4.4 Asymmetric key systems
Asymmetric or public key systems are based on encryption techniques whereby data that has been encrypted by one key can be decrypted by a different, seemingly unrelated, key. One of the keys is known as the public key and the other is known as the private key. The keys are, in fact, related to each other mathematically but this relationship is complex, so that it is computationally infeasible to calculate one key from the other. Thus, anyone possessing only the public key is unable to derive the private key. They are able to encrypt messages that can be decrypted with the private key, but are unable to decrypt any messages already encrypted with the public key.
I shall not explain the mathematical techniques used in asymmetric key systems, as you do not need to understand the mathematics in order to appreciate the important features of such systems.
Each communicating entity will have its own key pair; the private key will be kept secret but the public key will be made freely available. For example, Bob, the owner of a key pair, could send a copy of his public key to everyone he knows, he could enter it into a public database, or he could respond to individual requests from entities wishing to communicate by sending his public key to them. But he would keep his private key secret. For Alice to send a private message to Bob, she first encrypts it using Bob's easily accessible public key. On receipt, Bob decrypts the ciphertext with his secret private key and recovers the original message. No one other than Bob can decrypt the ciphertext because only Bob has the private key and it is computationally infeasible to derive the private key from the public key. Thus, the message can be sent secretly from Alice to Bob without the need for the prior exchange of a secret key.
Using asymmetric key systems with n communicating entities, the number of key pairs required is n. Compare this with the number of shared keys required for symmetric key systems (see SAQs 4 and 5) where the number of keys is related to the square of the number of communicating entities. Asymmetric key systems are therefore more scalable.
Public key algorithms can allow either the public key or the private key to be used for encryption with the remaining key used for decryption. This allows these particular public key algorithms to be used for authentication, as you will see later.
Public key algorithms place higher demands on processing resources than symmetric key algorithms and so tend to be slower. Public key encryption is therefore often used just to exchange a temporary key for a symmetric encryption algorithm. This is discussed further in Section 4.6.
As with symmetric key systems, there are many public key algorithms available for use, although most of them are block ciphers. Two used in popular commercial software products are listed in Table 3.
Table 3 Examples of commercial asymmetric key systems
|RSA (named after its creators–Rivest, Shamir and Adleman)||A block cipher first published in 1978 and used for both encryption and authentication. Its security is based on the problem of factoring large integers, so any advances in the mathematical methods of achieving this will affect the algorithm's vulnerability.|
|DSS (Digital Signature Standard1)||Developed by the US National Security Agency (NSA). Can be used only for digital signatures and not for encryption or key distribution.|
Digital signatures are explained in Section 8.
Construct a table to compare the features of symmetric and asymmetric key systems.
Symmetric key and asymmetric key systems are compared in Table 4.
|Symmetric key systems||Asymmetric key systems|
|The same key is used for encryption and decryption.||One key is used for encryption and a different but mathematically related key is used for decryption.|
|Relies on the sender and the receiver sharing a secret key.||Shared secret key exchange is not needed.|
|The key must be kept secret.||One key (the secret key) must be kept secret, but the other key (the public key) is published.|
|It should be computationally infeasible to derive the key or the plaintext given the algorithm and a sample of ciphertext.||It should be computationally infeasible to derive the decryption key given the algorithm, the encryption key and a sample of ciphertext.|
|Faster and computationally less demanding than public key encryption.||Slower and computationally more demanding than symmetric key encryption.|