CMSC 426 Lecture 6

Asymmetric encryption

Encryption method that utilizes a pair of keys: a public key for encrypting data and a private key for decrypting it.

RSA

A prominent asymmetric encryption algorithm named after its developers: Rivest, Shamir, and Adleman.

RSA key generation steps

1. Select two secret prime numbers, p and q.

2. Calculate n = p × q and ϕ(n) = (p-1) × (q-1).

3. Choose a public exponent e.

4. Derive the private exponent d.

RSA public and private keys

The public key is represented as (n, e) while the private key is expressed as (n, d).

Encryption in RSA

To encrypt a message m, use the formula c = m^e mod n.

Decryption in RSA

To decrypt, perform the calculation m = c^d mod n.

Elliptic Curve Cryptography (ECC)

An asymmetric cryptographic technique based on elliptic curves, providing robust security with smaller key sizes.

Message Authentication Code (MAC)

A short segment of data attached to a message to confirm its integrity and authenticity using a shared secret key.

Digital signatures

Cryptographic signatures that utilize private key encryption to validate a message's authenticity.

HMAC

Hash-based Message Authentication Code that employs a cryptographic hash function alongside a secret key to guarantee message integrity and authenticity.

Public Key Infrastructure (PKI)

A system for overseeing digital certificates, public keys, and their revocation.

X.509 certificates

Digital certificates that link a public key to a specific entity, encompassing identifying details and a digital signature from a Certificate Authority (CA).

Chain of trust

A structured hierarchy within PKI where a trusted root CA signs intermediate certificates, which in turn sign end-entity certificates.

Self-signed certificates

Certificates that are issued and signed by the same entity, typically used in testing or internal networks.

Key exchange

The method of securely distributing cryptographic keys between parties using asymmetric encryption.

What does an SSL certificate demo typically illustrate?

An SSL certificate demo shows how a website’s digital certificate is used to establish an encrypted connection (HTTPS), verifying the site’s identity and securing data in transit.