Content deleted Content added
LaffyTaffer (talk | contribs) m Reverted 1 edit by Itsakyaduvanshi (talk) to last revision by The frog in question |
Citation bot (talk | contribs) Removed URL that duplicated identifier. | Use this bot. Report bugs. | Suggested by Headbomb | Linked from Wikipedia:WikiProject_Academic_Journals/Journals_cited_by_Wikipedia/Sandbox | #UCB_webform_linked 165/967 |
||
| (19 intermediate revisions by 14 users not shown) | |||
Line 27:
== Description ==
Before the mid-1970s, all cipher systems used [[symmetric key algorithm]]s, in which the same [[cryptographic key]] is used with the underlying algorithm by both the sender and the recipient, who must both keep it secret. Of necessity, the key in every such system had to be exchanged between the communicating parties in some secure way prior to any use of the system – for instance, via a [[secure channel]]. This requirement is never trivial and very rapidly becomes unmanageable as the number of participants increases, or when secure channels are not available, or when
By contrast, in a public-key cryptosystem, the public keys can be disseminated widely and openly, and only the corresponding private keys need be kept secret.
Line 120:
|doi=10.1145/167088.167260
|doi-access=free
|quote=Now, certain types of information cannot reasonably be assumed to be concealed. For instance, an upper bound on the total volume of a party’s sent or received communication (of any sort) is obtainable by anyone with the resources to examine all possible physical communication channels available to that party.
}}</ref><ref name="karger1977nondiscretionaryaccesscontrol">{{cite thesis
|last=Karger
Line 132:
|chapter=11: Limitations of End-to-End Encryption
|hdl=1721.1/149471
|hdl-access=free
|quote=The scenario just described would seem to be secure, because all data is encrypted before being passed to the communications processors. However, certain control information must be passed in cleartext from the host to the communications processor to allow the network to function. This control information consists of the destination address for the packet, the length of the packet, and the time between successive packet transmissions.
}}</ref><ref name="chaum1981untraceableemail">{{cite journal
Line 179 ⟶ 180:
== Applications ==
The most obvious application of a public key encryption system is for encrypting communication to provide [[confidentiality]] – a message that a sender encrypts using the recipient's public key, which can be decrypted only by the recipient's paired private key. Most digital services such as financial services, email, and messaging applications utilized daily are secured using public key encryption. <ref>{{Cite web |date=2025-06-05 |title=Post-Quantum Cryptography: A New Security Paradigm for the Post-Quantum Era |url=https://www.pentasecurity.com/blog/security-issue-post-quantum-cryptography/ |access-date=2025-07-10 |website=Penta Security Inc. |language=en-US}}</ref>
Another application in public key cryptography is the [[digital signature]]. Digital signature schemes can be used for sender [[authentication]].
Line 198 ⟶ 199:
All public key schemes are in theory susceptible to a "[[brute-force attack|brute-force key search attack]]".<ref>{{cite book|last1=Paar|first1=Christof|first2=Jan|last2=Pelzl|first3=Bart|last3=Preneel|url=http://www.crypto-textbook.com|title=Understanding Cryptography: A Textbook for Students and Practitioners|publisher=Springer|year=2010|isbn=978-3-642-04100-6}}</ref> However, such an attack is impractical if the amount of computation needed to succeed – termed the "work factor" by [[Claude Shannon]] – is out of reach of all potential attackers. In many cases, the work factor can be increased by simply choosing a longer key. But other algorithms may inherently have much lower work factors, making resistance to a brute-force attack (e.g., from longer keys) irrelevant. Some special and specific algorithms have been developed to aid in attacking some public key encryption algorithms; both [[RSA (algorithm)|RSA]] and [[ElGamal encryption]] have known attacks that are much faster than the brute-force approach.{{cn|date=June 2024}} None of these are sufficiently improved to be actually practical, however.
Major weaknesses have been found for several formerly promising asymmetric key algorithms. The [[Merkle–Hellman knapsack cryptosystem|"knapsack packing" algorithm]] was found to be insecure after the development of a new attack.<ref>{{Cite book|last1=Shamir|first1=Adi|title=23rd Annual Symposium on Foundations of Computer Science (SFCS 1982) |chapter=A polynomial time algorithm for breaking the basic Merkle-Hellman cryptosystem |date=November 1982
=== Alteration of public keys ===
Line 223 ⟶ 224:
|website=UpGuard
|access-date=June 26, 2020
}}{{sps
{{cite web
|author=martin
Line 233 ⟶ 234:
|archive-url=https://web.archive.org/web/20160819165216/https://en.greatfire.org/blog/2013/jan/china-github-and-man-middle
|archive-date=19 August 2016
}}{{sps
{{cite web
|url=https://en.greatfire.org/blog/2014/sep/authorities-launch-man-middle-attack-google
Line 241 ⟶ 242:
|website=GreatFire
|access-date=June 26, 2020
}}{{sps
=== Public key infrastructure ===
Line 274 ⟶ 275:
=== Classified discovery ===
In 1970, [[James H. Ellis]], a British cryptographer at the UK [[Government Communications Headquarters]] (GCHQ), conceived of the possibility of "non-secret encryption", (now called public key cryptography), but could see no way to implement it.<ref>{{cite web| last=Ellis| first=James H.| title=The Possibility of Secure Non-secret Digital Encryption| date=January 1970|url=https://cryptocellar.org/cesg/possnse.pdf| publisher=CryptoCellar| access-date=18 January 2024}}</ref><ref>{{cite news |last=Sawer |first=Patrick |title=The unsung genius who secured Britain's computer defences and paved the way for safe online shopping |journal=The Telegraph |date=11 March 2016 |url=https://www.newindianexpress.com/world/2016/mar/12/the-anonymous-researcher-who-held-the-key-to-cyber-security-910751.html}}</ref>
In 1973, his colleague [[Clifford Cocks]] implemented what has become known as the [[RSA (cryptosystem)|RSA encryption algorithm]], giving a practical method of "non-secret encryption", and in 1974 another GCHQ mathematician and cryptographer, [[Malcolm J. Williamson]], developed what is now known as [[Diffie–Hellman key exchange]].
The scheme was also passed to the US's [[National Security Agency]].<ref name="zdnet"/> Both organisations had a military focus and only limited computing power was available in any case; the potential of public key cryptography remained unrealised by either organization:
<blockquote>
Line 309 ⟶ 310:
}}</ref> RSA uses [[modular exponentiation|exponentiation modulo]] a product of two very large [[prime]]s, to encrypt and decrypt, performing both public key encryption and public key digital signatures. Its security is connected to the extreme difficulty of [[integer factorization|factoring large integers]], a problem for which there is no known efficient general technique. A description of the algorithm was published in the [[List of Martin Gardner Mathematical Games columns|Mathematical Games]] column in the August 1977 issue of [[Scientific American]].<ref>{{cite journal |url=http://www.msri.org/people/members/sara/articles/rsa.pdf |journal=SIAM News |volume=36 |issue=5 |date=June 2003 |title=Still Guarding Secrets after Years of Attacks, RSA Earns Accolades for its Founders |first=Sara |last=Robinson }}</ref>
Since the 1970s, a large number and variety of encryption, digital signature, key agreement, and other techniques have been developed, including the [[Rabin
== Examples ==
| |||