Our last article provided an overview of what asymmetric cryptography infrastructure looks like. It is far different than that of a symmetric cryptography infrastructure, in that two sets of keys are being used as opposed to just one set. In this regard, it is the public key/private key combination that is utilized. Thus it affords it a much higher level of security than that of a symmetric cryptography infrastructure. Show
Also, an overview of the technical details of the public key/private key combinations was provided, as well as some of the disadvantages of utilizing an asymmetry cryptography infrastructure. The biggest disadvantage is that it can be much slower to use. The primary reason for this is the number of public key/private key combinations that can be generated and the sheer number of sending and receiving parties that can use them. In this article, we continue the theme of asymmetric cryptography, focusing on the following topics:
Click here for a primer into public key infrastructure. The mathematical algorithms usedThere are a number of key mathematical algorithms that serve as the crux for asymmetric cryptography, and of course, use widely differing mathematical algorithms than the ones used with symmetric cryptography. The mathematical algorithms used in asymmetric cryptography include the following:
The RSA algorithmRegarding the RSA algorithm, this is probably the most famous and widely used asymmetric cryptography algorithm. In fact, this very algorithm serves as the foundation for the tools of bio cryptography, in which the principles of cryptography can be used to protect a biometric template further. The RSA algorithm originates from the RSA data corporation, and it is named after its inventors, namely Ron Rivest, Ali Shamir and Leonard Adelman.The RSA algorithm uses the power of prime numbers to create both the public keys and the private keys. However, using such large keys to encrypt large amounts of information and data is totally infeasible, from the standpoint of the processing power and central server resources. Instead, ironically, the encryption is done using symmetric cryptography algorithms. In this regard, the private key then gets further encrypted by the public key which is used by the sending party. Once the receiving party obtains its ciphertext from the sending party, the private key which has been generated by the symmetric cryptography algorithms is then decrypted. From this point, the public key that was generated by the RSA algorithm can then be subsequently used to decrypt the rest of the ciphertext. The Diffie-Hellman algorithmRegarding the Diffie Hellman asymmetric algorithm, it is named after its inventors as well, who are White Diffie and Martin Hellman. It is also known as the “DH Algorithm.” However, interestingly enough, this algorithm is not used for the encryption of the ciphertext, rather, its main objective is to find a solution for sending the public key/private key combination through a secure channel. Here is how the Diffie-Hellman algorithm specifically works:
The elliptical wave theory algorithmThe Elliptical Wave Theory algorithm is a much newer type of asymmetric mathematical algorithm. It can be used to encrypt a very large amount of data, and its main advantage is that it is very quick, and thus, does not require a lot of central server overhead or processing power. As its name implies, Elliptical Wave Theory first starts off with a parabolic curve which is composed over a normal, “x,” “y,” coordinate plane. After the series of “x” and “y” coordinates are plotted, various lines are then drawn through the image of the curve, and this process continues until many more curves are created, and their corresponding interesting lines are also created. Once this particular process has been completed, the plotted “x” and “y” coordinates of each of the intersected lines and parabolic curves are then extracted. Once this extraction has been completed, then all of the hundreds and hundreds of “x” and “y” coordinates are then added together to create the public and private keys. However, the trick to decrypting a ciphertext message encrypted with the Elliptical Wave Theory algorithm is that the receiving party has to know the particular shape of the original elliptical curve, and all of the “x” and “y” coordinates of the lines that intersect with the various curves and the actual starting point at which the addition of the “x” and “y” coordinates was first created. The public key infrastructureSince the public key has become so important in both the encryption and the decryption of the ciphertext messages between the sending and the receiving parties and given the nature of its public role in the overall communications process, extensive research has been conducted. This has primarily been geared to create an infrastructure that would make the process of creating and sending of the public key/private key combination much more robust and secure. In fact, this type of infrastructure happens to be a very sophisticated form of asymmetric cryptography, which is known as the “public key infrastructure,” or “PKI” for short. The basic premise of the PKI is to help create, organize, store and distribute as well as maintain the public keys. However, in this infrastructure, both of the public and private keys are referred to as “digital signatures,” and they are not created by the sending and the receiving parties. Rather, they are created by a separate entity known as the “certificate authority,” or “CA” for short. This particular entity is usually an outside third party that hosts the technological infrastructure that is needed to initiate, create and distribute the digital certificates. At a very simplistic level, the PKI consists of the following components: The certificate authority The digital certificate The LDAP or X.500 directories The registration authority, also known as the “RA” Regarding the CA, it can be viewed as the governing body of the entire public key infrastructure. To start using the PKI to communicate with others, it is the CA that issues the digital certificates, which consist of both the public and the private keys. Certificate authority specificationsEach digital certificate that is governed by certificate authority consists of the following technical specifications:
Our next article will examine how the public key infrastructure actually works, as well as the various PKI policies and rules which need to be implemented. Sources
What standard is not secure and should never be used on modern wireless networks?WEP was the first encryption protocol used to secure wireless networks and is now easily compromised and should never be used. TKIP shares many similarities with WEP encryption and is no longer considered secure. So it too should no longer be seriously considered when securing your network.
What is the only unbreakable cipher when it is used properly?A One Time Pad (OTP) is the only potentially unbreakable encryption method. Plain text encrypted using an OTP cannot be retrieved without the encrypting key. However, there are several key conditions that must be met by the user of a one time pad cipher, or the cipher can be compromised.
What type of function generates the unique value that corresponds to the contents of a message and is used to create a digital signature quizlet?Explanation: Hash functions create a unique, fixed-length output for any given input. This hash value, also known as a message digest, is used to create a digital signature. Alice would like to send a message to Bob using a digital signature.
What type of cipher replaces bits characters or blocks of information with other bits characters or blocks?Substitution ciphers.
Replace bits, characters, or character blocks in plaintext with alternate bits, characters or character blocks to produce ciphertext. A substitution cipher may be monoalphabetic or polyalphabetic: A single alphabet is used to encrypt the entire plaintext message.
|