Asymmetric Encryption

What is Asymmetric Encryption?

• Asymmetric encryption is a cryptographic technique that uses two
keys, a public key and a private key, to encrypt and decrypt data.
• The public key can be made available to anyone, but the private key
must be kept secret.
• This allows anyone to encrypt data using the public key, but only the
person with the private key can decrypt it.
How Does Asymmetric Encryption Work?
• Asymmetric encryption works by using a mathematical function that
is easy to perform in one direction but very difficult to perform in the
other direction.
• For example, it might be easy to multiply two large numbers together,
but very difficult to factor the product back into its original two
numbers.
• In asymmetric encryption, the public key is used to encrypt data, and
the private key is used to decrypt it.
• This is possible because the mathematical function used to encrypt
the data is easy to perform in one direction, but very difficult to
perform in the other direction.
What are the Benefits of Asymmetric Encryption?
• Asymmetric encryption has several benefits over other types of
encryption, including:
• Security: Asymmetric encryption is very secure, because only the person with
the private key can decrypt data that has been encrypted with the public key.
• Speed: Asymmetric encryption is relatively fast, because it does not require as
much computation as other types of encryption.
• Flexibility: Asymmetric encryption can be used for a variety of applications,
including email, file encryption, and secure websites.
What are the Drawbacks of Asymmetric Encryption?
• What are the Drawbacks of Asymmetric Encryption?
• Asymmetric encryption also has some drawbacks, including:
• Complexity: Asymmetric encryption is more complex than other types of
encryption, and it can be difficult to implement correctly.
• Cost: Asymmetric encryption can be more expensive than other types of
encryption, because it requires more powerful hardware.
When Should Asymmetric Encryption Be Used?
• Asymmetric encryption should be used when security is a high
priority, and when speed is not a major concern.
• Asymmetric encryption is often used for applications such as:
• Email
• File encryption
• Secure websites
• Digital signature: used to confirm the identity signature.
• Blockchain: confirm the identity for authorization transaction for
cryptocurrency
• Public key infrastructure: authorize encryption keys through the issuance of
digital certificates
 Types of Algorithms
• These are many types of Asymmetric algorithm
• RSA Asymmetric Encryption Algorithm
• Elliptic Curve Cryptography (ECC) Asymmetric Encryption Algorithm
• Diffie-Hellman
• Digital Signature Algorithm (DSA)
• ElGamal
• RSA-OAEP (Optimal Asymmetric Encryption Padding)
RSA(Rivest, Shamir, and Adleman)
• RSA is a public-key cryptosystem, which means that it uses two keys: a
public key and a private key.
• The public key can be shared with anyone, but the private key must
be kept secret.
• RSA is based on the difficulty of factoring large numbers.
• RSA is used in many different applications, including email, file
encryption, and secure websites.
How RSA works

• The sender generates a pair of keys: a public key and a private key.
The public key is made available to anyone who wants it, but the
private key is kept secret by the sender.
• The sender encrypts the message using the recipient's public key. This
can be done by anyone who knows the recipient's public key, but only
the recipient can decrypt it using their private key.
• The sender sends the encrypted message to the recipient.
• The recipient uses their private key to decrypt the message. Only the
recipient can do this, because only they have the private key.
RSA
• RSA is a very secure encryption algorithm, but it is also relatively slow.
This is because RSA uses a lot of computation to encrypt and decrypt
data.
• RSA is often used in conjunction with other encryption algorithms to
provide a secure communication channel. For example,
• RSA can be used to encrypt the initial communication between two parties,
and then a symmetric encryption algorithm can be used to encrypt the
subsequent communication. This allows for a secure communication channel
that is both fast and secure
Advantages of RSA
• Security: RSA is considered to be very secure. This is because it is
based on the difficulty of factoring large numbers, which is a
computationally intensive problem.
• Versatility: RSA can be used for a variety of applications, including
data encryption, digital signatures, and key exchange.
• Standardization: RSA is widely standardized, which makes it easy to
implement and use.
Disadvantages of RSA
• RSA also has some disadvantages, which include:
• Key size: RSA keys are typically much larger than keys used for
symmetric cryptography. This can make RSA slower than symmetric
cryptography.
• Complexity: RSA is more complex to implement than symmetric
cryptography.
Applications of RSA
• RSA is used in a variety of applications, including:
• Data encryption: RSA is used to encrypt data that needs to be protected from
unauthorized access.
• Digital signatures: RSA is used to create digital signatures, which can be used
to verify the authenticity of documents and messages.
• Key exchange: RSA can be used to exchange keys securely over an insecure
channel.
RSA Encryption Implementation Example
RSA Encryption Implementation Example
RSA Decryption Implementation Example
RSA Decryption Implementation Example
What is ECC? (Elliptic Curve Cryptography)
• ECC is a type of public-key cryptography that uses elliptic curves to
perform cryptographic operations.
• ECC is based on the difficulty of solving the elliptic curve discrete
logarithm problem.
How does ECC work?
• ECC works by using an elliptic curve to represent points. These points
can be added and multiplied together, and the results can be used to
encrypt and decrypt data.
• The public key is used to encrypt data, and the private key is used to
decrypt data. The public key can be shared with anyone, but the
private key must be kept secret.
Advantages of ECC
• Efficiency: ECC is much more efficient than traditional public-key
cryptography, such as RSA. This is because ECC uses smaller keys,
which means that less computation is required to encrypt and
decrypt data.
• Security: ECC is also much more secure than traditional public-key
cryptography, such as RSA. This is because the elliptic curve discrete
logarithm problem is much more difficult to solve than the RSA
problem.
• Versatility: ECC can be used in a variety of applications, including e-
commerce, online banking, and digital signatures.
Disadvantages of ECC

