LECTURE # 5

ASYMMETRIC CRYPTOGRAPHY
 Introduction to Asymmetric Cryptography

 Definition: Asymmetric cryptography, also known as public-key cryptography, uses

two separate keys — a public key and a private key — to encrypt and decrypt data.
 Comparison with Symmetric Cryptography:
 Symmetric cryptography uses a single key for encryption and decryption.
 Asymmetric cryptography eliminates the problem of secure key distribution
because the public key can be shared openly.
 Real-world examples: It is commonly used in SSL/TLS for secure communication
over the internet, like browsing websites securely (e.g., HTTPS).

01 | Sikandar Abbasi
 How Asymmetric Cryptography Works

 Public key: Used to encrypt the message. It is available to everyone.

 Private key: Used to decrypt the message. It is kept secret and known only to the
recipient.
 One-way function: The process is computationally difficult to reverse (e.g., factoring
large prime numbers in RSA).
 Illustration:
 A sender uses the recipient’s public key to encrypt a message.
 The recipient uses their private key to decrypt the message.
 Use a simple diagram to show the flow of public-key encryption and decryption.

01 | Sikandar Abbasi
 Public-Key Cryptography

Definition: (also known as asymmetric cryptography) is a method of encryption

where two different keys are used: one public key for encryption and one private key for
decryption.
 It differs from symmetric cryptography, where the same key is used for both
encryption and decryption.
How it Works:
•In public-key cryptography, each user has a pair of keys:
 Public key: This key is openly distributed and can be known to anyone. It is used
for encrypting messages.
 Private key: This key is kept secret and is used to decrypt messages encrypted
with the corresponding public key.

01 | Sikandar Abbasi
 Public-Key Cryptography

Process of Encryption & Decryption:

 Encryption: When someone wants to send a confidential message to a
recipient, they use the recipient’s public key to encrypt the message.
 Decryption: The recipient uses their corresponding private key to decrypt the
message.
 Only the intended recipient, who possesses the private key, can decrypt the
message, even though the public key is accessible to anyone.
Example:
Suppose Alice wants to send a secure message to Bob.
• Alice obtains Bob’s public key and uses it to encrypt her message.
• Bob then uses his private key to decrypt the message.

01 | Sikandar Abbasi
 Public-Key Cryptography

Security Concept
 The security of public-key cryptography comes from the fact that, while it is easy to
encrypt a message using the public key, it is extremely difficult to decrypt it without
the private key.
 The mathematical problems that underpin public-key cryptography are
computationally "hard" — for example, factoring large prime numbers (RSA) or
solving elliptic curve equations (ECC).

01 | Sikandar Abbasi
 Public-Key Cryptography

Advantages of Public-Key Cryptography:

 No Need for Key Distribution: The public key can be freely shared without risking
the security of the message, solving the key distribution problem present in
symmetric cryptography.
 Confidentiality and Authentication: Public-key cryptography not only provides
confidentiality (through encryption) but also enables authentication and non-
repudiation (via digital signatures, which verify the sender's identity).
Disadvantages:
 Computationally Intensive: Public-key cryptography requires more computational
power than symmetric cryptography, making it slower.
 Key Size: To achieve a high level of security, public keys need to be much larger
(e.g., 2048-bit keys in RSA), which can increase processing time.

01 | Sikandar Abbasi
 Public-Key Cryptography

Use Cases:
 Digital Signatures: Public-key cryptography is used to verify the authenticity and
integrity of digital messages and documents. The sender uses their private key to
"sign" a message, and anyone can verify the signature using the sender’s public key.
 SSL/TLS: Public-key cryptography underpins SSL/TLS protocols, which secure
communication over the internet (e.g., HTTPS).
 Email Encryption: Protocols like PGP (Pretty Good Privacy) use public-key
cryptography to encrypt email messages.

01 | Sikandar Abbasi
 Public-Key Cryptography

SSL/TLS and Public-Key Cryptography:

 Context: Every time you visit a secure website (https://), public-key cryptography
ensures that the communication between your browser and the website’s server is
encrypted.
 How It Works:
• When you connect to a secure website, the server provides its public key through
an SSL certificate.
• Your browser uses the server’s public key to encrypt a session key (used for
symmetric encryption).
• The server decrypts the session key with its private key, and from that point on,
both your browser and the server use symmetric encryption for faster
communication.
• Public-key cryptography ensures that only the server can decrypt the session key
and establish a secure connection.
01 | Sikandar Abbasi
 Public-Key Cryptography Algorithms

RSA (Rivest-Shamir-Adleman)
Overview: RSA is one of the first public-key cryptosystems and remains widely used
today. It is based on the mathematical difficulty of factoring large composite numbers
(multiplying two large prime numbers).
How RSA Works:
 Key generation:
 Choose two large prime numbers, p and q.
 Compute n=p×q, which is used as the modulus for both keys.
 Compute ϕ(n)=(p−1)×(q−1).
 Choose a public key exponent e (often 65537).
 Compute the private key exponent d, such that e×d≡1 mod ϕ(n).

01 | Sikandar Abbasi
 RSA (Rivest-Shamir-Adleman)

Encryption:
The sender uses the public key (n, e) to encrypt the message m as: c= mod ϕ(n) ,
where c is the ciphertext.

