Residency Weekend Group Project

Asymmetric Cryptography Explained All at Once

Submitted to Dr. Donald Grimes by Residency Group 4

In partial fulfillment of course, requirement of EMSISS

ISOL535: Cryptography

University of the Cumberlands

Spring 2018

Abstract

In today’s technology, securing a system is an essential issue. Numerous procedures are given to secure system. Cryptographic is a strategy of changing a message into such frame which is ambiguous, and afterward retransforming that message back to its unique shape. If you want to keep your information safe and secret, you have the possible strategies are: hide the existence of the information or make the information unintelligible. Cryptography is the art and science of keeping information secure from unintended audiences, of encrypting it. Cryptography is a method used to store and transmit data in a secret form so that only those for whom it is intended can read and process it.

Keywords: RSA (Rivest Shamir Aldeman), El-gamal, Asymmetric cryptography, Public Key.

INTRODUCTION

With the globalization in the e-commerce, where everything is digital and is done online, may it be online shopping, money transfer, e-banking, e-voting, e- registration, sending email, security is the main priority. Reliance on electronic communications makes information vulnerable to unauthorized users. Hence the users need confidentiality, message integrity, sender non-repudiation and sender and authentication

Cryptography Goals

Listed below are the five main reasons what Encryption is implemented for:

a. Authentication: This can be achieved in two ways: Peer entity Authentication and Data Origin Authentication

b. Privacy/Confidentiality: This is to protect data from unauthorized access, may it be whole messages, part of data and even existence of a message. With this, data transmission can be combatted via passive attacks.

c. Integrity: This is to ensure that the receiver receives the data just the way it was intended without any alteration. Basically, this is achieved by check sum of IPv4 packets.

d. Non-repudiation: When the message is transferred, the receiver can prove that it was sent by a particular sender. This confirms that neither sender or receiver denies for sending/receiving a message

e. Service Reliability and Availability: The online systems can easily be attacked by hackers, intruders and that can affect the services to the system users.

Asymmetric Cryptography

Asymmetric cryptography makes use of public & the private key for encrypting and decrypting the data. It is also known as public key cryptography. Keys can be defined as large numbers that are paired together, but they are not identical. The public key is the one that can be shared with anyone. Private Key is the one that is used as a secret. (Ronald, 1990) One of the keys is used for encrypting the data and other is used for the purpose of decryption. There are several protocols that are used for encryption & the digital signature function. It can be used in the software program like the web browser that can be used for establishing a secure connection over the insecure network or it can also be used for validating the digital signature. (Norman, 2008) As asymmetric encryption provides the authenticity, integrity, non-repudiation, and confidentiality, then the system and the users should be certain the public key is authentic, and it has not tampered, and it belongs to the person claimed.

This concept makes use of the key pairs. Data that is encrypted by the public key can be decrypted by the private key so for the sender to send the encrypted message to the recipient, then senders need the public key of the recipient. (Ronald, 1990)

Bob & Alice needs to exchange the message using the insecure channel and there is need ensure that information that is sent can’t be read by a 3rd party like Eve. Bob & Alice encrypts a message using asymmetric cryptography and for the same purpose, Bob needs the public key of the Alice. The public key can be viewed by anyone like Eve. The key becomes visible to the public through the public server or an email. In the same way as Bob, Using the public key of Alice, he can encrypt the message and can send to anyone. The message sent by Bob can be decrypted by a private key of the Alice. (Norman, 2008)

EXAMPLE OF ASYMMETRIC CRYPTOGRAPHY: CLEF

When a user signs up for the clef, then it generates the private & public key and sends the public key to the server. When a user logged in, then a message is sent with the private key to the server. The message that is sent by private key can be verified using public key and only private key can generate the message. Hence, if the attacker has the public key even then he can’t log in its system as they need the private key that gets generated on the phone and stored as encrypted on the phone and does not get transmitted. (Ronald, 1990)

STRENGTHS OF ASYMMETRIC CRYPTOGRAPHY

a. Message authentication: It allows the use of the digital signature, so the recipient of the message can be verifying that message truly comes from the specific sender.

b. Convenience: It solves the problem about the distribution keys for the encryption where public keys are published, and private ones are kept as secret.

c. Non-repudiation: The messages are digitally signed just like the physical ones, so it acknowledges the message and sender can’t deny it. (Ayushi, 2010).

d. Detection of tampering: In asymmetric cryptography, digital signatures are used so the recipient of the message can detect if the message is altered or not.

WEAKNESSES OF ASYMMETRIC CRYPTOGRAPHY

1. Slow process: Asymmetric cryptography is a slow process as compared to the symmetric cryptography, so it is not a suitable method to decrypt the bulk messages.

2. The authenticity of public keys: Public keys are not authenticated as no one knows that key belongs to the specific individual, so the user needs to very that public key belongs to them.

3. Private Key loss: In case of loss of the private key then received messages can’t be decrypted. (Norman, 2008)

4. Security compromise: If the private key gets identified by the attacker then he can read all the messages.

ALGORITHMS THAT IMPLEMENT ASYMMETRIC CRYPTOGRAPHY

RSA ALGORITHM

It is the most proven and employed one. It was invented by 3 scholars, Ron Rivest, Len Adleman and Aid Shamir.

RSA Key pair: When a user needs to participate in communication by using encryption then there is a need to generate a pair of keys and they are private and public keys. (Ayushi, 2010) There is a process that is followed in keys generations. Firstly, the RSA modulus is generated and then the derived number is found out then public key is formed and the private key is generated.

Encryption / Decryption: Once the pair of key gets generated then the process of encryption or decryption are carried out. RSA operated on numbers modulo n. The plain text is represented as series of numbers that are less than n. (Ronald, 1990)

RSA encryption: If the sender wants to send a text message to someone with a public key (n,e) then sender represent plain text as a series of numbers that are less than n. P

laintext P is encrypted using C = P^e mod n.

Cipher text C is equivalent to plaintext P that is multiplied itself e times and it is reduced modulo n.

RSA decryption: It is a straightforward method. If the receiver has a public key pair (n,e) and cipher text C. C is raised to the power of private key d and result modulo n is plaintext P. (Ayushi, 2010)

RSA Analysis: RSA security depends on the strength of Encryption function and key generation. It is most popular one. The encryption function is a one-way function to convert plain into cipher-text and can be reversed using private key d. Difficult to determine private key from RSA public key is factoring modulus n.

DIFFIE HELLMAN KEY EXCHANGE ALGORITHM

It is called as an exponential key exchange. It is a method to digital encryption that makes use of numbers that are raised to some power to get decryption key that is based on components that do not get transmitted directly. (Ronald, 1990) Two users Alice and Bob are communicating with each other over the private channel and they mutually agree on some positive whole numbers, let’s say, p & q and p is prime number & q is a generator of it. q is when raised to positive whole number power that is less than p never produces the same output for any two whole numbers. (Ayushi, 2010)

**...(download the rest of the essay above)**

### About this essay:

This essay was submitted to us by a student in order to help you with your studies.

If you use part of this page in your own work, you need to provide a citation, as follows:

Essay Sauce, *Asymmetric Cryptography*. Available from:<https://www.essaysauce.com/information-technology-essays/asymmetric-cryptography/> [Accessed 18-10-19].

### Review this essay:

*Please note that the above text is only a preview of this essay.*