UNIT-III

(PART-2)
ENCRYPTION- ASYMMETRIC TECHNIQUES AND DATA
TECHNIQUE

By
Gundala Venkata Rama Lakshmi
Register No: PA2113003013039
Email ID: gr1981@srmist..edu.in
RESEARCH SCHOLAR
PT-EXT
Department of CSE
SRMIST, KTR.
Combination of Asymmetric and Symmetric
Cryptography
 Public Key Cryptography solves the key distribution problem.

 However, in general, public-key cryptographic functions

operate in very large algebraic structures which mean
expensive algebraic functions.

 Comparatively symmetric cryptographic functions are in

general much more efficient.

Considering the AES for example, it works in a field of 256

elements
 In general, public-key cryptosystems are comparatively
much more computationally intensive than their
symmetric-key counterparts.

 A widely used combination of public-key and

symmetric-key cryptosystems in cryptographic protocols
is a so-called digital envelope technique.

 Combination of RSA+ DES or RSA + 3 DES is the

basic mode for the secure socket layer (SSL) Protocol.
 Key Channel Establishment for Public Key
Cryptosystems
 Man-in-the-Middle attack on the Diffie-Hellman key
exchange protocol is general in public-key
cryptosystems.

 In general, to send a confidential message to a recipient

by encrypting under her/his public key, the sender must
first make sure that that the key to be used really
belongs to the intended recipient.
 Likewise, upon receipt a "digital envelope," the
recipient must make sure that the "envelope" is really
from the claimed source before engaging in a
confidential communications using the symmetric key
retrieved from the "envelope“.
 However, in public key cryptography we have
ke =kd and therefore transporting an encryption key ke
to the message sender need not involve handling of any
secret.
 Therefore, the task for establishing a secure key channel
is purely an authentication problem, namely, the key
channel involves no handling of any secret and should
only preserve the authenticity of the encryption key.
 Data Integrity Techniques
 Data integrity is the security service against
unauthorized modification of messages.

 Data integrity in modern cryptography is closely related

to and evolves from a classical subject in
communications: error-detection code.

 It is a procedure for detecting errors which can be

introduced into messages due to fault in communications
 It is considered that using information which has been
modified in a malicious way is at the same risk as using
information which contains defects due to errors
introduced in communications or data processing.

 Transmitter of message creates a “checking value” by

encoding some redundancy into the message to be
transmitted and appends the checking value to the
message.

 Receiver of the message then verifies the correctness of

the message received using the appended checking value
according to the set of rules which agreed with the
transmitter
 Data Integrity Protection:
 Let Data be arbitrary information.
 Let Ke denote an encoding key and Kv denote a
verification key which matches the encoding key.
 Data integrity protection on Data comprises the
following cryptographic transformations:

 Here f and g are efficient

cryptographic transformations
 MDC stands for
Manipulation Detection Code
 Data Integrity Systems

 Data Integrity protection also have symmetric

techniques and asymmetric techniques.
 Symmetric Techniques
 In symmetric techniques for achieving data integrity, the
cryptographic transformations f and g are a symmetric
cryptographic algorithm which means f = g and Ke = Kv,
that is, the creation and the verification of the
consistency between Data and MDC use the identical
cryptographic operation.

 MDC created by a symmetric cryptographic technique is

often called a message authentication code (MAC for
short).
 A MAC can be created and verified using a
keyed hash function technique, or using a block
cipher encryption algorithm.

Cryptographic Hash Functions:

A common method for realizing a MAC is to use

a so-called keyed hash function technique. We
first introduce cryptographic hash functions.
 A hash function is a deterministic function
which maps a bit string of an arbitrary length to
a hashed value which is a bit string of a fixed
length.
 Let h denote a hash function whose fixed
output length is denoted by |h|.
 It is desired that h should have the following
properties:
 Properties of Hash Function:
Hash Functions' Applications in
Cryptography:
Hash functions are widely used in
cryptography. We can list here several
important uses of hash functions.
1. In digital signatures, hash functions are
generally used for generating "message digests"
or "message fingerprints." This usage is to add
certain verifiable redundancy to a message to be
signed so that the hashed message contains
recognizable information.
2. In public-key cryptosystems with fit-for-application
security, hash functions are widely used for realizing a
ciphertext correctness verification mechanism. Such a
mechanism is necessary for an encryption scheme to
achieve a provable security against active attackers.
 MAC Based on a Keyed Hash Function
 Cryptographic hash functions naturally form a
cryptographic primitive for data integrity. For use in a
shared-key scenario, a hash function takes a key as part
of its input. The other part of the input is the message to
be authenticated. Thus, to authenticate a message M, a
transmitter computes

 where k is a secret key shared between the transmitter

and a receiver, and "||" denotes the bit string
concatenation.
 It is often a prudent practice that an HMAC is
computed in the following format
 Asymmetric Techniques
 In public-key cryptography, a principal can use her/his
private key to "encrypt" a message and the resultant
"ciphertext" can be "decrypted" back to the original
message using the principal's public key.

 Evidently, the "ciphertext" so created can play the role of

a manipulation detection code (MDC) accompanying the
"encrypted" message, that is, provide data integrity
protection for the message.

 Here, the public-key "decryption" process forms a step of

verification of the MDC
 Thus, this usage of public key cryptography can model
precisely the property of a signature, a digital signature,
for proving the authorship of a message.

 The ability to provide digital signature forms a great

advantage of public key cryptography over secret key
cryptography.

 A single entity is able to create a digital signature of a

message which can be verified by anybody, it is easy to
settle a dispute over who created the signature.
THANK YOU…!