Decryption:
The recipient uses their private key d to decrypt the ciphertext: m= mod ϕ(n), retrieving
the original message.

01 | Sikandar Abbasi
 RSA (Rivest-Shamir-Adleman)

Step 1: Key Generation

1.Select two prime numbers (p and q):
Let’s choose small primes for simplicity.
 p= 7
 q= 11
2.Compute n = p × q:
 n= 7×11= 77
3.Compute the totient (ϕ(n)):
The totient function is given by ϕ(n) = (p−1)×(q−1).
 ϕ(77)= (7−1)×(11−1) = 6×10 = 60

01 | Sikandar Abbasi
 RSA (Rivest-Shamir-Adleman)

𝑒 should be a number that is coprime with 𝜙( 𝑛) (i.e., it has no common factors with 60
4. Choose a public exponent (e):

Let's choose 𝑒=7, as 7 is coprime with 60.

except 1).

𝑑 is the modular inverse of 𝑒, meaning (𝑑×𝑒)mod 𝜙( 𝑛)=1

5. Calculate the private key (d):

that 𝑑=43.
Using trial and error or a method such as the Extended Euclidean Algorithm, we find

Now, the public and private keys are:

 Public Key: (e, ϕ(n)) = (7,60)
 Private Key: (d, ϕ(n)) = (43,60)

01 | Sikandar Abbasi
 RSA (Rivest-Shamir-Adleman)

Step 2: Encryption
1. Message (M):
Suppose we want to encrypt the message M=10.
2. Encryption Formula:
To encrypt, we use the formula C = mod ϕ(n), where:
 M is the message (in numerical form).
 e and n are from the public key.
3. Encryption Calculation:
C = mod 60
 =10000000
 10000000 mod 60=17
4. So, the ciphertext (C) is C=40.
01 | Sikandar Abbasi
 RSA (Rivest-Shamir-Adleman)

Step 3: Decryption
1. Decryption Formula:
To decrypt, use the formula M= mod ϕ(n), where:
 C is the ciphertext.
 d and n are from the private key.
2. Decryption Calculation:
M= mod 60
3. This is a large number, but using modular arithmetic or a calculator, we find:
mod 60=10
4. So, the decrypted message is M=10, which matches the original message.

01 | Sikandar Abbasi
 RSA (Rivest-Shamir-Adleman)

Advantages:
 Well-established and widely used in digital signatures, secure emails, and SSL
certificates.
Disadvantages:
 Speed: RSA is slower compared to symmetric algorithms.
 Key size: RSA requires large key sizes (2048 bits or more) to be secure, which
increases computational overhead.

01 | Sikandar Abbasi
 ECC (Elliptic Curve Cryptography)

Overview:
 ECC is a more modern form of public-key cryptography that provides equivalent
security to RSA but with smaller key sizes, making it faster and more efficient.
How ECC Works:
 Based on the mathematics of elliptic curves over finite fields.
 ECC uses points on a curve to generate keys. The security is based on the
difficulty of the Elliptic Curve Discrete Logarithm Problem (ECDLP).
Example of Curve:
 The curve equation is typically of the form: , where a and b define the curve.

01 | Sikandar Abbasi
 ECC (Elliptic Curve Cryptography)

Key Generation:
• Choose a random number as the private key.
• Compute the corresponding point on the curve as the public key.
Advantages of ECC:
• Smaller keys: ECC requires much smaller keys compared to RSA for the same
level of security (e.g., a 256-bit ECC key provides security comparable to a 3072-
bit RSA key).
• Faster: Due to its smaller key sizes, ECC performs better on devices with limited
resources, such as smartphones and IoT devices.
Applications:
• Bitcoin and other cryptocurrencies use ECC for creating digital signatures and
securing transactions.

01 | Sikandar Abbasi
 Key Exchange Protocols

Diffie-Hellman Key Exchange

Overview: The Diffie-Hellman key exchange allows two parties to securely exchange
cryptographic keys over a public channel. It laid the foundation for modern public-key
cryptography.
How it Works:
• Both parties agree on a large prime number p and a base g (which are public).
• Party A chooses a private key a and computes A= mod p, sending A to Party B.
• Party B chooses a private key b and computes B= mod p, sending B to Party A.
• Both parties compute the shared secret: s= mod p= mod p.
• This shared secret can now be used as a key for symmetric encryption.

01 | Sikandar Abbasi
 Diffie-Hellman Key Exchange

Vulnerability:
• Man-in-the-middle (MitM) attack: Without authentication, an attacker could
intercept the key exchange and pose as one of the parties.
Applications:
• Commonly used in protocols such as TLS (Transport Layer Security) and VPNs
(Virtual Private Networks) for establishing secure communications.

01 | Sikandar Abbasi
 Public Key Infrastructure (PKI)

Overview:
• Public key infrastructure (PKI) is a system that manages the creation, distribution,
and revocation of public keys.
• It includes Certification Authorities (CAs), which issue digital certificates that
verify the identity of the key holders.
Components:
• Digital Certificates: Bind public keys to individuals or organizations, verified by
trusted authorities (CAs).
• Certificate Revocation Lists (CRLs): Track certificates that have been revoked.
Applications:
• Used in securing websites (HTTPS), email encryption, and digital signatures.

01 | Sikandar Abbasi
THANK YOU