Asymmetric Cryptography

Asymmetric Encryption:
Asymmetric encryption is a form of cryptosystem in which
encryption and decryption are performed using the different keys—one a
public key and one a private key. It is also known as public-key
encryption. Asymmetric encryption transforms plaintext into ciphertext
using a one of two keys and an encryption algorithm. Using the paired
key and a decryption algorithm, the plaintext is recovered from the
ciphertext.

Public-key cryptography provides a radical departure from all that has

gone before. For one thing, public-key algorithms are based on
mathematical functions rather than on substitution and permutation. More
important, public-key cryptography is asymmetric, involving the use of
two separate keys, in contrast to symmetric encryption, which uses only
one key.

A public-key encryption components: A public-key encryption scheme

has six components:
 Plaintext: This is the readable message or data that is fed into the
algorithm as input.
 Encryption algorithm: The encryption algorithm performs
various transformations on the plaintext.
 Public and private keys: This is a pair of keys that have been
selected so that if one is used for encryption, the other is used for
decryption.
 Ciphertext: This is the scrambled message produced as output. It
depends on the plaintext and the key. For a given message, two
different keys will produce two different ciphertexts.
 Decryption algorithm: This algorithm accepts the ciphertext and
the matching key and produces the original plaintext.

A public-key encryption Essential Steps:

1. Each user generates a pair of keys to be used for the encryption and
decryption of messages.
2. Each user places one of the two keys in a public register or other
accessible file. This is the public key. The companion key is kept
private.

---------------------------------------------------------------------------------------------------------------
Principles of Cryptography Dr. OmaimaBahaidara 1
 3. If sender wishes to send a confidential message to destination, it
encrypts the message using destination public key.
4. When the destination receives the message, it decrypts it using its
private key. No other recipient can decrypt the message because
the receiver only knows its private key.

Asymmetric Encryption Use:

Asymmetric encryption can be used for confidentiality, authentication,
or both.

Asymmetric Encryption for confidentiality:

There is some source A that produces a message in plaintext, X = [X1, X2,
. . . ,XM]. The M elements of X are letters in some finite alphabet. The
message is intended for destination B. B generates a related pair of keys:
a public key, PUb, and a private key, PRb. PRb is known only to B,
whereas PUb is publicly available and therefore accessible by A. With
the message X and the encryption key PUb as input, A forms the
ciphertext Y = [Y1, Y2, . . . , YN].

Y = E(PUb, X)
The intended receiver, in possession of the matching private key, is able
to invert the
transformation:
X = D(PRb, Y)

Asymmetric Encryption for Authentication:

In this case, A prepares a message to B and encrypts it using A’s private
key before transmitting it. B can decrypt the message using A’s public
key. Because the message was encrypted using A’s private key, only A
could have prepared the message. Therefore, the entire encrypted

---------------------------------------------------------------------------------------------------------------
Principles of Cryptography Dr. OmaimaBahaidara 2
message serves as a digital signature. In addition, it is impossible to alter
the message without access to A’s private key, so the message is
authenticated both in terms of source and in terms of data integrity.
Y = E(PRa, X)
X = D(PUa, Y)

Asymmetric Encryption for Confidentiality and Authentication:

Asymmetric Encryption can provide both the authentication function and

confidentiality by a double use of the public-key scheme
Z = E(PUb, E(PRa, X))
X = D(PUa, D(PRb, Z))
In this case, we begin as before by encrypting a message, using the
sender’s private key. This provides the digital signature. Next, we encrypt
again, using the receiver’s public key. The final ciphertext can be
decrypted only by the intended receiver, who alone has the matching
private key. Thus, confidentiality is provided.

---------------------------------------------------------------------------------------------------------------
Principles of Cryptography Dr. OmaimaBahaidara 3
Symmetric vs. Public-Key
Conventional Encryption Public – Key Encryption
Needed to work: Needed to work:
1. The same algorithm with the same 1. One algorithm is used for
key is used for encryption and encryption and decryption with a
decryption. pair of keys, one for encryption
2. The sender and receiver must and one for decryption.
share the algorithm and the key. 2. The sender and receiver must each
have one of the matched pair of
Needed for security: keys (not the same one).
1. The key must be kept secret.
2. It must be impossible or at least Needed for security:
impractical to decipher a message 1. One of the two keys must be kept
if no other information is secret.
available. 2. It must be impossible or at least
3. Knowledge of the algorithm plus impractical to decipher a message
samples of ciphertext must be if no other information is
insufficient to determine the key. available.
3. Knowledge of the algorithm plus
one of the keys plus samples of
ciphertext must be insufficient to
determine the other key.

The RSA Asymmetric Encryption Algorithm:

The most widely used public-key cryptosystem is RSA. One of the first
successful asymmetric encryption was developed in 1977 by Ron Rivest,
Adi Shamir, and Len Adleman. The Rivest-Shamir-Adleman (RSA)
scheme has since that time reigned supreme as the most widely accepted
and implemented general-purpose approach to public-key encryption.

---------------------------------------------------------------------------------------------------------------
Principles of Cryptography Dr. OmaimaBahaidara 4
The RSA Example:

Key Generation:
1. Select two prime numbers, p = 17 and q = 11.
2. Calculate n = pq = 17 × 11 = 187.
3. Calculate ϕ(n) = (p - 1)(q - 1) = 16 × 10 = 160.
4. Select e such that e is relatively prime to ϕ (n) = 160 and less than ϕ
(n); we
choose e = 7.
5. Determine d such that de ≡1 (mod 160) and d < 160.The correct value
is d = 23,
because 23 × 7 = 161 = (1 × 160) + 1; d can be calculated using the
extended Euclid’s algorithm.
The resulting keys are public key PU = {7, 187} and private key PR =
{23, 187}.
The example shows the use of these keys for a plaintext input of M= 88.
For encryption, we need to calculate C = 887 mod 187. Exploiting the
properties of modular arithmetic, we can do this as follows.
887 mod 187 = [(884 mod 187) × (882 mod 187) × (881 mod 187)] mod
187
881 mod 187 = 88
882 mod 187 = 7744 mod 187 = 77
884 mod 187 = 59,969,536 mod 187 = 132
887 mod 187 = (88 × 77 × 132) mod 187 = 894,432 mod 187 = 11

---------------------------------------------------------------------------------------------------------------
Principles of Cryptography Dr. OmaimaBahaidara 5