Flashcards in Cryptography Intro Deck (10):
Asymmetric Encryption uses how many keys
2- 1 for encryption, 2 for decryption.
How does asymmetric encryption work?
Each user has pair of keys that are mathematically paired.
User has other people's public keys to encrypt user's messages to that person. Recipient uses his private key to decrypt message.
Which encryption method takes longer?
which method is better at protecting confidentiality? asymmetric or symmetric encryption?
which method is preferred to securely distributing a session key?
If we have N users, how many keys are needed for symmetric encryption? how many keys are needed for asymmetric encryption?
N^2 for symmetric encryption
2*N for asymmetric encryption
asymmetric encryption is better for scalability
what's the solution to public key forgery?
using a public key certificate to authenticate the original owner of the public key
a public key certificate consists of his public key, user id, name, address, CA's time of certificate validity and the whole thing is signed using the "certificate authority (CA)"'s private key. This is hashed and becomes the digital signature.
The recipient can use the owner's public key & info and hash it. This is hash1. The recipient then takes the CA's public key to decrypt the owner's digital signature, which creates hash2.
If hash1=hash2, then the public key certificate has been validated.
How does the recipient of a message encoded by asymmetric encryption verify authenticity (ie., check for forgery)?
Hash1 = sender's public key & info and hash it
Hash2 = digital signature & decrypt it w CA's public key
if Hash1 == Hash2, then message is not forged
If sender and receiver don't first have to arrange a shared secret key in digital envelopes, how does the sender get the shared secret key to the receiver?
Sender encrypts the message with the "shared secret key" before the key is shared and then encrypt the shared secret key with the receiver's public key.