Create New Article

Wiki Search

 
 
Google
Personal tools

Public-Key Cryptography

From Proprofs

Public-Key Cryptography

You are here: Home > Schools > Comptia > Security+ Certification > Wiki Home > Study Guide


Security+ Study Guide

Image:logoSmall.jpg

Table Of Contents

Contents

[edit section] Public Key Cryptography

Public Key Cryptography is a widely-applied form of cryptography commonly utilized in many network transactions. The Security+ exam will test you on your both your understanding of how public key systems work as well as your ability to discern between different types of public key algorithms. The exam will also cover PKI, or public-key infrastructure.


[edit section] The workings of Public Key Cryptography

Unlike private key systems, in which two communicating users share a secret key for encryption and decryption, public key systems utilize widely-available and unique “public keys,” as well as “private keys,” to securely transmit confidential data.


Here’s how a public key transaction works: Assume we have two users, Pat and Jill, and that Pat wishes to send Jill a secret love note. Pat encrypts the love note using Jill’s public key. The message is sent via email to Jill. Jill then can read the message by decrypting the message with her private key. Note that in order for this transaction to take place, only Jill has to know her private key. This is the beauty of a public key (or asymmetric) system. Through this transaction, known as secure message format, the confidentiality of the message is assured: only Jill can read it!

Public-key cryptography can also be applied to validate the authenticity of a message. In this formulation, Pat would send Jill a message using his private key (therefore encrypting the message). To read the message, Jill would use Pat’s public key. In doing so, Jill has affirmed that the message was in fact sent by Pat. This is known as open message format.

In order to ensure both information authenticity and confidentiality, signed and secure message format may be employed. Extending the love note example, Pat would first encrypt the message with Jill’s public key and then encrypt that encrypted message with his own private key. When the message is sent to Jill, she can use Pat’s public key to verify the message was indeed from Pat. But the message is still encrypted! To overcome this, she can use her own private key to decrypt the message.

(From Navy) Public Key Schema

[edit section] Public Key Protocols

  • RSA is an asymmetric key transport protocol that can be used to transmit private keys between hosts. The algorithm utilizes large prime numbers for effectiveness. The process can be explained very simply – Pat encrypts the private key with Jill’s public key, and Jill decrypts the message with her private key to reveal the private key.
  • Diffie-Hellman is a key agreement protocol that can be used to exchange keys. It uses logarithms to ensure security in the algorithm. In the Diffie-Hellman operation, Pat and Jill each use their own private keys with the public key of the other person to create a shared secret key. Note that Diffie-Hellman is vulnerable to man-in-the-middle attacks.
  • El Gamal is an extension of Diffie-Hellman that includes encryption and digital signatures.

[edit section] Message Digesting

A message digest is something of an unreadable, condensed version of a message. More specifically, a message digest utilizes a one-way hash function to calculate a set-length version of a message that cannot be deciphered into clear text. Message digests are usually employed in situations in which it would be undesirable to be able to decrypt the message. One such application is in modern username/password systems, in which the password is stored using a hash function or digest. After the password has been hashed, it cannot be un-hashed. When a user attempts to login with a password, the password he types is also hashed so that the two hashes (rather than the two passwords) are compared against each other. Note that the hash assumes that a hashed value cannot be deciphered and that no two messages will produce the same hash.


[edit section] Hashing Protocols

  • MD5 is the most commonly-used hash protocol and uses a 128-bit digest. It is very fast in hashing a message and is also open-source.
  • SHA-1 is a more secure implementation of a hashing protocol that uses a 160-bit digest and “pads” a message to create a more difficult-to-decipher hash.


[edit section] Quick Review

1. Which of the following ensures message confidentiality, but not authenticity?

a. Secure message format

b. Open message format

c. Signed and secure message format

d. Symmetric cryptography


2. Which of the following is not an asymmetric protocol?

a. Diffie-Hellman

b. El Gamal

c. 3DES

d. RSA


3. Why is a hash more difficult to decipher than a standard encryption protocol?

a. It is a one-way function

b. It uses strong encryption techniques

c. It uses large prime numbers

d. It uses discrete logarithms

[edit section] Answers

1. Secure message format works by encrypting a message with the public key of the intended recipient, ensuring confidentiality but not integrity. The answer is A.


2. 3DES is the only listed protocol that does not utilize a public key system. The answer is C.


3. Because a hash is a one-way function, the only way to decipher it is to try a large number of hashes of cleartext until one matches the original hash. The answer is A.

<<                              Table Of Contents                               Next Page>>>

Top 5 Contributors to this article

UsersArticle Contributions
Proprofs 3 contribs
james 2 contribs
Mufti4life 2 contribs
cornelius 1 contribs

 
   
Home  |  Site Map  |  Contact
Copyright © 2005-2014 ProProfs.com - Privacy & Terms