algorithm
Brute-force attack
•
Strength of hash
function depends solely
on the length of the
hash code produced by
the algorithm
SHA most widely
used hash algorithm
Developed by NIST
in 1993 and revised
in 1995 as SHA-1
that produces hash
value of 160 bits
In 2002 NIST
defined 3 new
version of SHA with
256, 384 and 512
bits of hash values.
SHA-3 in 2015
Additional secure
hash function
applications:
Passwords
•
Hash of a password is
stored by an operating
system
Intrusion detection
•
Store H(F) for each file
on a system and secure
the hash values

Public-Key Encryption
Structure
Publicly proposed by Diffie and Hellman in 1976
Based on mathematical functions rather than
operations on bits
Asymmetric
•
Uses two separate keys
•
Public key and private key
•
Public key is made public for others to use

Misconceptions
1.
Is public-key encryption is more secure from cryptanalysis than symmetric
encryption?
The security of any encryption scheme depends on (1) the
length of the key and (2) the computational work involved in breaking a
cipher.
Nothing in principle about either symmetric or public-key encryption
that makes one superior to another on cryptanalysis.
2.
Is public-key encryption general- purpose technique made symmetric
encryption obsolete?
The computational overhead of current public-key
encryption schemes, there seems no foreseeable likelihood that symmetric
encryption will be abandoned.
3.
Finally, there is a feeling that key distribution is trivial when using public-key
encryption, compared to the rather cumbersome handshaking involved with
key distribution centers for symmetric encryption.
For public-key key
distribution, some form of protocol is needed, often involving a central
agent, and the procedures involved are no simpler or any more efficient
than those required for symmetric encryption.

Public Key Encryption
The public key of the pair is made public for others to use, while the private key is known only to its
owner. So one key for encryption and a different but related key for decryption.
1.
Each user generates a pair of keys to be used for the encryption and decryption of messages.
2.
Each user places one of the two keys in a public register or other accessible file. This is the public
key. The companion key is kept private. As Figure 2.6a suggests, each user maintains a collection
of public keys obtained from others.
3.
If Bob wishes to send a private message to Alice, Bob encrypts the message using Alice’s public
key.
4.
When Alice receives the message, she decrypts it using her private key. No other recipient can
decrypt the message because only Alice knows Alice’s private key.
All participants have access to public keys, and private keys are generated locally by each participant
and never need to be distributed. As long as a user protects his or her private key, incoming
communication is secure. At any time, a user can change the private key and publish the companion
public key to replace the old public key.

Plaintext
Readable message or data that is fed into the algorithm as input
Encryption algorithm
Performs transformations on the plaintext

#### You've reached the end of your free preview.

Want to read all 62 pages?

- Summer '19
- Cryptography