Data Privacy

An Introduction to Public Key Cryptography

By: Ted Papaioannou

Audience and Scope

This document is intended for anyone who exchanges information over the internet. It is useful for anyone from business owners who want to keep their intellectual property private, to bill payer who want to use online banking for their convenience. The purpose is to provide an overview of a popular and effective method of data encryption. No prior knowledge of programming or security is needed. Basic computer, internet, and general technology use would be helpful for a complete understanding. Yet, experience with any form of communication will lend itself to comprehension of this subject. A glossary of terms that are bolded is provided at the end.

Introduction
Public Key Cryptography is an algorithm used to encrypt a plain text message or to verify a digital signature. In todays technology driven society, we constantly exchange information, electronically and in the open. To keep data out of the wrong hands, we need a way to keep hide information. Beyond that, private information exchange must be easy for the agreeing parties. Public Key Cryptography is a solution to this problem implemented in systems all over the world; for example: as shown on the cover page, websites can use https (SSL) rather than http to mask information that is sent to and from a website. It allows for encryption of messages, authentication of the sender, or both combined. One simply needs the other partys Public Key and ones own Private Key and all of this can be achieved.

The Open Lock

Figure 2: Open lock

Figure 3: Message encryption

Figure 4: Message retrieval

Public Key Cryptography uses a straight forward concept that is easy to model. Above, the diagrams show conceptually how it works. The receiver, Alice wants to securely receive multiple messages from multiple different senders. To do this, it can give out copies of an unlocked lock to all the senders. Because the receiver is the only one with the key to the lock, the message can be locked up by anyone but only unlocked by the receiver.

Two Keys

Despite the name, two types of keys are actually needed for this system to work the Public Key and the Private Key. These keys work together to encrypt and decrypt a message. The diagram below shows how Alice can send a message to Bob, without Eve deciphering the message, while confirming the authenticity of the sender.

Figure 5: Private communication

The Public Key Encryption In order to pass a message securely between Alice and Bob, the message must be changed into meaningless and nearly indecipherable form when view by a third party trying to eaves drop. Because Alice wishes to receive a confidential message, it must exchange its public key with B. This public key is like giving Bob an open lock that only Alice has the key for. In doing so, this allows B to code the message in such a way that only Alice will be able to decipher it. To decipher the message, Alice needs to use the key to the lock. The Private Key Decryption Now that Bob has encrypted the message, it may be passed back to Alice who holds the Private Key. The Private Key is essentially the key to the lock that Alice gave to Bob. Using the private key, only Alice is able to decrypt the message that Bob sent. One-way functions: The Key to it All

Figure 6: One-way function

The beauty of this system is the transparency of it. According to the National Institute of Standards and Technology (NIST), it is best not to do security through obscurity because the system has a higher chance of either being broken before its too late to fix or the algorithm is exposed. Therefore, all good cryptographic systems use transparent algorithms so that they are highly scrutinized and researchers and hackers attempt to break them.

Public Key Cryptography uses algorithms that do not need to be hidden to be effective. It uses the concept of one-way functions, which are functions that are easy to compute one way but extremely difficult to compute the reverse way, to choose the two keys. The Public Key and Private Keys allow the function to be easily reversed. Without the Private Key, someone would have to try every possible value for a Private Key in order to unlock the lock. The Private Key is the piece that when given to the one way function, allows the difficult reversal to be done easily.

Functions of the System

Confidentiality

Figure 7: Confidentiality

Firstly, this system provides a way to keep all data private between the two communicating parties. Whichever party would like to receive a secure message must create both keys. When a sender would like to pass a private message, it must use the receivers public key to encrypt the message. Authentication

Figure 8: Authentication

What is secure communication if you cant validate the senders identity? The other great feature of the system helps accomplish this. In order to solely authenticate who a message is coming from, A can encrypt its message with its own Private Key. Using As Public Key, B is now able to authenticate that the message in fact came from A.

Both Confidentiality and Authentication

Figure 9: Confidentiality and Authentication

If the system can provide both confidentiality and authentication, it would be even better to combine the two. This is possible if both A and B exchange public keys. To achieve this next level of security, B must first encrypt its message with its own Private Key and then also its Public Key. When A decrypts the message, it will first be able to authenticate that the message came from B using Bs public key, then decipher the actual contents of the message using its own Public Key.

Benefit
This greatly simplifies the challenge of key distribution, which Symmetric Key Cryptography complicates it requires that every pair of communicators has their own unique key which quickly leads to a large accumulation of keys. Public Key Cryptography only uses one key to do it all which solves this issue. Upon the creation of this method, all information communicated electronically became significantly easier to keep private among many parties.
Symmetric Key Cryptography

Public Key Cryptography

VS
Figure 10: Symmetric vs. Public

Conclusion
Public Key Encryption has allowed for an entirely new type of secure message passing. It greatly reduces the overhead of distributing keys, which is a great improvement to Symmetric Key Encryption. It allows for the same Public Key to be shared among an infinite number of users. The Private Key is the actual key that opens the lock. This makes sharing data securely among many users much simpler. The oneway function is the magic this system, which allows for messages to be easily encrypted but nearly impossible to decrypt. This system is widely used in many security systems and has a great track record in all of its use cases.

Sources:
Information: http://www.youtube.com/watch?v=wXB-V_Keiu8 https://www.developer.mozilla.org/en-US/docs/Introduction_to_Public-Key_Cryptography NIST Guide to General Server Security http://www.cs.bham.ac.uk/~mdr/teaching/modules/security/lectures/symmetric-key.html http://www.dictionary.com Images: Figure 1: http://www.sslshopper.com/assets/images/ev-ssl-certificates-in-browsers.png Figure 2-4: http://www.youtube.com/watch?v=wXB-V_Keiu8 Figure 5: http://www.powayusd.com/pusdtbes/cs/eve.jpg Figure 6: http://blog.mgm-tp.com/wp-content/uploads/2012/12/Fig3-Hash.png Figures 7-9: Lecture 12 of Computer and Network Security by Avi Kak. Figures 10: https://www.developer.mozilla.org/en-US/docs/Introduction_to_Public-Key_Cryptography

Glossary
Algorithm: a set of rules for solving a problem in a finite number of steps. Decrypt: to decode (a message) with or without previous knowledge of its key Encrypt: to put (computer data or a message) into a coded form One-way function: a function that is easy to compute one way but extremely difficult to compute the reverse way. Security through obscurity: system security that depends on the secrecy of the implementation or its components. Symmetric Key Cryptography: an algorithm that is freely available for viewing by anyone Transparent algorithm: an algorithm that is freely available for viewing by anyone