Sunday, 20 December 2020

Cryptography in OS: Symmetric and Asymmetric Key

 

Cryptography:

·         Cryptography or cryptology is the practice and study of techniques for secure communication in the presence of third parties called adversaries.

·         More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages.

·         Various aspects in information security such as data confidentiality, data integrity, authentication, and non-repudiation are central to modern cryptography.

·         Applications of cryptography include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications.

·         Until modern times, cryptography referred almost exclusively to encryption, which is the process of converting ordinary information (called plaintext) into unintelligible form (called cipher text). Decryption is the reverse, in other words, moving from the unintelligible cipher text back to plaintext.

·         cipher (or cypher) is a pair of algorithms that create the encryption and the reversing decryption. The detailed operation of a cipher is controlled both by the algorithm and in each instance by a "key".

·         The key is a secret (ideally known only to the communicants), usually a short string of characters, which is needed to decrypt the cipher text. Formally, a "cryptosystem" is the ordered list of elements of finite possible plaintexts, finite possible cipher texts, finite possible keys, and the encryption and decryption algorithms which correspond to each key.

·         There are two kinds of cryptosystems: symmetric and asymmetric. In symmetric systems the same key (the secret key) is used to encrypt and decrypt a message. Data manipulation in symmetric systems is faster than asymmetric systems as they generally use shorter key lengths.

·         Asymmetric systems use a public key to encrypt a message and a private key to decrypt it. Use of asymmetric systems enhances the security of communication.

·         Examples of asymmetric systems include RSA (Rivest–Shamir–Adleman), and ECC (Elliptic Curve Cryptography). Symmetric models include the commonly used AES (Advanced Encryption Standard) which replaced the older DES (Data Encryption Standard).

·         Cryptanalysis is the term used for the study of methods for obtaining the meaning of encrypted information without access to the key normally required to do so; i.e., it is the study of how to crack encryption algorithms or their implementations.


Symmetric Key Cryptography:


·         Symmetric cipher models also called as secret key cryptography or symmetric key cryptography.


·         In symmetric key cryptography, a single key is used for encryption as well as decryption.

·         As shown in image sender encrypt plain text using a shared secret key and the resultant ciphertext is transmitted through a communication medium such as the Internet, at the receiver side, the ciphertext is decrypted using the same decryption key to obtain the original plain text.

·         Note that encryption and decryption process uses a well known symmetric key algorithm called as Data Encryption Standard (DES).

Symmetric encryption


·         Encryption of plain text, D (K, E(P)) = Decryption of Plain text using shared key K.

·         For Example, Stream and block cipher, Data Encryption Standard (DES), Advanced Encryption Standard (AES) and BLOWFISH.

·         Here the possibility is that if an attacker/opponent got cipher text?? He/she might apply different permutations and combinations to decrypt and obtain the original plain text. Here the main aim of cryptography comes into the picture. Always sender has to think on applying different encoding technique on plain text message and convert it into cipher text message so that the attacker cannot read the actual plain text easily.


Advantages of Symmetric Key Cryptography:

·         A Symmetric key is faster than asymmetric key cryptography.

·         Because of single key data cannot decrypt easily at receiver side even if it is intercepted by the attacker.

·         As the same key is used for encryption and decryption, a receiver must have the sender’s key; otherwise he cannot decrypt (without sender permission).

·         Symmetric key achieves the authentication principle because it checks the receiver’s identity.

·         DES and AES techniques are implemented using symmetric key cryptography.

·         System resources are less utilized in symmetric key cryptography.


Disadvantages of Symmetric Key Cryptography:

·         Once the key is stolen while transmitting data between sender and receiver it is very easy to decrypt the message as the same key is used for encryption and decryption.

·         In Symmetric key cryptography, a key is transmitted first and then a message is transferred to the receiver. If the attacker intercepts the communication between sender and receiver, then he can decrypt the message before it reaches to intended recipients.


Asymmetric Key Cryptography:

·         Asymmetric key cryptography is also called as public key cryptography.

·         In asymmetric key cryptography two keys are used, one for encryption and other for decryption.

·         As mentioned asymmetric key cryptography involves the use of two keys one is a public key that may know to everyone and can be used to encrypt messages, and verify signatures. Other is private key known only to the receiver of the message or verifier, used to decrypt messages, and sign (create) signatures.

·         It is also called as asymmetric key cryptography because one key is used for encryption only its corresponding key must be used for decryption. No other key can decrypt the message. The sender and receiver can encrypt messages using an encryption key (public) or verify signatures, he cannot decrypt messages or create signatures because he required decryption key (private) which is known only to the receiver of the message. Public key cryptosystem /asymmetric key cryptography are shown in image.


Asymmetric encryption


·         Mathematically it is represented as P = D(Kd, E (Ke,P))

·         For example, sender Ramesh wants to communicate with the receiver Suresh then they must have each one of this i.e. private key and public key then and then communication will be successful.

Advantages of Asymmetric Key Cryptography:

·         In Asymmetric key cryptography, a key cannot be distributed among sender and receiver as both have their own key, so there is no problem of key distribution while transmitting the data over the insecure channel.

·         The main advantage of asymmetric key cryptography is that two separate keys are used for used encryption and decryption; even if the encryption key is stolen by attacker he/ she cannot decrypt the message as decryption key is only available with the receiver only.

·         RSA algorithm and Diffie Hellman key exchange are implemented using asymmetric key cryptography.

·         Easy to use for user and scalable; does not require much administrative work.

Disadvantages of Asymmetric Key Cryptography:

·         Because of a different key used between sender and receiver require more time to get the transmission done as compare to symmetric key cryptography. (Slower than symmetric key cryptography very few asymmetric encryption methods achieve the fast transmission of data).

·         Asymmetric key cryptography utilizes more resource as compare to symmetric key cryptography.         


Comparison Chart

Symmetric Encryption

Asymmetric Encryption

Single or same key is used for encryption and decryption.

Two keys are used, one is for encryption and other is for decryption.

Symmetric key cryptography is also called secret key cryptography or private key cryptography.

Asymmetric key cryptography is also called public key cryptography or conventional cryptographic system.

Mathematically it is represented as
P = D (K, E(P)). Where K is encryption and decryption key.
P= plain text,
D= Decryption ,
E(P) = Encryption of plain text

Mathematically it represented as
P = D(Kd, E (Ke,P)),
Where Ke and Kd are encrytption and decryption key.
D=Decryption
E(Ke, P) = Encryption of plain text using private key Ke.

A Symmetric key is faster than asymmetric key cryptography.

An asymmetric key is slower than symmetric key cryptography because of two different key used.

For encryption of large message, asymmetric key cryptography still play an important role.

Asymmetric key cryptography plain text and cipher text treated as integer numbers.

Symmetric key cryptography utilizes less resource as compared to asymmetric key cryptography.

Asymmetric key cryptography utilizes more resource as compared to symmetric key cryptography.

For Example AES, DES, and BLOWFISH

For Example RSA, Diffie Hellman Key exchange algorithm.

 


No comments:

Post a Comment