Asymmetric Encryption

Understanding Encryption: Learning About Asymmetric Encryption for Better Online Security

Asymmetric Encryption

Audience

I’ve written this article in an effort to share my knowledge with fellow engineers interested in cybersecurity using Asymmetric Encryption. This article explains how these key pairs function behind the scenes and their practical use-cases.

Overview

In this article,

1. I’ll start by discussing why this technique is better than using a single key shared between two parties.

2. Then, I’ll guide you through the process of generating the key pair using a sample code.

3. Finally, I’ll explore some real-life use cases where this technique can be applied.

But before we dug deep lets know what is Asymmetric encryption using public and private key pairs

Asymmetric encryption

Asymmetric encryption, also known as public-private key encryption, is a smart way of securing messages. Imagine having a pair of keys — one is the public key, and the other is the private key. I use my private key to lock up my messages, making them safe and unreadable to others. Then, anyone with my public key can unlock and read those messages.

This approach is like having a padlock that only my private key can open. And the neat thing is, even if someone knows my public key, they can’t reverse-engineer it to figure out my private key. It’s like magic math that keeps our conversations private and secure.

With this system, I can also digitally “sign” messages using my private key, showing that they really come from me. Others can verify this signature using my public key, ensuring the message hasn’t been tampered with and that it genuinely originates from the sender.

So, asymmetric encryption is all about this clever dance between two keys — one to lock, the other to unlock. It’s a key player in the world of online security.

Advantages

1. Enhanced Key Distribution: Asymmetric encryption mitigates the risk associated with sharing the same key among parties. It employs separate keys for encryption and decryption, bolstering security.
2. Scalability and Complexity Management: As networks grow larger with numerous users Asymmetric encryption utilises a pair of mathematically related keys, eliminating the need for widespread key distribution and easing the scalability process.
3. Built-in Authentication: Asymmetric encryption inherently incorporates mechanisms to verify the sender’s identity and ensure message integrity.
4. Multiple Use-Cases: Asymmetric encryption extends its utility beyond data encryption, proving effective for secure key exchange tasks. Asymmetric encryption excels in establishing secure connections and facilitating safe information sharing.
5. Long-Term Security and Adaptability: Asymmetric encryption allows the generation of new key pairs as needed, adapting to evolving security landscapes and ensuring sustained protection.

Symmetric encryption

Alternative options to asymmetric encryption are symmetric encryption (using the same key for both parties)

Symmetric encryption is like having a single key that I use both to lock and unlock a treasure chest of messages. Just like my house key works for both locking and unlocking the door, this encryption method relies on a shared secret key for both scrambling and unscrambling messages.

When I want to send a secret message, I use this shared key to scramble up the words. To read the message, the recipient uses the same key to unscramble it. It’s like a secret code that only we both know.

Advantages

1. Speed: Symmetric encryption are generally faster than asymmetric encryption because of fewer complex calculations.
2. Simplicity: The process is simpler since the same key is used for both encryption and decryption, making it easier to implement and manage.
3. Efficiency: Symmetric encryption is efficient for encrypting large amounts of data, making it suitable for tasks like file encryption.
4. Resource-friendly: It requires less computational power, which can be beneficial for resource-constrained devices and systems.
5. Security: When properly managed and used for short-term purposes, symmetric encryption can provide strong security.

Hence, looking into these strength I hope you can easily decide which one you want to use based on your use-case.

Private-Public Key Generation

Here’s a simplified example of RSA key pair generation using small numbers for illustration purposes:

1. Choose Two Prime Numbers: Let’s pick two small prime numbers: p = 11 and q = 17.
2. Calculate N: Compute N = p * q = 11 * 17 = 187.
3. Compute φ(N): φ(N) = (p — 1) * (q — 1) = 10 * 16 = 160.
4. Select Public Exponent E: Choose E = 7. Since 7 and 160 are co-prime (they have no common factors other than 1), this is a valid choice.
5. Calculate Private Exponent D: Compute D such that (E * D) % φ(N) = 1. In this case, D = 23 because (7 * 23) % 160 = 1.
6. Public Key: Your public key is (N, E) = (187, 7).
7. Private Key: Your private key is (N, D) = (187, 23).

Now, let’s use these keys for encryption and decryption:

• Encryption: If you want to send a message, convert the message into a numerical value (using a suitable scheme) and raise it to the power of E (7 in this case) and take the remainder when divided by N (187). This cipher-text can be sent securely.
• Decryption: The recipient uses the private key (N, D) to raise the cipher-text to the power of D (23) and takes the remainder when divided by N (187). This process retrieves the original numerical value, which can then be converted back to the original message.

Note: Larger the prime numbers the number more secure is your encryption key, However, this would require more computational power for doing encryption and decryption

Use-cases

Here are some of the use-cases where I found we are using asymmetric encryptions to its strength

1. Secure Communication: You can use it to build a secure online communication, including emails, messaging apps, and sensitive data exchanges, ensuring that only authorised recipients can access the information.
2. Digital Signatures: Digital signatures verify the authenticity of digital documents, contracts, and transactions, assuring that they haven’t been altered and are from a trusted source.
3. Online Transactions: Asymmetric encryption safeguards online financial transactions, such as credit card payments, by encrypting sensitive payment information during transmission.
4. Authentication: This plays an important role in user authentication, allowing individuals to securely log in to websites and systems with strong encryption methods.
5. Certificate Authorities: Asymmetric encryption is used in SSL/TLS certificates, ensuring secure connections between websites and users, and validating the legitimacy of websites.
6. VPN and Remote Access: Virtual Private Networks (VPNs) use asymmetric encryption to establish secure connections for remote workers, protecting sensitive data transmission.
7. Blockchain: Asymmetric encryption is integral to blockchain technology, providing secure digital signatures and encryption for transactions and blocks in the chain.
8. Password Reset: Asymmetric encryption helps securely reset passwords by encrypting temporary reset links or codes, preventing unauthorised access to account recovery.

References

Some references of RFCs where you can read more about it

• RFC 2313: This RFC outlines PKCS #1: RSA Encryption Version 1.5.
• RFC 3447: This RFC updates PKCS #1 to Version 2.1, specifically for RSA encryption.
• RFC 5280: This RFC defines X.509 Public Key Infrastructure (PKI) Certificates.
• RFC 5652: This RFC specifies Cryptographic Message Syntax (CMS), which can be used with asymmetric encryption for secure messages.