ROHINI COLLEGE OF ENGINEERING AND TECHNOLOGY

CONVENTIONAL AND PUBLIC-KEY ENCRYPTION

Conventional Encryption Public-Key Encryption

Needed to Work: Needed to Work:

1. The same algorithm with the same key is 1. One algorithm is used for encryption
used for encryption and decryption and decryption with a pair of keys, one
for encryption and one for decryption

2. The sender and receiver must share the 2. The sender and receiver must each
algorithm and the key. have one of the matched pair of keys
(not the same one).

Needed for Security: Needed for Security:

1. The key must be kept secret. 1. One of the two keys must be kept
secret.

2. It must be impossible or at least impractical 2. It must be impossible or at least

to decipher a message if no other information impractical to decipher a message if no
is available. other information is available.

3. Knowledge of the algorithm plus samples 3. Knowledge of the algorithm plus one
of ciphertext must be insufficient to determine of the keys plus samples of ciphertext
the key. must be insufficient to determine the
other key

PUBLIC-KEY CRYPTOSYSTEM: SECRECY

There is some source A that produces a message in plaintext, X = [X1, X2, ...,XM]. The M
elements of X are letters in some finite alphabet. The message is intended for destination B. B
generates a related pair of keys: a public key, PUb, and a private key, PRb. PRb is known only to
B, whereas PUb is publicly available and therefore accessible by A. With the message X and the
encryption key PUb as input, A forms the ciphertext
Y = [Y1, Y2, ..., YN]: Y = E(PUb, X)

CS8792-CRYPTOGRPHY AND NETWORK SECURITY

 ROHINI COLLEGE OF ENGINEERING AND TECHNOLOGY

Reference :William Stallings, Cryptography and Network Security: Principles and Practice, PHI 3rd Edition, 2006

The intended receiver, in possession of the matching private key, is able to invert the
transformation:
X = D(PRb, Y) An adversary, observing Y and having access to PUb, but not having access to
PRb or X, must attempt to recover X and/or PRb. It is assumed that the adversary does have
knowledge of the encryption (E) and decryption (D) algorithms. If the adversary is interested
only in this particular message, then the focus of effort is to recover X by generating a plaintext
estimate Xˆ . Often, however, the adversary is interested in being able to read future messages as
well, in which case an attempt is made to recover PRb by generating an estimate PRˆ b.
PUBLIC-KEY CRYPTOSYSTEM: AUTHENTICATION

Reference :William Stallings, Cryptography and Network Security: Principles and Practice, PHI 3rd Edition, 2006

CS8792-CRYPTOGRPHY AND NETWORK SECURITY

 ROHINI COLLEGE OF ENGINEERING AND TECHNOLOGY

the scheme illustrated in the above Figure provides confidentiality to provide authentication:
Y = E(PRa, X) X = D(PUa, Y)
In this case, A prepares a message to B and encrypts it using A’s private key before transmitting
it. B can decrypt the message using A’s public key. Because the message was encrypted using
A’s private key, only A could have prepared the message. Therefore, the entire encrypted
message serves as a digital signature. In addition, it is impossible to alter the message without
access to A’s private key, so the message is authenticated both in terms of source and in terms of
data integrity.
PUBLIC-KEY CRYPTOSYSTEM: AUTHENTICATION AND SECRECY

Reference :William Stallings, Cryptography and Network Security: Principles and Practice, PHI 3rd Edition, 2006

It is, however, possible to provide both the authentication function and confidentiality by a
double use of the public-key scheme :
Z = E(PUb, E(PRa, X)) X = D(PUa, D(PRb, Z))
In this case, we begin as before by encrypting a message, using the sender’s private key.This
provides the digital signature. Next, we encrypt again, using the receiver’s public key.
The final ciphertext can be decrypted only by the intended receiver, who alone has the matching
private key. Thus, confidentiality is provided. The disadvantage of this approach is that the
public-key algorithm, which is complex, must be exercised four times rather than two in each
communication.
APPLICATIONS FOR PUBLIC-KEY CRYPTOSYSTEMS
▪ We can classify the use of public-key cryptosystems into three categories
▪ Encryption /decryption: The sender encrypts a message with the recipient’s public
key.

CS8792-CRYPTOGRPHY AND NETWORK SECURITY

 ROHINI COLLEGE OF ENGINEERING AND TECHNOLOGY

▪ Digital signature: The sender “signs” a message with its private key. Signing is
achieved by a cryptographic algorithm applied to the message or to a small block
of data that is a function of the message.
▪ Key exchange: Two sides cooperate to exchange a session key. Several different
approaches are possible, involving the private key(s) of one or both parties.
APPLICATIONS FOR PUBLIC-KEY CRYPTOSYSTEMS
▪ Some algorithms are suitable for all three applications, whereas others can be used only
for one or two of these applications.
▪ Table indicates the applications supported by the algorithms.

Reference :William Stallings, Cryptography and Network Security: Principles and Practice, PHI 3rd Edition, 2006

REQUIREMENTS FOR PUBLIC-KEY CRYPTOGRAPHY

▪ 1. It is computationally easy for a party B to generate a pair (public key PUb, private key
PRb).
▪ 2. It is computationally easy for a sender A, knowing the public key and the message to
be encrypted, M, to generate the corresponding ciphertext: C = E(PUb, M)
▪ 3. It is computationally easy for the receiver B to decrypt the resulting ciphertext using
the private key to recover the original message: M = D(PRb, C) = D[PRb, E(PUb, M)]
▪ 4. It is computationally infeasible for an adversary, knowing the public key, PUb, to
determine the private key, PRb.
▪ 5. It is computationally infeasible for an adversary, knowing the public key, PUb, and a
ciphertext, C, to recover the original message, M. We can add a sixth requirement that,
although useful, is not necessary for all public-key applications:
▪ 6. The two keys can be applied in either order: M = D[PUb, E(PRb, M)] = D[PRb,
E(PUb, M)]
PUBLIC-KEY CRYPTANALYSIS
▪ A public-key encryption scheme is vulnerable to a brute-force attack. The
countermeasure is the same: Use large keys

CS8792-CRYPTOGRPHY AND NETWORK SECURITY

 ROHINI COLLEGE OF ENGINEERING AND TECHNOLOGY

▪ Another form of attack is to find some way to compute the private key given the public
key
▪ There is a form of attack that is peculiar to public-key systems. This is, in essence, a
probable-message attack

CS8792-CRYPTOGRPHY AND NETWORK SECURITY