cryptosystems
Learning more about Asymmetric Key Cryptography with Examples
Earlier in an article, I discussed Cryptography in general, various types of Cryptography, security goals etc. In this article, we will discuss Public key Cryptosystems with examples proving why it is more secure. Please be sure to read the previous article first to get a better understanding. So let’s begin now.
The art of protecting information by transforming it (encrypting it) into an unreadable format, called cipher text. Only those who possess a secret key can decipher (or decrypt) the message into plain text. Encrypted messages can sometimes be broken by cryptanalysis, also called code breaking, although modern cryptography techniques are virtually unbreakable.
Also Read: What is Cryptography?
Cryptography systems can be broadly classified into:-
- Symmetric-key Cryptography(or Secret Key Cryptography): Systems that use a single key that both the sender and recipient have.
- Public-key Cryptography: Systems that use two keys, a public key known to everyone and a private key that only the recipient of messages uses.
- Hash Functions: Uses a mathematical transformation to irreversibly “encrypt” information
See the Picture below:-
Today I will discuss with you Public Key Cryptosystems by taking RSA Encryption as an example. Cryptography is a vast topic and introduces a lot of new terms. We have a list of 10 terms which you should be familiar with before reading ahead. Please go through them once.
Public Key Cryptography (PKC)
Public-key cryptography has been said to be the most significant new development in cryptography. Modern PKC was first described publicly by Stanford University professor Martin Hellman and graduate student Whitfield Diffie in 1976. Their paper described a two-key crypto system in which two parties could engage in a secure communication over a non-secure communications channel without having to share a secret key.
PKC depends upon the existence of so-called one-way functions, or mathematical functions that are easy to compute whereas their inverse function is relatively difficult to compute. Let me give you two simple examples:
Example 1: Multiplication vs. factorization
Suppose I tell you that I have two prime numbers, 5 and 7.
I want to calculate the product; it should take almost no time to calculate that value, which is 35.
Now suppose, instead, that I tell you that I have a number, 35, and I need you tell me which pair of prime numbers I multiplied together to obtain that number.
You will eventually come up with the solution but whereas calculating the product took milliseconds, factoring will take longer.
The problem becomes much harder if I start with primes that have 400 digits or so because the product will have ~800 digits.
Example 2: Exponentiation vs. logarithms:
Suppose I tell you that I want to take the number 3 to the 6th power;
Again, it is relatively easy to calculate 36 = 729.
But if I tell you that I have the number 729 and want you to tell me the two integers that I used, x and y so that logx729 = y, it will take you longer to find the two values.
While the examples above are trivial, they do represent two of the functional pairs that are used with PKC; namely, the ease of multiplication and exponentiation versus the relative difficulty of factoring and calculating logarithms, respectively.
The mathematical “trick” in PKC is to find a trap door in the one-way function so that the inverse calculation becomes easy given knowledge of some item of information.
- Generic PKC employs two keys that are mathematically related although knowledge of one key does not allow someone to easily determine the other key.
- One key is used to encrypt the plaintext and the other key is used to decrypt the ciphertext.
- It does not matter which key is applied first, but that both keys are required for the process to work. Since a pair of keys is required, this approach is also called Asymmetric Cryptography.
In PKC, Public Key is used to Encrypt the data and can be distributed among worldwide but Private Key must be kept secret and it is used to decrypt the cipher text or encrypted data.
Let’s take another and final example to understand the notion on Public and Private in a more subtle manner.
- Suppose Alice wants to send Bob a message.
- Alice encrypts some information using Bob’s public key;
- Bob decrypts the ciphertext using his private key.
Any eavesdropper who might have got the encrypted message will not be able to decrypt it until and unless he/she has the second key that is Private Key. Brute forcing is not a practical option due to limited computing resources however, theoretically it’s possible.
So, I shall end this article now. In the next article, we shall discuss RSA Encryption and how it works. If you like the tutorial, please let us know and give your valuable feedback. Share this article among your peers.