{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

s-asym

# s-asym - ASYMMETRIC ENCRYPTION 1 135 Recommended Book...

This preview shows pages 1–12. Sign up to view the full content.

ASYMMETRIC ENCRYPTION 1 / 135

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
Recommended Book Steven Levy. Crypto . Penguin books. 2001. A non-technical account of the history of public-key cryptography and the colorful characters involved. 2 / 135
Recall Symmetric Cryptography Before Alice and Bob can communicate securely, they need to have a common secret key K AB . If Alice wishes to also communicate with Charlie then she and Charlie must also have another common secret key K AC . If Alice generates K AB , K AC , they must be communicated to her partners over private and authenticated channels. 3 / 135

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
Public Key Encryption Alice has a secret key that is shared with nobody, and an associated public key that is known to everybody. Anyone (Bob, Charlie, . . . ) can use Alice’s public key to send her an encrypted message which only she can decrypt. Think of the public key like a phone number that you can look up in a database 4 / 135
Public Key Encryption Alice has a secret key that is shared with nobody, and an associated public key that is known to everybody. Anyone (Bob, Charlie, . . . ) can use Alice’s public key to send her an encrypted message which only she can decrypt. Think of the public key like a phone number that you can look up in a database Senders don’t need secrets There are no shared secrets 4 / 135

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
Syntax of PKE A public-key (or asymmetric) encryption scheme AE = ( K , E , D ) consists of three algorithms, where E M D M or sk K C C pk A 5 / 135
How it Works Step 1 : Key generation Alice locally computers ( pk , sk ) \$ ← K and stores sk . Step 2 : Alice enables any prospective sender to get pk . Step 3 : The sender encrypts under pk and Alice decrypts under sk . We don’t require privacy of pk but we do require authenticity: the sender should be assured pk is really Alice’s key and not someone else’s. One could Put public keys in a trusted but public “phone book”, say a cryptographic DNS. Use certificates as we will see later. 6 / 135

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
Security of PKE Schemes: Issues The issues are the same as for symmetric encryption: Want general purpose schemes Security should not rely on assumptions about usage setting Want to prevent leakage of partial information about plaintexts 7 / 135
Security requirements Suppose sender computes C 1 \$ ← E pk ( M 1 ) ; · · · ; C q \$ ← E pk ( M q ) Adversary A has C 1 , . . . , C q What if A Retrieves sk Bad! Retrieves M 1 Bad! But also ... 8 / 135

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
Security requirements We want to hide all partial information about the data stream. Examples of partial information: Does M 1 = M 2 ? What is first bit of M 1 ? What is XOR of first bits of M 1 , M 2 ? 9 / 135
Security requirements We want to hide all partial information about the data stream. Examples of partial information: Does M 1 = M 2 ? What is first bit of M 1 ? What is XOR of first bits of M 1 , M 2 ?

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}