Public Key Cryptography
- The system was proposed by Diffe and Hellman in 1976.
- Involves a public key $k_{PUB}$ and an private key $k_{PRIV}$
- $P = D(k_{PUB} , E(k_{PRIV}, P)) $
- $P = D(k_{PRIV} , E(k_{PUB}, P)) $
- RSA encryption was the first public implementation in 1977
- basic observation
- Factoring is hard.
- $ (m^e)^d \equiv m % n$
- It is hard to find e given n and d.
- Also $(m^e)^d = (m^d)^e$
- So e and d can be keys.
- RSA Keys
- Need to be at least 256 bit long
- But are frequently up to 2000 bits long.
- This makes it a computationally expensive computation
- IE It takes a long time.
- It is probably not viable for regular message exchange.
- It takes as much as 10,000 times longer to encrypt/decode than DES/AES
- Communications using Public/Private key systems.
- Assume a pair of people who wish to communicate (Alice and Bob)
- An open communications network
- And an malicious actor Eve.
- A problem: How do Alice and Bob exchange messages?
- Bob creates a public key $k_{PUB-B}$ and an private key $k_{PRIV-B}$
- Alice creates a public key $k_{PUB-A}$ and an private key $k_{PRIV-A}$
- Each publishes their pubilc key
- Each hides their private key.
- Bob picks $k_{SYM}$ for the exchange of information.
- Solution 1:
- Bob creates $M=E(k_{PRIV-B},k_{SYM})$
- Bob sends M to Alice
- Alice decodes M, $k_{SYM} = E(k_{PUB-B},M)$
- Alice and bob happily exchange messages using AES and $k_{SYM}$.
- Problem 1:
- Unfortunately, there is nothing to stop Eve from decoding M as well.
- She knows Bob's public key.
- The book walks through a scenario where Eve actually intercepts the exchange of public keys.
- Bob requests Alice's public key.
- Eve intercepts this message and sends a message as Bob requesting Alice's public key
- Eve receives Alice's public key but sends a new public key to Bob.
- Even Intercepts the message containing $k_{SYM}$ above, decodes, and encodes it and re transmits it to Alice.
- Bob and Alice exchange messages and Eve listens.
- A much better scenario is where both Alice and Bob publish their public keys.
- The keys must be public and conformable.
- IE no transmitting fake public keys.
- Bob produces $M=E(k_{PUB-A}, E(k_{PRIV-B}, k_{SYM}))$
- Bob sends M to Alice.
- Alice can decode M, $k_{SYM} =E(k_{PUB-B},(k_E{PRIV-A},M ))$
- Alice knows this message came from Bob, because only Bob's private key can be decoded with Bob's public key.
- No one but Alice can read the message because it was decoded only with her private key.
- They introduce the idea of a nonce
- This is just a nonsense message.
- But it can be used to verify authenticity of both sides.
- Using the system above Bob and Alice exchange the nonce - twice.
- This will assure symmetric authentication.
- But how do we assure that the public keys are authentic?
- A Certification Authority (CA) is a trusted third party.
- They profice digital certification of the public key.
- Thus ensure trust of the private key.
- In one case
- Bob registeres his public key with a CA
- The CA issues Bob a certificate,
- This could be Bob's public key encrypted with the CA's private key.
- To interact with Bob, Alice asks Bob for his Public Key and his certificate.
- She decrypts the certificate with the CA's public key
- And compares this to Bob's public key
- Or just needs the certificate, from which she can extract Bob's public key.
- There are other scenarios, but in general you need a CA you can trust.