Cyber Security For Beginners: Part 4
Hey everyone, this blog is the continuation of the previous blog where we discussed encryption, in particular, symmetric encryption.
In this blog, we are going to touch upon the concepts of asymmetric encryption. Both these types of encryption are used hand-in-hand in the real world. So, it is important to learn about both of them.Let’s dive right in.
Previously, we learnt that symmetric encryption uses a single key to encrypt and decrypt the data.The major difference between asymmetric and symmetric encryption is that in asymmetric encryption, we use two different keys for this purpose. We use different keys for encrypting and decrypting data. This type of cryptography is also known as public-key cryptography.
The two keys used in asymmetric encryption are:
1.Public key
2.Private Key
The basic overview of how these keys work to encrypt and decrypt data is shown below.
The sender encrypts the data to be sent using the receivers public key. Then, the encrypted data is sent to the receiver. At the receiver’s end, he/she decrypts the data using their private key to obtain the original data. These two keys work in a pair; data encrypted using one’s public key can be decrypted only by their corresponding private key.
As the name suggests, the public key of a person would be available to everyone. This is because in order to send encrypted data to the recipient, his/her public key is needed. But their private key is only accessible and known to them.
Why is this known as Public-key cryptography?
It is called as Public-key cryptography because in this type of encryption, data is encrypted using a public key.
There is also a reverse process involved wherein if the sender encrypts a data using their private key, then this data can only be decrypted using their public key. This is used to prove authenticity of an encrypted data. When a person encrypts data using his/her private key, we know that it can only be decrypted using their publicly available corresponding public key.
So, if a person is trying to impersonate someone and encrypts a data using another private key, then the receiver won’t be able to decrypt it as it was not encrypted using the correct private key of genuine the person. So, the receiver can understand that this person is not who he/she is claiming to be.
Asymmetric is employed in various technologies such as SSL, TLS etc.
We won’t be covering the working of these technologies here, but maybe in the later blogs.
Now, let’s explore some Asymmetric encryption algorithms.
RSA : Rivest–Shamir–Adleman Algorithm
RSA is an asymmetric algorithm developed by three people; Rivest, Shamir and Adleman. Hence the name, RSA. The algorithm generates secure keys for encryption and decryption using the concept of prime numbers. We are not going to discuss the steps involved in this algorithm as it is beyond the scope of this series, but we will sharing some resources which you can refer to.
DSA: Digital Signature Algorithm
Used to generate digital signatures for data transmission. These signatures are used to authenticate the sender of a particular message. This process won’t be covered in this blog, but definitely look it up if you are interested. The DSA algorithm is somewhat complex in its working and is not as simple as explaining the concepts using a pair of keys. The algorithm is based on algebraic properties of discrete logarithm problem and modular exponentiations and is based on the on public-key cryptosystems principal. I know this doesn’t make any sense to you. That is why I described it as an advanced process.
DH: Diffie-Hellman
This asymmetric algorithm is used for secure key exchange during communications over a public channel. These algorithms are used for key exchanges in symmetric encryption as you might have guessed. So, even though the algorithm itself is asymmetric, it works on symmetric encryption. That is why I, I repeat, both types of encryption work best together.
Alright, so we are going to wind up our discussion on asymmetric encryption here. Do check out the resources linked below if you are interested to learn more this topic. In the next blog, we will talk about hashing and its various concepts. See you guys there!
Additional Resources:
