PUBLIC KEY CRYPTOGRAPHY
2. Idea behind zero knowledge
Imagine that Alice knows a secret and wants to prove this to Bob. Of course she could just reveal the secret to Bob, but then he would know the secret too. Instead Alice does something like this:
Alice knows the secret password for Alibaba's cave. Alice goes into the cave and randomly chooses the left or right corridor.
Then Bob enters the cave and tells Alice from which corridor she should walk out from. Let's say Bob picked the left corridor. If Alice chooses the left corridor at the beginning, she can just walk the same way back and does not even have to use the password. If she is standing on the right side, she has to use the password, the magic wall opens and she also can walk into the left corridor.
At this point Bob is not very impressed. Alice had a 50%
chance of already being in the left corridor. So she could have passed the test, even without knowing the password. So Bob plays the same game another round. If Alice passes the test again, Bob is a little more convinced. After a sufficient amount of rounds Bob will believe that Alice knows the secret to Alibaba's cave. For example, after 10 rounds of playing this game, Alice has got a chance of (1/2) to the power of 10, or in numbers 0.0009765625%
to pass the test if she does not know the secret. We shall use these facts in a decisive manner below.
Every process of encryption and decryption is necessarily associated with a 'key'- the combination used for encryption and/or decryption, and an algorithm i.e. the rules or steps used for both encryption and decryption. The requirement of 'same' key as in case of 'symmetric' key cryptography leads to a common problem called 'problem of key distribution', i.e. how the two parties should agree upon a 'common' key that has to be used for the process.
This is as described below.
4.6. PKCS
In cryptography, PKCS refers to a group of public Key Cryptography Standards devised and published by RSA Security.
RSA Data Security Inc was assigned the licensing rights for the patent on the RSA asymmetric key algorithm and acquired the licensing rights to several other key patents as well.As such, RSA Security and its research division, RSA Labs, were interested in promoting and facilitating the use of public-key techniques. To that end, they developed the PKCS standards. They retained control over them, announcing that they would make changes/improvements as they deemed necessary, and so the PKCS standards were not, in a significant sense, actual industry standards, despite the name. Some, but not all, have in recent years begun to move into "standards track" processes with one or more of the relevant standards organizations.
The Public-Key Cryptography Standards are specifications produced by RSA Laboratories in cooperation with secure systems developers worldwide for the purpose of accelerating the
deployment of public-key cryptography. First published in 1991 as a result of meetings with a small group of early adopters of public-key technology, the PKCS documents have become widely referenced and implemented. Contributions from the PKCS series have become part of many formal and de facto standards, including ANSI X9 documents, PKIX, SET, S/MIME, and SSL.
PKCS Standards Summary and format of RSA public and private keys, and the basic algorithms and encoding/padding schemes for performing RSA encryption, decryption, and producing and verifying signatures.
PKCS #2 - Withdrawn
No longer active. Covered RSA encryption of message digests, but was merged into PKCS #1.
PKCS #3 1.4
Diffie-Hellman Key Agreement Standard
A cryptographic protocol that allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel.
PKCS #4 - Withdrawn No longer active. Covered RSA key syntax, but was merged into PKCS #1.
PKCS #5 2.0
Password-based Encryption Standard
Refer RFC 2898 and PBKDF2.
CS #6 1.5
Extended-Certificate Syntax Standard
Defines extensions to the old v1 X.509 certificate specification.
Obsolete by v3 of the same.
PKCS #7 1.5
Cryptographic Message Syntax Standard
Used to sign and/or encrypt messages under a PKI. Used also for certificate dissemination. Formed the basis for S/MIME, which is as of 2009 based
on RFC 3852, an
updated Cryptographic Message Syntax Standard (CMS). Often used for single sign-on.
Used to carry private certificate key pairs (encrypted or unencrypted).
PKCS #9 2.0 Selected Attribute Types
Defines selected attribute types for use in PKCS #6 extended certificates, PKCS #7 digitally signed messages, PKCS #8 private-key information, and PKCS #10 certificate-signing requests.
PKCS #10 1.7
Certification Request Standard
Format of messages sent to a certification authority to request certification of a public key.
See certificate signing request.
An API defining a generic interface to cryptographic tokens (see also Hardware Security Module). Often used in single sign-on, Public-key cryptography and disk encryption
Defines a file format commonly used to
store private keys with
accompanying public key certificates, protected with a password-based symmetric key. PFX is a predecessor to PKCS#12.
This container format can contain multiple embedded objects, e.g.
multiple certificates. Usually protected/encrypted with a password.
Can be used as a format for the Java key store. Usable by Tomcat, but NOT by Apache.
Defines a standard allowing users of cryptographic tokens to identify themselves to applications, independent of the application's Cryptoki implementation (PKCS #11) or other API.
(Source: www.wikipedia.org)
Questions:
1. What is modular arithmetic? Explain it in detail. How it can be used in cryptography?
2. “RSA Algorithm is the best one in generating public keys and private keys as well as the robust one in cryptographic world”-Explain this statement.
3. Prove RSA Algorithm with example.
4. Explain “Elgamal Signature Scheme” in detail.
5. Explain how DSS ensures verification and validation.
6. State the properties and applications of DSS, 7. What is PKCS? State the standards of PKCS.
8. Discuss the problems with Diffie-Hellman algorithm.
9. Explain “Bucket-Brigade Attack or MITM attack” in detail.
10. What do you understand by “Zero knowledge signature”?
Explain in detail.
11. How zero-knowledge proof will be efficient when it is integrated with SSH?