Message Message Message K E K (a) Using symmetric encryption Compare D H H H H H Message Message Message PR a E PU a (b) Using public-key encryption Compare D Message Message Message (c) Using secret value Compare K K K K Source A Destination B Figure 2.5 Message Authentication Using a One-Way Hash Function. H
Hash Function Requirements
Security of Hash Functions
Public-Key Encryption Structure
Plaintext Readable message or data that is fed into the algorithm as input Encryption algorithm Performs transformations on the plaintext Public and private key Pair of keys, one for encryption, one for decryption Ciphertext Scrambled message produced as output Decryption key Produces the original plaintext
User encrypts data using his or her own private key Anyone who knows the corresponding public key will be able to decrypt the message Mike Bob Plaintext input Transmitted ciphertext Plaintext output Encryption algorithm (e.g., RSA) Decryption algorithm Bob's private key Bob's public key Alice's public key ring Joy Ted (b) Encryption with private key X PU b PR b Y = E[ PR b , X ] X = D[ PU b , Y ] Figure2.6 Public-Key Cryptography Bob Alice
Algorithm Digital Signature Symmetric Key Distribution Encryption of Secret Keys RSA Yes Yes Yes Diffie-Hellman No Yes No DSS Yes No No Elliptic Curve Yes Yes Yes Table 2.3 Applications for Public-Key Cryptosystems
Requirements for Public-Key Cryptosystems
Asymmetric Encryption Algorithms
Digital Signatures Used for authenticating both source and data integrity Created by encrypting hash code with private key Does not provide confidentiality Even in the case of complete encryption Message is safe from alteration but not eavesdropping
Unsigned certificate: contains user ID, user's public key, as well as information concerning the CA Signed certificate Recipient can verify signature by comparing hash code values Figure 2.7 Public-Key Certificate Use Generate hash code of unsigned certificate Encrypt hash code with CA's private key to form signature H H Bob's ID information CA information Bob's public key E D Decrypt signature with CA's public key to recover hash code Use certificate to verify Bob's public key Create signed digital certificate
Digital Envelop es Protects a message without needing to first arrange for sender and receiver to have the same
You've reached the end of your free preview.
Want to read all 33 pages?
- Fall '19