• Complexity: ECC is more complex than traditional public-key

cryptography, such as RSA. This means that it can be more difficult to
implement and use.
• Key management: ECC requires the use of two keys, a public key and
a private key. This can make key management more complex.
• Standardization: ECC is not as widely standardized as traditional
public-key cryptography, such as RSA. This can make it more difficult
to implement and use.
Applications of ECC
• E-commerce: ECC is used to secure online transactions.
• Online banking: ECC is used to secure online banking transactions.
• Digital signatures: ECC is used to create digital signatures, which can
be used to verify the authenticity of documents and messages.
• Wireless communications: ECC is used to secure wireless
communications, such as Wi-Fi and Bluetooth.
• IoT: ECC is used to secure the Internet of Things (IoT), which is a
network of connected devices.
ECC Implementation Example
ECC Implementation Example
Diffie-Hellman
• he Diffie-Hellman key exchange algorithm is a method of securely
exchanging cryptographic keys over a public channel.
• Keys are not actually exchanged – they are jointly derived. It is
named after their inventors Whitfield Diffie and Martin Hellman.
• Diffie-Hellman (DH) is a key exchange protocol that enables two
parties to establish a shared secret key over an insecure
communication channel.
• It is an asymmetric encryption algorithm that is based on the discrete
logarithm problem
How Diffie-Hellman Work
• Alice and Bob agree on a large prime number p and a generator g.
• Alice chooses a random private key a and computes her public key A =
g^a mod p.
• Bob chooses a random private key b and computes his public key B =
g^b mod p.
• Alice sends her public key A to Bob.
• Bob sends his public key B to Alice.
• Alice computes the shared secret S = A^b mod p.
• Bob computes the shared secret S = B^a mod p.
• The shared secret S can then be used to encrypt and decrypt
messages between Alice and Bob.
Diffie-Hellman algorithm advantages
• The Diffie-Hellman key exchange algorithm has several advantages
over other methods of key exchange.
• It is a secure method of exchanging cryptographic keys over a public channel.
• It is relatively easy to implement.
• It is efficient, requiring only a few modular exponentiations.
• It is scalable, allowing for the secure exchange of keys between a large
number of parties.
Diffie-Hellman limitations
• Here are some of the specific limitations of Diffie-Hellman:
• No authentication: Diffie-Hellman does not provide any authentication. This
means that an attacker could eavesdrop on the key exchange and then
impersonate one of the parties.
• Not suitable for digital signatures: Diffie-Hellman is not suitable for digital
signatures. This is because the shared secret is derived from the public keys of
the two parties, and it is computationally infeasible to verify the signature of
a message using only the public keys.
• Vulnerable to man-in-the-middle attacks: Diffie-Hellman is vulnerable to man-
in-the-middle attacks if the attacker is able to intercept the public keys of the
two parties.
Diffie-Hellman Applucation
• The Diffie-Hellman key exchange algorithm is a secure method of
exchanging cryptographic keys over a public channel. It is used in a
variety of applications, including:
• Secure Shell (SSH)
• Virtual Private Networks (VPNs)
• Secure Sockets Layer (SSL)
• Transport Layer Security (TLS)
Diffie-Hellman Implementation Example
Diffie-Hellman Implementation Example
Digital Signature Algorithm (DSA)
• DSA is a public-key signature algorithm, developed by the National
Institute of Standards and Technology (NIST) as a U.S. federal
standard (FIPS 186-4).
• DSA is based on the Discrete Logarithm Problem in a finite field.
• DSA is a secure and efficient algorithm that is widely used for digital
signatures.
• It is used in a variety of applications, including electronic commerce,
email security, and software distribution.
Digital Signature Algorithm (DSA)
• A digital signature is a mathematical scheme for demonstrating the
authenticity of a digital message or document.
• A valid digital signature gives a recipient reason to believe that the
message was created by a known sender, and that it was not altered
in transit.
How does DSA work?
• DSA signatures are created using a private key and verified using a
public key.
• The private key is kept secret by the signer, while the public key is
made public.
• To create a signature, the signer uses their private key to generate a
random number, called a nonce.
• The nonce is then encrypted using the signer's public key.
• The encrypted nonce, along with the message, is then signed.
How to verify a signature
• To verify a signature, the verifier uses the signer's public key to
decrypt the encrypted nonce.
• The decrypted nonce is then compared to the nonce that was
generated by the signer.
• If the nonces match, then the signature is valid.
Security of DSA
• DSA is a secure algorithm because it is based on the Discrete
Logarithm Problem.
• The Discrete Logarithm Problem is a difficult problem to solve, and it
is believed that it is not possible to solve it efficiently using current
technology.
Efficiency of DSA
• DSA is also an efficient algorithm.
• It is relatively fast to create and verify signatures, and it does not
require a large amount of computation.
DSA Applications

