File: crypto/public.tex, r1944
This chapter summarises key concepts in public key cryptography. These concepts will be demonstrated when looking at specific algorithms, including RSA (Chapter 13), Diffie-Hellman Key Exchange (Chapter 14) and Elliptic Curve Cryptography (Chapter 15).
Presentation slides that accompany this chapter can be downloaded in the following formats: slides only (PDF); slides with notes (PDF, ODP, PPTX).
We have seen how symmetric key cryptography can be used for encryption. Now let’s look at an alternative approach, public key cryptography.
With symmetric key encryption, assume the sender generates a random key. The receiver of the encrypted data must also know that key in order to decrypt the data. But how does the receiver learn the key? If the sender sends the key unencrypted then an attacker can learn the key and it is no longer secret. If the sender encrypts the key, then the same problem arises: how do they get the second key (which is used to encrypt the first key) to the receiver?
Public key encryption can solve this problem, as we will see in the following slides.
Symmetric key encryption has been the main form of cryptography for a long time. It wasn’t until the 1960’s and 1970’s that public key cryptography was designed.
Consider all the students in the class. With public key crypto, each student would generate their own key pair. They could tell everyone their public key (e.g. yell it out in class, print on the screen and show), but they must keep their private key secret. Note that the keys are related: an algorithm is used to generate them (they are not randomly chosen like symmetric key encryption secret keys). That algorithm must be designed such that it is practically impossible for someone to find the private key if they know the public key.
The encryption/decryption algorithms in public key crypto are designed such that if you encrypt plaintext with one key in the pair, then you can only successfully decrypt the ciphertext if using the other key from that pair. For example, if you encrypt a message with the public key of Steve, then you can only decrypt the ciphertext if you know the private key of Steve.
Some public key ciphers also work in the other direction: if you encrypt a message with the private key of Steve, then you can only decrypt the ciphertext if you know the public key of Steve. We will see this in digital signatures.
This assumes User A (on the left ) already knows the public key of user B. Since it is PUBLIC there is no problem with A knowing B’s public key. However in practice, there are problems with A being sure that the public key does indeed belong to B (maybe it is someone pretending to be B). We don’t cover that here, but in the chapter on digital certificates we will see this issue (of knowing who’s public key it is) be addressed.
The details of the algorithms are covered in subsequent chapters.
Video: Concepts of Public Key Cryptography (21 min; Apr 2021)