Ch12 - 12.03 - Asymmetric Encryption Flashcards
Asymmetric Encryption
Asymmetric encryption involves using two mathematically related keys to perform the encryption and decryption process. There are two main points to remember about asymmetric encryption:
Whatever one key in the pair does, the other key undoes that operation.
The two keys are related, but you cannot derive one key from the other.
Remember that when using asymmetric encryption, the message (or data) is encrypted with the recipient’s public key. And also remember that to ensure nonrepudiation, the message is signed using the sender’s private key.
If Bob wanted to sign the message so that Sue knew that the message absolutely came from him, Bob would digitally sign the message with his private key and then send the message over to Sue. When Sue received the message, she would compare the key with all the public keys and find that the mathematically related key is Bob’s public key. This is how nonrepudiation is implemented. Bob can never say that he did not send the message because his system signs the message with his private key.
Pros n Cons of Asymmetric Encryption
Pros:
1) The advantage of asymmetric encryption is the fact that you can securely communicate the public keys to other parties, unlike with symmetric encryption. In the asymmetric system, you are free to give out the public key while the private key stays with the user.
2) Key management is also a benefit to using asymmetric encryption. You saw that with symmetric encryption, as the number of users increases, the number of keys rises dramatically. With asymmetric encryption, you need only a key pair per user for each user to be able to encrypt messages for all other users.
Cons:
The disadvantage of asymmetric encryption is that it is slower than symmetric encryption. If performance is a key factor, symmetric encryption may be the better alternative.
Asymmetric Encryption Algorithms
- Rivest Shamir Adleman (RSA)
- Diffie-Hellman
- Elliptic Curve
Rivest Shamir Adleman (RSA)
This is the first asymmetric algorithm that implemented signing and encryption. RSA gets its name from its three creators.
Diffie-Hellman
This algorithm is named after its creators as well. Diffie-Hellman is a key-exchange protocol that deals with exchanging keys in a secure fashion.
Elliptic Curve
This is a newer asymmetric algorithm that is based on
Diffie-Hellman for key exchange and the Digital Signature Algorithm (DSA) for signing messages.
Quantum Cryptography
A newer method of encryption that has come to light in recent years is known as quantum cryptography. Quantum cryptography is currently used with fiber-optic networks. It is based on sending the encrypted information as photons (particles of light), which are then converted to binary data.
The benefit of quantum cryptography is that if someone enters the communication channel and listens in on the communication, it will change the state of the photons as they pass through the eavesdropper. The change in state of the photons is easily detected by the participants in the communication, letting them know they should change their cryptography key.
In-Band vs. Out-of-Band Key Exchange
The Security+ certification expects you to know the terms in-band key exchange and out-of-band key exchange.
With in-band key exchange, the encryption key is exchanged between the parties as part of the communication.
Using out-of-band key exchange, two parties must exchange keys in a separate communication channel other than the communication channel that is exchanging data between the parties.
