( Slide 19)

Now, I will talk about asymmetric encryption.

(Slide 20)
So what is asymmetric encryption?
(Slide 21)
Asymmetric encryption uses two different key
If, however, key A is used to encrypt the message, only key B can decrypt it, and if key B is used to
encrypt a message, only key A can decrypt it.
(Slide 22)
Asymmetric encryption can be used to provide elegant solutions to problems of secrecy and
verification. This technique has its highest value when one key is used as a private key, which
means that it is kept secret (much like the key in symmetric encryption), known only to the owner of
the key pair, and the other key serves as a public key, which means that it is stored in a public
location where anyone can use it.
(Slide 23)
This is why the more common name for asymmetric encryption is public-key encryption.
(Slide 24)
Consider the following example
Alex at XYZ Corporation wants to send an encrypted message to Rachel at ABC Corporation. This
is the steps on how to Alex send a message to Rachel.
Step 1, Alex goes to a public key registry and obtains Rachel’s public key.
Step 2, encrypt the message by Rachel’s public key
Step 3, transmitted ciphertext
Step 4, decrypt the message by Rachel’s private key
Step 5, finally the message will be received by Rachel
Remember that the foundation of asymmetric encryption is that the same key cannot be used to both
encrypt and decrypt the same message. So when Rachel’s public key is used to encrypt the message,
only Rachel’s private key can be used to decrypt the message, and that private key is held by Rachel
alone.
(Slide 25)
Similarly, if Rachel wants to respond to Alex’s message,
Step 1, she goes to the registry where Alex’s public key is held and obtains it
Step 2, uses it to encrypt her message
Step 3, transmitted ciphertext
Step 4, decrypt the message which of course can only be read by
Alex’s private key
Step 5, finally the message will be received by Alex
(Slide 26)
To make it easier to understand, everyone looks at the slide
A send a message to B, the message is encrypted by B’s public key and is decrypted by B’s private
key
Similarly, B send a message to A, the message is encrypted by A’s public key and is decrypted by
A’s private key
(Slide 28) so
This approach, which keeps private keys secret and encourages
the sharing of public keys in reliable directories, is an elegant solution to the key
management problems of symmetric key applications.
(Slide 29)
Asymmetric algorithms are one-way functions.
A one-way function is simple to compute in one direction, but complex to compute in the opposite
direction
This is the foundation of public-key encryption.
Public-key encryption is based on a hash value, which, as you learned earlier in this chapter, is
calculated from an input number using a hashing algorithm.
This hash value is essentially a summary of the original input values.
It is virtually impossible to derive the original values without knowing how those values were used
to create the hash value.
(Slide 30)
For example, if you multiply 45 by 235 you get 10,575. This is simple enough. But if you are simply
given the number 10,575, can you determine which two numbers were multiplied to determine this
number?
Now assume that each multiplier is 200 digits long and prime. The resulting multiplicative product
would be up to 400 digits long.
Imagine the time you’d need to factor that out.
(Slide 31)
There is a shortcut, however. In mathematics, it is known as a trapdoor (which is
different from the software trapdoor).
A mathematical trapdoor is a “secret mechanism that enables you to easily accomplish the reverse
function in a one-way function.”.
With a trapdoor, you can use a key to encrypt or decrypt the ciphertext,
but not both, thus requiring two keys.
The public key becomes the true key, and the private key is derived from the public key using the
trapdoor.
(Slide 33)
One of the most popular public key cryptosystems is RSA, whose name is derived
from Rivest-Shamir-Adleman, the algorithm’s developers.
(Slide 34)
The RSA algorithm was the first public key encryption algorithm developed (in 1977) and
published for commercial use.
It is very popular and has been embedded in both Microsoft and Netscape Web browsers to enable
them to provide security for e-commerce applications.
The patented RSA algorithm has in fact become the de facto standard for public-use encryption
applications. To learn how this algorithm works, see the Technical Details box entitled “RSA
Algorithm.”
(Slide 35)
The problem with asymmetric encryption, as shown earlier in the example in slide, is that holding a
single conversation between two parties requires four keys.
This is the private key of this organization and two public key
(Slide 36)
Moreover, if four organizations want to exchange communications, each party must manage its
private key and four public keys. In such scenarios, determining which public key is needed to
encrypt a particular message can become a rather confusing problem, and with more organizations
in the loop, the problem expands.
(Slide 37)
This is why asymmetric encryption is sometimes regarded by experts as inefficient. Compared to
symmetric encryption, asymmetric encryption is also not as efficient in terms of CPU computations.
(Slide 38)
Consequently, hybrid systems, such as those described in the section of this chapter titled “Public-
Key Infrastructure (PKI),” are more commonly used than pure asymmetric systems.
(Slide 39)
This is a table summarizing the knowledge of the three algorithms in my presentation you can learn
more
(Slide 40)
That all ! Thanks for listening!