Asymmetrical algorithms, referred to as public key cryptography, utilize a key pair that is mathematically related and generated by a complicated formula. The concept of asymmetrical derives from the fact that the encryption is one-way, in that either of the key pair and data that is encrypted with one key can only be decrypted with the other key of the pair. Asymmetrical key encryption is incredibly popular and can be used to enhance the process of symmetrical key sharing. Additionally, the use of two keys has provided digital signatures and Certificates.
Public key cryptography is the implementation of asymmetrical encryption tech-niques to provide a host of security options for communications and general data protection. Pretty Good Privacy (PGP) is a standard application, based on the RSA algorithm, that is an asymmetrical key implementation whereby one key is identified as private and the other as public. In reality, either key can perform the function of the other key; but for basic management issues, each must assume a given identity.
The most prevalent public key encryption algorithm is RSA, an acronym for its creators Ron Rivest, Adi Shamir, and Leonard Adleman. RSA is based on the difficulty of factoring two large prime numbers. For this very reason, some do not entirely trust the algorithm because any advancement in mathematical science that might result in a method for factoring prime numbers would quickly eliminate any protection currently afforded by public key cryptography — including authentication. Overnight digital signatures would mean nothing, and encrypted data would be available to anyone. Of course, the possibility of such a discovery is minute, albeit possible.
The use of two keys and sophisticated algorithms introduces two properties of asymmetrical encryption that complicate its implementation. Of the two, perfor-mance is a very serious issue, with respect to dynamic communications. IPSec uses asymmetrical encryption during some forms of authentication and symmetrical for encryption of upper layer data. Granted, the authentication of a VPN peer consumes very little time within itself, although each asymmetrical encryption process can be system intensive. Multiply the increased performance requirements by the number of connections being established and authenticated, and the result is a burdened system.
In short, the process of information manipulation within asymmetrical algorithms is not designed for streaming data flow. The other complexity of asymmetrical encryption is that now one has to manage two keys. Not only does a key owner have to collect and distribute the public key, but that key owner must ensure that the exact opposite is true with the private key. There are public servers and other methods for sharing the public key, but it is far from automatic. Public key management can be highly compli-cated when certain services and requirements are placed on the use of those keys.
Digital signatures, non-repudiation, authentication, and trust establishment are all exam-ples of public key management issues. Many of these requirements have evolved into their own science or technology, depending on one’s interaction, called Public Key Infrastructure (PKI) that incorporates methodologies and applications to accommodate the complexities of public key operations.
For now, RSA represents an incredibly strong encryption and authentication method that allows an entire half of the process (the public key) to be shared in the open without concern for the security of future communication utilizing that publicized key. Unfortunately, public key encryption is incredibly slow and requires substantial processor time to execute. One of the issues, as with symmetrical encryption, is that the key size in public key cryptography determines the block size to be encrypted. A key of 2048 bits can only be used on a block of data smaller. Therefore, a file of 4096
bits would require two instances of an encryption process, making public key ineffi-cient for bulk data encryption. The advantages are so great with the use of a key pair that the authentication properties can be obtained while only processing small pieces of information, such as a hash.
An example of public key cryptography, as shown in Exhibit 4-2, is Alice could encrypt a message with Bob’s public key and send the ciphertext to Bob. Because Bob is the only one with the matching private key, he would be the only recipient that could decrypt the message. However, this interaction only provides confidentiality — and not authentication — because anyone can use Bob’s public key to encrypt a message and claim to be Alice.
To provide authentication, Alice can use her private key to encrypt a message digest generated from the original message, and then use Bob’s public key to encrypt the original cleartext message and send it with the encrypted message digest. After receiving the message, Bob can use his private key to decrypt the message. The output can then be verified by using Alice’s public key to decrypt the message authentication that Alice encrypted with her private key. The process of encrypting information with a private key to allow the recipient to authenticate the sender is called a digital signature. An example of this process is detailed in Exhibit 4-3.
A traditional signed document is difficult to repudiate due to several attributes the documents has, for example, the document is difficult to forge. However, the ability to change the verbiage of the document to modify the agreement without consent of the original person who signed the document is quite feasible. For this reason, Exhibit 4-2. Asymmetrical key encryption
documents are typically copied a great deal and maintained in a secure location.
Unfortunately, the Internet is a very public medium and the exposure to various forms of forgery, duplicity, and modification abound.
A digital signature must not only be difficult to repudiate, but it must also protect the integrity of the information being signed. If exposed to the Internet, it is necessary to protect against any test getting added, changed, or removed.
There are two primary types of digital signatures, one based on encryption and decryption (e.g., RSA) and the other based on a mathematical validation of generated information that can only be duplicated by the corresponding key. Digital Signature Algorithm (DSA) is very similar to RSA in that two keys are generated to allow the sharing of authenticated information without any preexisting relationship. RSA uses a private key to encrypt a block of specific data, such as a hash; and the authentication is solely based on the recipient’s ability to decrypt that hash with the corresponding public key. The authentication is encryption and decryption based. On the other hand, DSA is designed just for digital signing of data and performs a mathematical operation that creates two 160-bit values that become the signature. The authentication is attained Exhibit 4-3. Digital signature with the use of hash functions
by demonstrating that the private key could have only created the two values presented as the signature. One might wonder as to the whereabouts of the data protection involved with this process. DSA’s 160-bit numbers exist because the algorithm must employ a hash function for the signature (in this case, SHA, which creates a 160-bit digest).
Digital signatures are based on the management of public and private keys and their use in the communication. The process of key management and digital signatures has evolved into Certificates. Certificates, simply stated, are public keys digitally signed by a trusted Certificate Authority (CA). The CA provides a third-party trust relationship.
This provides comfort in the knowledge that the public key being used to establish encrypted communications is owned by the proper person or organization based on a common trust of the CA. The collection of CAs, certificates, public and private keys, and the web of trusts established to provide the foundation are collectively known as PKI.