Learning Objectives
- List the various ways in which cryptography is used
- Define digital certificates
- List the various types of digital certificates and how they are used
Asymmetric Cryptography
Unlike symmetric encryption, which uses the same key for both encryption and decryption, asymmetric encryption uses a pair of keys: one for encryption and another for decryption. This type of encryption is also known as public key cryptography.
Encryption Process
- Data is encrypted using the public key. (mostly)
- The encrypted data can only be decrypted using the private key.
- The private key must be kept secure, while the public key is shared.
Detailed diagram
sequenceDiagram
participant Alice
participant Bob
Public Key Distribution
Alice->>Bob: Requests Bob's public key (via website or secure channel)
Bob->>Alice: Sends Bob's public key
Transmission
Note over Alice, Bob: The message is encrypted and sent over an insecure channel.
Note over Alice, Bob: Even if intercepted, it cannot be decrypted without the private key.
Final Security Assurance
Note over Alice, Bob: Only Bob can decrypt the message, as the private key is secret and computationally infeasible to reverse-engineer.
Note over Alice: Anyone can encrypt using Bob's public key, but only Bob can decrypt using his private key.
Step 1: User requests a digital certificate
User->>TTP: (1) Request digital certificate with public key
TTP->>TTP: (2) Verify User's identity
TTP->>User: (3) Issue digital certificate (signed with TTP's private key)
Attack Scenario
Attacker->>Receiver: (A1) Sends fake public key (claiming to be User)
Receiver->>TTP: (A2) Verify certificate
TTP--XReceiver: (A3) Certificate is invalid!
Receiver->>Attacker: (A4) Reject communication