คลังคำศัพท์

Public-Key Cryptography

Moderate

Public-key cryptography is a collection of algorithms-based cryptographic procedures that are used to jumble secret data and make it look randomized.

What Is Public-Key Cryptography?

Public-key cryptography entails two keys: a private key and a public key. These keys contain a piece of information that is used to scramble data and make it appear random. Only with the correct key can the messages be unencrypted and decrypted.

For instance, suppose we take a plaintext message, "Cool," and encrypt it with a key, say "323vjhqwhdj." Our message "Cool" has been encrypted with this key, and it now reads "X5xJCSycg14=", which appears to be random garbage data. However, we can recover "Cool" by decrypting it with the same key.

To prevent unauthorized access to data, the protocol employs a pair of keys that encrypt and decrypt it. The certification authorities provide the network's users with a public and a private key. If other users want to encrypt data, they obtain the public key of the intended recipient from a public directory. This key is used to encrypt and send the message to the recipient. Later on, it is decrypted by the recipient using a private key to which no one else has access.
The Rivest-Shamir-Adleman (RSA) algorithm is a public key cryptography system that is widely used when sending secure, sensitive information over an insecure network, such as the internet. The RSA algorithm is helpful because it allows both public and private keys to encrypt messages while maintaining their authenticity and integrity. Other cryptosystems include Diffie-Hellman, DSS, and Elliptic Curve.

The following are key benefits:

  • Public-key cryptography provides high data security because determining the decryption key with only the cryptographic algorithm and encryption key is impossible.
  • It is also one of the most secure protocols over private key cryptography because users do not have to reveal their private keys to anyone, which reduces the likelihood of cybercriminals discovering an individual's secret key during transmission.
  • In public-key cryptography, users are responsible for protecting their private keys, plus it allows for non-repudiable digital signatures unlike private-key systems wherein users have to share their secret keys and even possibly involve third parties for transmission. Public key cryptography provides its users with a convenient method to encrypt information as well as safely store digital signatures without any risks or third parties involved.

The following are disadvantages:

  • One of the most common issues with public-key cryptography is its slow performance. Several private key cryptography methods outperform the current public-key encryption method. However, this can be overcome by combining public-key cryptography with secret key systems, which provide both the security benefits of the public key system and the speed benefits of the private key system.
  • It is also vulnerable to attacks via spoofed or compromised accreditation bodies. When these attacks occur, cybercriminals imitate almost anyone by selecting a public key certificate from the vulnerable authority. This enables cybercriminals to associate a public key with the name of some other user.
  • When the user's private key is lost, this algorithm also backfires, making public-key encryption highly susceptible.