What is Asymmetric Cryptography?

Loading...

From the course by University of Colorado System

Asymmetric Cryptography and Key Management

31 ratings

University of Colorado System

Asymmetric Cryptography and Key Management

31 ratings

Course 3 of 4 in the Specialization Applied Cryptography

Welcome to Asymmetric Cryptography and Key Management! In asymmetric cryptography or public-key cryptography, the sender and the receiver use a pair of public-private keys, as opposed to the same symmetric key, and therefore their cryptographic operations are asymmetric. This course will first review the principles of asymmetric cryptography and describe how the use of the pair of keys can provide different security properties. Then, we will study the popular asymmetric schemes in the RSA cipher algorithm and the Diffie-Hellman Key Exchange protocol and learn how and why they work to secure communications/access. Lastly, we will discuss the key distribution and management for both symmetric keys and public keys and describe the important concepts in public-key distribution such as public-key authority, digital certificate, and public-key infrastructure. This course also describes some mathematical concepts, e.g., prime factorization and discrete logarithm, which become the bases for the security of asymmetric primitives, and working knowledge of discrete mathematics will be helpful for taking this course; the Symmetric Cryptography course (recommended to be taken before this course) also discusses modulo arithmetic. This course is cross-listed and is a part of the two specializations, the Applied Cryptography specialization and the Introduction to Applied Cryptography specialization.

From the lesson

Asymmetric Cryptography Overview

This module reviews the principles and requirements of asymmetric cryptography, which uses a pair of keys - with one party using a public key and the other using the corresponding private key or vice versa - in contrast to symmetric cryptography using a shared secret key.

What is Asymmetric Cryptography?6:00

Meet the Instructors

Sang-Yoon Chang
Assistant Professor
Computer Science

Before discussing about asymmetric cryptography.

Let's first review symmetric cryptography,

which we discussed in the previous course.

In symmetric cryptography, we use one key,

one key that is shared by all the authorized parties, Alice and Bob.

The security of the cryptosystem relies on the secrecy of the key.

And if the attacker compromises the key,

then the attacker breaks the cryptosystem.

Because the key is to be secret against the unauthorized attackers,

symmetric cryptography is also called private key cryptography

or secret key cryptography.

Let's now discuss the radically different public key systems,

or asymmetric systems, in which two keys are used.

Public key cryptography, is asymmetric,

involving the use of two separate keys,

in contrast to symmetric encryption,

that uses only one key.

Anyone knowing the public key can encrypted messages or verify signatures,

but cannot decrypt messages, or create signatures.

Although this may initially seem counter-intuitive,

we will describe in greater detail in the next lesson.

There are a couple of misconceptions about asymmetric cryptography,

when compared to symmetric cryptography.

These misconceptions that asymmetric crypto is better than symmetric crypto,

often come from the fact that

asymmetric cryptography was developed after symmetric cryptography.

And tends to require more sophisticated setup.

The first misconception, is

that asymmetric encryption is more secure than symmetric encryption.

There's nothing in principle to show one is superior to

another from the point of view of resisting cryptanalysis.

The second misconception is that,

asymmetric cipher is a general purpose technique that

has made symmetric encryption obsolete.

This is not true, because the computational overhead of

current asymmetric ciphers is generally higher than the symmetric ciphers,

and make them too slow for certain applications.

Asymmetric ciphers rather complement symmetric ciphers,

or are used for different applications.

The third misconception is that,

key distribution is trivial for asymmetric cryptography.

This is also not true,

because the procedures involved are not simpler,

nor any more efficient than those required for symmetric encryption.

Some people overlook the overhead of

the key establishment and distribution of the public private key pair,

when designing asymmetric cryptographic system,

only to realize that such keys set up

overhead becomes the bottleneck of the system later.

The concept of asymmetric cryptography arose from

the real world issues that symmetric cryptography cannot sufficiently address.

More specifically, asymmetric cryptography was motivated to

solve the most difficult problems associated with symmetric photography,

which are key distribution and digital signatures.

The first problem with symmetric cryptography,

is that a key distribution.

Which under symmetric encryption,

requires either that Alice and Bob already shared key,

which somehow has been distributed to them,

or the use of trusted third party in the key distribution center.

This seemed to negate the very essence of cryptography.

The ability to maintain total secrecy over your own communication.

The second problem with symmetric cryptography was that of digital signatures,

if the use of cryptography was to become widespread,

not just the military context,

but also for commercial and private purposes,

then electronic messages and transactions would need

the equivalent of signature used in physical paper documents.

Such signatures can be used for authentication were just to ensure source user integrity.

The idea of public key schemes and the first practical scheme for

key distribution was published in 1976 by Whitfield Diffie and Martin Hellman.

Due to their contributions to asymmetric cryptography,

Diffie and Hellman received the ACM Turing Award,

an equivalent to Nobel Prize among computer scientists in 2015.

While we have Diffie and Hellman to be thankful for,

for publishing the concept of public key schemes.

The concept has previously been described in

a classified report in 1970 by James Ellis from the United Kingdom.

Who used the term non-secret encryption to describe the concept.

Interestingly, the British agency discovered RSA first,

and then Diffie-Hellman Key Exchange later.

Which is opposite to the order of public discovery.

In addition, some claim that the NSA knew of the concept in the mid 1960's.

Asymmetric algorithms rely on

one key for encryption and a different key but related key for decryption.

One key is public and therefore called public key,

while the other key is private and is known only to the key holder,

and therefore called private key.

Since the public key is public,

asymmetric cryptography needs to ensure that it is computationally infeasible,

difficult to derive the private key from the public key.

Explore our Catalog

Join for free and get personalized recommendations, updates and offers.

Coursera provides universal access to the world’s best education, partnering with top universities and organizations to offer courses online.

© 2018 Coursera Inc. All rights reserved.

Download on the App Store

Get it on Google Play