Scribd
Upload
37 views1 page

Public Key Cryptography

Public-key cryptography uses pairs of keys, public and private, where the public key can be openly distributed but decryption requires the private key known only to the owner, allowing authentication and confidentiality. It underpins internet standards like TLS and digital signatures, and provides applications like digital cash and password authentication, though remains susceptible to brute-force and man-in-the-middle attacks.

Uploaded by

Daniel Reckerth
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
37 views1 page

Public Key Cryptography

Public-key cryptography uses pairs of keys, public and private, where the public key can be openly distributed but decryption requires the private key known only to the owner, allowing authentication and confidentiality. It underpins internet standards like TLS and digital signatures, and provides applications like digital cash and password authentication, though remains susceptible to brute-force and man-in-the-middle attacks.

Uploaded by

Daniel Reckerth
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

Public-key Cryptography

• also called asymmetric cryptography


• = cryptographic system that uses pairs of keys: public keys & private keys
• public keys – can be disseminated widely
• private keys – known only to the owner
• generating such keys depends on cryptographic algorithms based on mathematical problems to
produce one-way functions
• effective security: keep the private key private; the public key can be openly distributed without
compromising the security

• any person can encrypt a message using the receiver's public key, but decryption can only happen with
receiver's private key
• allows robust authentication => a sender can combine message + private key  short digital
signature on the message
o anyone with the sender's public key can combine the same message and the digital signature
associated with it to verify whether the signature was valid
• fundamental in modern cryptosystems, application and protocols
• assures confidentiality, authenticity, non-repudiability (provides proof of the integrity and origin of data)
• underpin various Internet standards, for e.g. TLS (Transport Layer Security), S/MIME, PGP, GPG
• can provide key distribution & secrecy ( Diffie-Hellman key exchange)
• can provide digital signatures (DSA – Digital Signature Algorithm)
• or both (RSA)
• further applications: digital cash, password-authenticated key agreement, time-stamping services
• PKI = public key infrastructure
o provides a set of roles, policies and procedures needed to create, manage, distribute, use, store
and revoke digital certificates and manage public-key encryption
• weaknesses:
o algorithms: susceptible to brute-force key search attacks – improbable nowadays
o alteration of public keys: "man-in-the-middle" attack

You might also like