Public key Cryptography and message authentication
In the last chapter, we discussed the data integrity threats and the use of hashing technique to detect if any modification attacks have taken place on the data. Show Another type of threat that exist for data is the lack of message authentication. In this threat, the user is not sure about the originator of the message. Message authentication can be provided using the cryptographic techniques that use secret keys as done in case of encryption. Message Authentication Code (MAC)MAC algorithm is a symmetric key cryptographic technique to provide message authentication. For establishing MAC process, the sender and receiver share a symmetric key K. Essentially, a MAC is an encrypted checksum generated on the underlying message that is sent along with a message to ensure message authentication. The process of using MAC for authentication is depicted in the following illustration − Let us now try to understand the entire process in detail −
Limitations of MACThere are two major limitations of MAC, both due to its symmetric nature of operation −
Both these limitations can be overcome by using the public key based digital signatures discussed in following section. When the two parties communicate to each other to transfer the intelligible or sensible message, referred to as plaintext, is converted into apparently random nonsense for security purpose referred to as ciphertext. Encryption:
Once the ciphertext is produced, it may be transmitted. The Encryption algorithm will produce a different output depending on the specific key being used at the time. Changing the key changes the output of the algorithm. Decryption: Public Key Encryption : Asymmetric is a form of Cryptosystem in which encryption and decryption are performed using different keys-Public key (known to everyone) and Private key (Secret key). This is known as Public Key Encryption. Difference between Encryption and Public-key Encryption:
Characteristics of Public Encryption key:
Example: Components of Public Key Encryption:
Weakness of the Public Key Encryption:
Applications of the Public Key Encryption:
How public key cryptography is used for authentication?The public key authentication protocol uses two keys per node, a public key for encryption and a private key for decryption. Everybody has access to the public key of a node, while the private key is secret. During authentication, random numbers are generated and exchanged, similar to the shared secret key protocol.
Is public key used for authentication?In public key authentication, the scheme is based on public key cryptography, using cryptosystems where encryption and decryption are done using separate keys, and it is not feasible to derive the decryption key from the encryption key. Each user creates a public/private key pair for authentication purposes.
How does a public key encrypt a message?Public key cryptography is a method of encrypting or signing data with two different keys and making one of the keys, the public key, available for anyone to use. The other key is known as the private key. Data encrypted with the public key can only be decrypted with the private key.
What is difference between PKI and public key cryptography?In public-key cryptography, two keys are used, one key is used for encryption, and the other is used for decryption. 3. In private key cryptography, the key is kept a secret. In public-key cryptography, one of the two keys is kept a secret.
|