• DSA is a secure and efficient algorithm that is widely used for digital
signatures.
• It is used in a variety of applications, including
• electronic commerce,
• email security,
• Software distribution.
DSA Advantage
• DSA has a number of advantages over other digital signature
algorithms, including:
• Security: DSA is a secure algorithm because it is based on the Discrete
Logarithm Problem, which is a difficult problem to solve.
• Efficiency: DSA is an efficient algorithm, which means that it is relatively fast
to create and verify signatures.
• Scalability: DSA can be scaled to support large messages and documents.
• Flexibility: DSA can be used in a variety of applications, including electronic
commerce, email security, and software distribution.
DSA Limitation
• DSA has a number of limitations, including:
• Computational complexity: DSA is a computationally complex algorithm,
which means that it requires a significant amount of computation to create
and verify signatures. This can make DSA a less attractive choice for
applications where speed is important.
• Key size: DSA uses a key size of 1024 bits or 2048 bits. This means that DSA
keys are larger than keys used by some other digital signature algorithms.
Larger keys can make DSA less efficient and more difficult to manage.
DSA Implementation Example
DSA Implementation Example
ElGamal
• ElGamal is an asymmetric encryption algorithm that was proposed by
Taher ElGamal in 1985.
• It is based on the discrete logarithm problem and is similar to the
Diffie-Hellman key exchange algorithm.
• ElGamal encryption is an asymmetric encryption algorithm that is
based on the Diffie-Hellman key exchange algorithm.
How ElGamal Work
• Alice and Bob agree on a large prime number p and a generator g.
• Alice chooses a random private key a and computes her public key A =
g^a mod p.
• Bob chooses a random private key b and computes his public key B =
g^b mod p.
• Alice sends her public key A to Bob.
• Bob sends his public key B to Alice.
• Alice chooses a random message M.
How ElGamal Work
• Alice computes the ciphertext C1 = g^k mod p and C2 = M^k mod p,
where k = (B^a) mod p.
• Alice sends the ciphertext (C1, C2) to Bob.
• Bob computes the plaintext M = C2^b mod p.

