Public-key cryptography: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 02:11, 3 July 2025 edit Taylor Riastradh Campbell (talk \| contribs) 384 edits Karger's thesis on limitations of end-to-end encryption is free to read. ← Previous edit		Latest revision as of 06:31, 27 August 2025 edit undo Citation bot (talk \| contribs) Bots 5,870,126 edits Removed URL that duplicated identifier. \| Use this bot. Report bugs. \| Suggested by Headbomb \| Linked from Wikipedia:WikiProject_Academic_Journals/Journals_cited_by_Wikipedia/Sandbox \| #UCB_webform_linked 165/967
(15 intermediate revisions by 11 users not shown)
Line 27: == Description == Before the mid-1970s, all cipher systems used [[symmetric key algorithm]]s, in which the same [[cryptographic key]] is used with the underlying algorithm by both the sender and the recipient, who must both keep it secret. Of necessity, the key in every such system had to be exchanged between the communicating parties in some secure way prior to any use of the system – for instance, via a [[secure channel]]. This requirement is never trivial and very rapidly becomes unmanageable as the number of participants increases, or when secure channels are not available, or when, (as is sensible cryptographic practice), keys are frequently changed. In particular, if messages are meant to be secure from other users, a separate key is required for each possible pair of users. By contrast, in a public-key cryptosystem, the public keys can be disseminated widely and openly, and only the corresponding private keys need be kept secret. Line 180: == Applications == The most obvious application of a public key encryption system is for encrypting communication to provide [[confidentiality]] – a message that a sender encrypts using the recipient's public key, which can be decrypted only by the recipient's paired private key. Most digital services such as financial services, email, and messaging applications utilized daily are secured using public key encryption. <ref>{{Cite web \|date=2025-06-05 \|title=Post-Quantum Cryptography: A New Security Paradigm for the Post-Quantum Era \|url=https://www.pentasecurity.com/blog/security-issue-post-quantum-cryptography/ \|access-date=2025-07-10 \|website=Penta Security Inc. \|language=en-US}}</ref> Another application in public key cryptography is the [[digital signature]]. Digital signature schemes can be used for sender [[authentication]]. Line 199: All public key schemes are in theory susceptible to a "[[brute-force attack\|brute-force key search attack]]".<ref>{{cite book\|last1=Paar\|first1=Christof\|first2=Jan\|last2=Pelzl\|first3=Bart\|last3=Preneel\|url=http://www.crypto-textbook.com\|title=Understanding Cryptography: A Textbook for Students and Practitioners\|publisher=Springer\|year=2010\|isbn=978-3-642-04100-6}}</ref> However, such an attack is impractical if the amount of computation needed to succeed – termed the "work factor" by [[Claude Shannon]] – is out of reach of all potential attackers. In many cases, the work factor can be increased by simply choosing a longer key. But other algorithms may inherently have much lower work factors, making resistance to a brute-force attack (e.g., from longer keys) irrelevant. Some special and specific algorithms have been developed to aid in attacking some public key encryption algorithms; both [[RSA (algorithm)\|RSA]] and [[ElGamal encryption]] have known attacks that are much faster than the brute-force approach.{{cn\|date=June 2024}} None of these are sufficiently improved to be actually practical, however. Major weaknesses have been found for several formerly promising asymmetric key algorithms. The [[Merkle–Hellman knapsack cryptosystem\|"knapsack packing" algorithm]] was found to be insecure after the development of a new attack.<ref>{{Cite book\|last1=Shamir\|first1=Adi\|title=23rd Annual Symposium on Foundations of Computer Science (SFCS 1982) \|chapter=A polynomial time algorithm for breaking the basic Merkle-Hellman cryptosystem \|date=November 1982 ~~\|chapter-url=https://ieeexplore.ieee.org/document/4568386~~ \|pages=145–152\|doi=10.1109/SFCS.1982.5}}</ref> As with all cryptographic functions, public-key implementations may be vulnerable to [[side-channel attack]]s that exploit information leakage to simplify the search for a secret key. These are often independent of the algorithm being used. Research is underway to both discover, and to protect against, new attacks. === Alteration of public keys === Line 310: }}</ref> RSA uses [[modular exponentiation\|exponentiation modulo]] a product of two very large [[prime]]s, to encrypt and decrypt, performing both public key encryption and public key digital signatures. Its security is connected to the extreme difficulty of [[integer factorization\|factoring large integers]], a problem for which there is no known efficient general technique. A description of the algorithm was published in the [[List of Martin Gardner Mathematical Games columns\|Mathematical Games]] column in the August 1977 issue of [[Scientific American]].<ref>{{cite journal \|url=http://www.msri.org/people/members/sara/articles/rsa.pdf \|journal=SIAM News \|volume=36 \|issue=5 \|date=June 2003 \|title=Still Guarding Secrets after Years of Attacks, RSA Earns Accolades for its Founders \|first=Sara \|last=Robinson }}</ref> Since the 1970s, a large number and variety of encryption, digital signature, key agreement, and other techniques have been developed, including the [[Rabin ~~cryptosystem~~signature]], [[ElGamal encryption]], [[Digital Signature Algorithm\|DSA]] and [[Elliptic-curve cryptography\|ECC]]. == Examples ==