• The ciphertext (C1, C2) cannot be decrypted by anyone without the

private key. This is because the value of k is derived from the private
key of the sender, and it is computationally infeasible to derive k from
the public key alone.
 Advantage ElGamal Work
• Security: ElGamal encryption is a secure method of encrypting messages.
This is because the ciphertext cannot be decrypted by anyone without
the private key.
• Ease of implementation: ElGamal encryption is relatively easy to
implement. This is because it is based on simple mathematical
operations, such as modular exponentiation.
• Efficiency: ElGamal encryption is efficient, requiring only a few modular
exponentiations. This makes it a good choice for applications where
performance is important, such as in real-time communication.
• Scalability: ElGamal encryption is scalable, allowing for the secure
encryption of messages between a large number of parties. This makes it
a good choice for applications such as VPNs and VoIP.
limitations of ElGamal encryption
• Slow processing: ElGamal is slower compared to other encryption
algorithms, especially when used with long keys.
• Key size: ElGamal requires larger key sizes to achieve the same level of
security as other algorithms.
• Not suitable for digital signatures: ElGamal is not suitable for digital
signatures. This is because the shared secret is derived from the
public keys of the two parties, and it is computationally infeasible to
verify the signature of a message using only the public keys.
ElGamal Application
• ElGamal encryption is a secure and widely used method of encrypting
messages. It is used in a variety of applications, including:
• Secure Shell (SSH)
• Virtual Private Networks (VPNs)
• Secure Sockets Layer (SSL)
• Transport Layer Security (TLS)
ElGamal implement Example
ElGamal implement Example
ElGamal implement Example
ElGamal implement Example
What is RSA-OAEP?
• RSA-OAEP is a padding scheme that is often used together with RSA
encryption. It was introduced by Mihir Bellare and Phillip Rogaway,
and subsequently standardized in PKCS#1 v2 and RFC 2437
How does RSA-OAEP work?
• These are the steps involved in RSA-OAEP encryption:
• Generate a random salt and a random padding string.
• alt is a random string of bits that is added to a password before it is hashed. The salt is
used to prevent rainbow table attacks, which are a type of pre-computed attack that can
be used to crack passwords.
• Hash the plaintext using a secure hash function, such as SHA-256.
• SHA-256 is a cryptographic hash function that takes an input of any length and produces
an output of 256 bits.
• Use the salt to encrypt the padding string.
• Prepend the encrypted padding string to the plaintext.
• Encrypt the entire message using RSA.
How does RSA-OAEP work?
• These steps involved in RSA-OAEP decryption are as follows:
• Decrypt the ciphertext using RSA.
• Decrypt the encrypted padding string using the salt.
• Use the decrypted padding string to decrypt the hash value.
• Verify the hash value against the hash of the plaintext.
• If the hash values match, then the plaintext is successfully decrypted.
Why is RSA-OAEP secure?
• RSA-OAEP is considered to be a secure padding scheme because it
uses a number of security features, including:
• Random padding string: The random padding string adds an element of
randomness to the encryption process, which makes it more difficult for an
attacker to recover the plaintext.
• Hash function: The hash function is used to verify the integrity of the
plaintext. If the hash value does not match, then the plaintext is discarded.
• Mask generation function: The mask generation function is used to generate a
random mask that is used to protect the plaintext from being recovered by an
attacker.
What are the advantages of RSA-OAEP?
• RSA-OAEP is a secure padding scheme that offers a number of
advantages, including:
• Widely used: RSA-OAEP is widely used and supported by a variety of
applications.
• Efficient: RSA-OAEP is relatively efficient, making it a good choice for a variety
of applications.
• Secure: RSA-OAEP is considered to be a secure padding scheme.
What are the disadvantages of RSA-OAEP?
• RSA-OAEP is a secure padding scheme, but it does have a few
disadvantages, including:
• Probabilistic: RSA-OAEP is a probabilistic padding scheme, which means that it
adds an element of randomness to the encryption process. This can make it
more difficult to debug and troubleshoot problems.
• Computationally expensive: RSA-OAEP can be computationally expensive for
large messages.
RSA-OAEP Application
• RSA-OAEP is a secure and widely used padding scheme that is well-
suited for a variety of applications, including:
• Email encryption: RSA-OAEP can be used to encrypt email messages,
providing confidentiality and integrity protection.
• Digital signatures: RSA-OAEP can be used to create digital signatures,
providing authentication and non-repudiation.
• Secure file transfer: RSA-OAEP can be used to encrypt files for secure transfer
over a network.
• Secure messaging: RSA-OAEP can be used to encrypt messages for secure
communication between two parties.
• Secure storage: RSA-OAEP can be used to encrypt data for secure storage on a
server or other device.
RSA-OAEP Implementation Example
RSA-OAEP Implementation Example
Analysis of Asymmetric encryption Algorithm
Algorithm Key Length Security Strength Key Exchange Signature Performance Usage Application
Secure
RSA 2048-4096 112-256 bits Yes Yes Medium communication,
digital signing
Mobile devices,
ECC 256-521 128-256 bits Yes Yes High IoT, constrained
systems

Key exchange in
Diffie-Hellman 2048-4096 bits 112-256 bits Yes No Medium secure
communication

Digital signatures,
DSA 2048-3072 112-256 bits No Yes Medium
non-repudiation

Encryption, key
ElGamal 2048-4096 112-256 bits Yes Yes Medium
exchange

Encryption, hybrid
RSA-OAEP 2048-4096 112-256 bits Yes No Medium
encryption